Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Lack of firmware validation for computer peripherals enables highly persistent attacks

Lack of firmware validation for computer peripherals enables highly persistent attacks

Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.

More targeted, sophisticated and costly: Why ransomware might be your biggest threat

More targeted, sophisticated and costly: Why ransomware might be your biggest threat

Ransomware has matured and its threat level is now on par with APTs as attackers use better tools and learn from past mistakes.

Infrastructure-as-code templates are the source of many cloud infrastructure weaknesses

Infrastructure-as-code templates are the source of many cloud infrastructure weaknesses

A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack.

Implementation flaws make LoRaWAN networks vulnerable to attack

Implementation flaws make LoRaWAN networks vulnerable to attack

New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.

Magecart-related arrests made in Indonesia

Magecart-related arrests made in Indonesia

The three individuals arrested represent only a small portion of the Magecart web-skimming group, but the investigation is ongoing.

Insecure configurations expose GE Healthcare devices to attacks

Insecure configurations expose GE Healthcare devices to attacks

The six high-risk vulnerabilities result from hard-coded or no credentials in remote access software and the use of outdated applications.

What is a buffer overflow? And how hackers exploit these vulnerabilities

What is a buffer overflow? And how hackers exploit these vulnerabilities

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This causes data to overflow to adjacent...

Macy’s breach is a game-changing Magecart attack

Macy’s breach is a game-changing Magecart attack

The attackers customized the Magecart code to the Macy's website to steal credit card information in the wallet and new registrations.

Hackers use free tools in new APT campaign against industrial sector firms

Hackers use free tools in new APT campaign against industrial sector firms

Attackers seek to make attribution harder and use sophisticated, realistic spear-phishing emails.

Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

By manipulating the voltage of Intel CPUs that use SGX, researchers can extract sensitive data, including full RSA encryption keys, from memory using the Plundervolt vulnerability.

Cryptominers and fileless PowerShell techniques make for a dangerous combo

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

Emergent Android banking Trojan shows app overlay attacks are still effective

Emergent Android banking Trojan shows app overlay attacks are still effective

By taking code from another Android Trojan, Anubis, the Ginp malware has enhanced itself and has begun targeting banks.

Is your MSP an insider threat?

Is your MSP an insider threat?

Managed services providers and managed security services providers (MSSPs) are attracting attention from attackers, who see them as a gateway to access their clients' networks. Follow this advice to minimize the risk.

How to secure your router and home network

How to secure your router and home network

Many users don't realize it, but their internet router is the most important electronic device in their home and is an attractive target for attackers.

Web payment card skimmers add anti-forensics capabilities

Web payment card skimmers add anti-forensics capabilities

The newly discovered Pipka script can delete itself from a website after execution, making it very difficult to detect.

Defenders can discover phishing sites through web analytics IDs

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage.

Attackers phish Office 365 users with fake voicemail messages

Attackers phish Office 365 users with fake voicemail messages

Recent phishing campaigns have combined a clever use of fake voicemail, phony Microsoft email, and off-the-shelf phishing kits to target high-value victims.

Credential stuffing explained: How to prevent, detect and defend against it

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

Cryptojacking worm infects exposed Docker deployments

Cryptojacking worm infects exposed Docker deployments

Graboid is the first known instance of a cryptomining worm used to create botnets spread using containers.

Report: China supported C919 airliner development through cyberespionage

Report: China supported C919 airliner development through cyberespionage

Chinese hackers and intelligence agencies coordinated cyberattacks to gather intellectual property of aerospace firms to gain competitive advantage.

Load More