

Lucian Constantin
CSO Senior Writer
Lucian Constantin writes about information security, privacy, and data protection for CSO.


Mercenary APT group CostaRicto hits organizations worldwide
This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.

Inside Atlassian's zero trust implementation
Adrian Ludwig says Atlassian's zero-trust implementation was nearly complete when the pandemic hit. His advice: Define policies to cover all cases first.

14 controls for securing SAP systems in the cloud
Organizations often don't follow security best practices when deploying and managing complex SAP systems. This set of security controls from the Cloud Security Alliance aims to change that.

US Treasury Department ban on ransomware payments puts victims in tough position
The Treasury Department's advisory warns companies not to pay ransoms to sanctioned entities. The move complicates ransomware incident response and might encourage insurance carriers to drop ransomware coverage.

Financial crime group FIN11 pivots to ransomware and stolen data extortion
FIN11, believed to be Russia-based, follows a trend of cybercriminal groups expanding their operations beyond financial crime.

Half of all virtual appliances have outdated software and serious vulnerabilities
New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.

Elusive hacker-for-hire group Bahamut linked to historical attack campaigns
The Bahamut group targets high-value victims and takes meticulous care with its own operational security.

Alien malware a rising threat to mobile banking users
The Alien malware has quickly become a popular choice for cybercriminals to commit bank fraud. Here's why.

InterPlanetary Storm cross-platform P2P botnet infects computers and IoT devices
IPStorm's ability to infect Android, macOS and Windows devices as well as those that are Linux-based makes it much more dangerous.

SAP ASE leaves sensitive credentials in installation logs
Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network and other data susceptible to brute-force attacks.

Zerologon explained: Why you should patch this critical Windows Server flaw now
Attackers have learned how to exploit the Zerologon vulnerability in Windows Server, potentially gaining domain admin control.

WastedLocker explained: How this targeted ransomware extorts millions from victims
WastedLocker is sophisticated ransomware created by Evil Corp, a notorious cyber criminal group.

Mesh VPNs explained: Another step toward zero-trust networking
Mesh VPNs use a peer-to-peer architecture where every node or peer in the network can connect directly to any other peer without going through a central concentrator or gateway. This approach can be less expensive and easier to scale...

Evilnum group targets FinTech firms with new Python-based RAT
The attack hides in Windows systems by impersonating several legitimate programs.

APT-style mercenary groups challenge the threat models of many organizations
APT-for-hire services will broaden the scope of who is vulnerable to that type of attack. Small- and medium-sized companies in particular need to rethink their threat models.

After a decade, Qbot Trojan malware gains new, dangerous tricks
New Qbot abilities include inserting malware in legitimate email threads to spread malware.

The state of application security: What the statistics tell us
Companies are moving toward a DevSecOps approach to application development, but problems remain with security testing ownership and open-source code vulnerabilities.

Protocol gateway flaws reveal a weak point in ICS environments
Research presented at this week's Black Hat conference highlights a new threat via protocol translation attacks and reveals 9 flaws found in protocol gateways from different vendors.

DNSSEC explained: Why you might want to implement it on your domain
The Domain Name System Security Extensions provide cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it.
-
White Paper
-
Solution Brief
Sponsored -
eBook
Sponsored -
Video/Webcast
Sponsored -
White Paper