Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

Attacks against internet-exposed RDP servers surging during COVID-19 pandemic

Attacks against internet-exposed RDP servers surging during COVID-19 pandemic

Two new reports show a dramatic increase in cyber attacks that target open RDP ports as more people work remotely.

32 hardware and firmware vulnerabilities: A guide to the threats

32 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.

Cloud servers hacked via critical SaltStack vulnerabilities

Cloud servers hacked via critical SaltStack vulnerabilities

Attackers were quick to exploit recently announced vulnerabilities to deploy cryptominers. Patch Salt now.

COVID-19 attack campaigns target hardest hit regions, research shows

COVID-19 attack campaigns target hardest hit regions, research shows

Attackers shift their focus to where coronavirus infections are rising and use tactics that make their efforts hard to block.

Android security: Patching improves, but fragmentation challenges remain

Android security: Patching improves, but fragmentation challenges remain

A new report shows that Android mobile device manufacturers are getting better at patching the OS, but patching levels vary across models and vendors.

Google enters zero-trust market with BeyondCorp Remote Access offering

Google enters zero-trust market with BeyondCorp Remote Access offering

Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.

RubyGems typosquatting attack hits Ruby developers with trojanized packages

RubyGems typosquatting attack hits Ruby developers with trojanized packages

Attacker targeted Windows systems to hijack cryptocurrency transactions, and was able to evade anti-typosquatting measures.

New platform AttackerKB gives defenders more context on vulnerabilities

New platform AttackerKB gives defenders more context on vulnerabilities

Real-world input from pen testers and other members of the security community aims to help defenders make better assessments of vulnerability risks.

What are vulnerability scanners and how do they work?

What are vulnerability scanners and how do they work?

Vulnerability scanners are automated tools that allow organizations to check if their networks, systems and applications have security weaknesses that could expose them to attacks.

New, rapidly evolving IoT botnet Dark Nexus targets wide variety of devices

New, rapidly evolving IoT botnet Dark Nexus targets wide variety of devices

The sophisticated botnet also has high persistence and is capable of delivering different types of malware in addition to launching DDoS attacks.

7 PSD2 questions every CISO should be prepared to answer

7 PSD2 questions every CISO should be prepared to answer

The EU's recently updated Payment Services Directive has several requirements that affect security, such as stronger authentication for online payments.

Weakness in Zoom for macOS allows local attackers to hijack camera and microphone

Weakness in Zoom for macOS allows local attackers to hijack camera and microphone

Zoom's use of insecure system APIs allow attackers to elevate privileges as well.

What is WireGuard? Secure, simple VPN now part of Linux

What is WireGuard? Secure, simple VPN now part of Linux

The WireGuard VPN offers better performance and a simpler, effective approach to cryptography, and now it's built into Linux 5.6. Is it ready for the enterprise?

Attack campaign hits thousands of MS-SQL servers for two years

Attack campaign hits thousands of MS-SQL servers for two years

Newly discovered Vollgar attack uses brute force to infect vulnerable Microsoft SQL servers at a high rate.

Cybercriminal group mails malicious USB dongles to targeted companies

Cybercriminal group mails malicious USB dongles to targeted companies

Shown as a proof-of-concept in 2014, this is the first known use of the BadUSB exploit in the wild.

Chinese hacker group APT41 uses recent exploits to target companies worldwide

Chinese hacker group APT41 uses recent exploits to target companies worldwide

APT41 has compromised devices and applications from Cisco, Citrix and Zoho across many industries worldwide at a time when many companies are less able to respond.

COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale

COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale

A zero-trust model addresses many of the security concerns around supporting large numbers of remote workers, and new vendor free trials make fast deployment possible.

Credit card skimmers explained: How they work and how to protect yourself

Credit card skimmers explained: How they work and how to protect yourself

A card skimmer is a device designed to steal information stored on payment cards when consumers perform transactions at ATMs, gas pumps and other payment terminals. More recently, the use of the term has been extended to include...

New CPU attack technique can leak secrets from Intel SGX enclaves

New CPU attack technique can leak secrets from Intel SGX enclaves

The Load Value Injection attack can bypass security boundaries and mitigations put in place for other CPU vulnerabilities such as Spectre and Meltdown.

Load More