Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.


New exploits can bypass Secure Boot and modern UEFI security protections

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild.

Black Basta: New ransomware threat aiming for the big league

Black Basta: New ransomware threat aiming for the big league

The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.

37 hardware and firmware vulnerabilities: A guide to the threats

37 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. This list, though not comprehensive, presents the most significant threats.

Chinese APT group uses multiple backdoors in attacks on military and research organizations

Chinese APT group uses multiple backdoors in attacks on military and research organizations

The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.

CISA releases IOCs for attacks exploiting Log4Shell in VMware Horizon and UAG

CISA releases IOCs for attacks exploiting Log4Shell in VMware Horizon and UAG

The investigation by the federal agency shows not only the indicators of compromise but also the reasons why the Log4j vulnerability will persist indefinitely.

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years

The malware infects system firmware to avoid detection and has claimed victims in China, Iran, Vietnam and Russia.

GPS trackers used for vehicle fleet management can be hijacked by hackers

GPS trackers used for vehicle fleet management can be hijacked by hackers

At least one model of GPS tracking devices made by Chinese firm MiCODUS "lacks basic security protections needed to protect users from serious security issues."

Cyberespionage groups increasingly target journalists and media organizations

Cyberespionage groups increasingly target journalists and media organizations

State-affiliated APT groups seek sensitive information and try to learn story sources by targeting journalists' email and social media accounts.

New speculative execution attack Retbleed impacts Intel and AMD CPUs

New speculative execution attack Retbleed impacts Intel and AMD CPUs

Unlike other speculative execution attacks like Spectre, Retbleed exploits return instructions rather than indirect jumps or calls.

Office 365 phishing campaign that can bypass MFA targets 10,000 organizations

Office 365 phishing campaign that can bypass MFA targets 10,000 organizations

The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.

Attacker groups adopt new penetration testing tool Brute Ratel

Attacker groups adopt new penetration testing tool Brute Ratel

APT group's use of a legitimate pen-testing tool gives them stealth capabilities, allowing them to avoid detection by EDR and antivirus tools.

Load More