Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

With proofs of concept public, attackers are likely exploiting this vulnerability weeks after patches were released.

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters.

AWS access control confusion enables cross-account attacks

AWS access control confusion enables cross-account attacks

With flexibility comes confusion, misconfiguration, and exposure, researchers say.

SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign

SolarWinds attacker Nobelium targets over 150 companies in new mass email campaign

The Russian state-sponsored group has shifted to targeted email attacks that exploit third-party services.

Credential stuffing explained: How to prevent, detect, and defend against it

Credential stuffing explained: How to prevent, detect, and defend against it

Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts.

DDoS attacks: Stronger than ever and increasingly used for extortion

DDoS attacks: Stronger than ever and increasingly used for extortion

Low cost and ease of execution drive a resurgence in distributed denial of service attacks as criminals profit from extorting victims.

DarkSide ransomware explained: How it works and who is behind it

DarkSide ransomware explained: How it works and who is behind it

The Colonial Pipeline attack thrust the DarkSide ransomware into the spotlight. This is what's known about the threat actors and how they operate.

SASE is coming, but adoption will be slow (especially for large enterprises)

SASE is coming, but adoption will be slow (especially for large enterprises)

Smaller organizations eye SASE to provide secure access to applications. Lack of maturity, existing security and digital transformation investments give large enterprises pause on SASE.

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

FBI cleans web shells from hacked Exchange servers in rare active defense move

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.

How data poisoning attacks corrupt machine learning models

How data poisoning attacks corrupt machine learning models

Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.

Load More