Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Why code reuse is still a security nightmare

Why code reuse is still a security nightmare

Despite best efforts to track software dependencies, blind spots still exist leading to silent vulnerabilities in software.

US charges four suspected Chinese spies who coordinated APT40 hackers

US charges four suspected Chinese spies who coordinated APT40 hackers

The government outlines how APT40 conducted its Microsoft Exchange Server attack and offers advice to defend against nation-state threats.

REvil gang suddenly goes silent leaving victims unable to recover systems

REvil gang suddenly goes silent leaving victims unable to recover systems

All REvil websites went offline on Tuesday, leaving security experts and victims to speculate on the reason why.

Authentication bypass allows complete takeover of Modicon PLCs used across industries

Authentication bypass allows complete takeover of Modicon PLCs used across industries

The vulnerability could allow attackers to insert malicious code and easily avoid detection.

PrintNightmare vulnerability explained:  Exploits, patches, and workarounds

PrintNightmare vulnerability explained: Exploits, patches, and workarounds

Public exploits are available for a remote code execution vulnerability in the Windows Print Spooler that could allow attackers to take full control of systems. The vulnerability affects all editions of Windows and organizations are...

Supply-chain attack on Kaseya remote management software targets MSPs

Supply-chain attack on Kaseya remote management software targets MSPs

REvil ransomware pushers exploit zero-day flaw in Kaseya VSA to infect MSPs and their customers.

Flaws in Dell's over-the-air device recovery and update impacts millions of devices

Flaws in Dell's over-the-air device recovery and update impacts millions of devices

As many as 40 million Dell devices are vulnerable to targeted man-in-the-middle attacks. Dell advises BIOS/UEFI updates.

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

With proofs of concept public, attackers are likely exploiting this vulnerability weeks after patches were released.

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters.

AWS access control confusion enables cross-account attacks

AWS access control confusion enables cross-account attacks

With flexibility comes confusion, misconfiguration, and exposure, researchers say.

Load More