Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Researchers find new ICS malware toolkit designed to cause electric power outages

SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups

SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups

Research shows a shift toward advanced persistent threat actors compromising smaller organization, in part to enable other attacks.

Credential harvesting tool Legion targets additional cloud services

Credential harvesting tool Legion targets additional cloud services

Threat actors now use Legion to steal AWS-specific credentials from web servers to enable email and SMS spam campaigns.

Legitimate looking npm packages found hosting TurkoRat infostealer

Legitimate looking npm packages found hosting TurkoRat infostealer

The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.

Critical remote code execution flaws patched in Cisco small business switches

Critical remote code execution flaws patched in Cisco small business switches

Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

Attackers have several ways to enable lateral movement within a network via a compromised Teams account.

New ransomware gang RA Group quickly expanding operations

New ransomware gang RA Group quickly expanding operations

The RA Group uses double extortion and has detailed information on its victims.

Israeli threat group uses fake company acquisitions in CEO fraud schemes

Israeli threat group uses fake company acquisitions in CEO fraud schemes

The group targets multinational firms using email display name spoofing and multiple fake personas.

Microsoft fixes bypass for critical Outlook zero-click flaw patch

Microsoft fixes bypass for critical Outlook zero-click flaw patch

Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.

New ransomware group CACTUS abuses remote management tools for persistence

New ransomware group CACTUS abuses remote management tools for persistence

The CACTUS cybercriminal group targets VPN appliances for initial access and to install a backdoor.

Azure API Management flaws highlight server-side request forgery risks in API development

Azure API Management flaws highlight server-side request forgery risks in API development

New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.

Attacks increasingly use malicious HTML email attachments

Attacks increasingly use malicious HTML email attachments

New research shows that up to a half of all HTML email attachments are malicious, and not just because of a few massive campaigns.

Load More