Home Community Lucian Constantin

Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Articles by Lucian Constantin

Attackers breach US government agencies through ColdFusion flaw

Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability.

By Lucian Constantin

Dec 06, 2023 5 mins

Advanced Persistent Threats Cyberattacks Vulnerabilities

Russia’s Fancy Bear launches mass credential collection campaigns

By Lucian Constantin

Dec 05, 2023 5 mins

Advanced Persistent Threats Critical Infrastructure Vulnerabilities

P2Pinfect Redis worm targets IoT with version for MIPS devices

By Lucian Constantin

Dec 04, 2023 5 mins

Botnets Hacker Groups Security Practices

Attackers could abuse Google’s SSO integration with Windows for lateral movement

Compromised Windows systems can enable attackers to gain access to Google Workspace and Google Cloud by stealing access tokens and plaintext passwords.

By Lucian Constantin

Nov 30, 2023 8 mins

Multi-factor Authentication Single Sign-on Remote Access Security

Ransomware gang files SEC complaint against company that refused to negotiate

New US Securities and Exchange Commission rules require reporting of breaches that are material, giving cyber extortionists a new tactic to coerce payments.

By Lucian Constantin

Nov 17, 2023 4 mins

Ransomware Compliance Cybercrime

Palestine-aligned cyberespionage actor shifts infection chain tactics

The highly targeted spear-phishing campaign uses Microsoft PowerPoint add-in and XLL, RAR attachments to deliver malware.

By Lucian Constantin

Nov 16, 2023 4 mins

Advanced Persistent Threats Phishing Cyberattacks

Intel patches high-severity CPU privilege escalation flaw

The Reptar vulnerability affects Intel processors with the new fast short repeat move (FSRM) feature.

By Lucian Constantin

Nov 15, 2023 4 mins

Vulnerabilities

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A malicious OracleIV image has been downloaded more than 3,000 times from Docker Hub.

By Lucian Constantin

Nov 14, 2023 4 mins

DDoS Cyberattacks

Iranian APT group launches destructive attacks against Israeli organizations

The Agonizing Serpens group seeks to steal sensitive information and then wipe systems.

By Lucian Constantin

Nov 09, 2023 6 mins

Advanced Persistent Threats Cyberattacks

Gootbot: A new post-exploitation implant for lateral movement

The Gootloader malware gang's custom bot is designed to avoid detection during late stages of the attack chain.

By Lucian Constantin

Nov 07, 2023 5 mins

Cyberattacks Malware

Show me more

Top cybersecurity product news of the week

Dec 07, 202322 mins

Generative AISecurity

BSIMM 14 finds rapid growth in automated security technology

By John P. Mello Jr.

Dec 06, 20234 mins

Application SecurityNetwork Security

Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey

By Gagandeep Kaur

Dec 06, 20234 mins

IT JobsSecurity Practices

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

Nov 20, 202315 mins

CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University

Oct 16, 202315 mins

CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape

Oct 10, 202316 mins

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

Nov 20, 202315 mins

AI and Cybersecurity: Speed Bumps, Training, and Communication

Nov 06, 202317 mins

CyberattacksGenerative AI

CSO Executive Sessions Australia with Robbie Whittome

Oct 16, 202315 mins

Sponsored Links

Tomorrow’s cybersecurity success starts with next-level innovation today. Join the discussion now to sharpen your focus on risk and resilience.