Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

How data poisoning attacks corrupt machine learning models

How data poisoning attacks corrupt machine learning models

Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

The Golden Chickens cybercriminal gang is believed to sell its more_eggs backdoor for spear phishing campaigns executed using information gleaned from victims' LinkedIn profiles.

PHP backdoor attempt shows need for better code authenticity verification

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

Cloudflare wants to be your corporate network backbone with centralized management and security

Cloudflare wants to be your corporate network backbone with centralized management and security

Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

5 questions CISOs should be able to answer about software supply chain attacks

5 questions CISOs should be able to answer about software supply chain attacks

The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.

New free software signing service aims to strengthen open-source ecosystem

New free software signing service aims to strengthen open-source ecosystem

The Linux Foundation's sigstore code-signing software, developed with Google, Red Hat and Purdue University, will help prevent attacks on the software supply chain.

Intel, Microsoft join DARPA effort to accelerate fully homomorphic encryption

Intel, Microsoft join DARPA effort to accelerate fully homomorphic encryption

The partnership aims to improve performance and accuracy of FHE to make it practical for business and government to better protect confidential data in the cloud.

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

Gootkit malware creators expand their distribution platform

Gootkit malware creators expand their distribution platform

Its Gootloader component infects computers by hijacking Google search results to send victims to legitimate but compromised websites where malware lurks behind links.

Dependency confusion explained: Another risk when using open-source repositories

Dependency confusion explained: Another risk when using open-source repositories

Dependency confusion is a newly discovered logic flaw in the default way software development tools pull third-party packages from public and private repositories. Here's what you need to know.

Egregor ransomware takes a hit after arrests in Ukraine

Egregor ransomware takes a hit after arrests in Ukraine

Ukrainian, French and US operation targets ransomware group members and takes down its infrastructure.

How ransomware negotiations work

How ransomware negotiations work

Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.

TrickBot returns with campaign against legal and insurance firms

TrickBot returns with campaign against legal and insurance firms

The new iteration of the TrickBot botnet, which had enabled Ryuk and other ransomware attacks, uses malicious links in emails rather than rogue email attachments.

Law enforcement takes over Emotet, one of the biggest botnets

Law enforcement takes over Emotet, one of the biggest botnets

Multi-national cooperation removes this key malware delivery service as a threat, at least temporarily.

SonicWall warns customers about zero-day vulnerabilities

SonicWall warns customers about zero-day vulnerabilities

Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.

New Intel CPU-level threat detection capabilities target ransomware

New Intel CPU-level threat detection capabilities target ransomware

The new capabilities in the Intel mobile processors will make it harder for ransomware to avoid detection.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.

33 hardware and firmware vulnerabilities: A guide to the threats

33 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.

Load More