Lucian Constantin

CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO.

Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

Cryptominers and fileless PowerShell techniques make for a dangerous combo

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

Emergent Android banking Trojan shows app overlay attacks are still effective

Emergent Android banking Trojan shows app overlay attacks are still effective

By taking code from another Android Trojan, Anubis, the Ginp malware has enhanced itself and has begun targeting banks.

Web payment card skimmers add anti-forensics capabilities

Web payment card skimmers add anti-forensics capabilities

The newly discovered Pipka script can delete itself from a website after execution, making it very difficult to detect.

Defenders can discover phishing sites through web analytics IDs

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage.

Attackers phish Office 365 users with fake voicemail messages

Attackers phish Office 365 users with fake voicemail messages

Recent phishing campaigns have combined a clever use of fake voicemail, phony Microsoft email, and off-the-shelf phishing kits to target high-value victims.

Credential stuffing explained: How to prevent, detect and defend against it

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

Cryptojacking worm infects exposed Docker deployments

Cryptojacking worm infects exposed Docker deployments

Graboid is the first known instance of a cryptomining worm used to create botnets spread using containers.

Report: China supported C919 airliner development through cyberespionage

Report: China supported C919 airliner development through cyberespionage

Chinese hackers and intelligence agencies coordinated cyberattacks to gather intellectual property of aerospace firms to gain competitive advantage.

GandCrab cousin Sodinokibi made a fortune for ransomware pushers

GandCrab cousin Sodinokibi made a fortune for ransomware pushers

By tracking down bitcoin wallets, researchers estimate that the Sodinokibi creators pocketed at least $4.5 million.

Critical remote code execution flaw fixed in popular terminal app for macOS

Critical remote code execution flaw fixed in popular terminal app for macOS

Users of the iTerm2 terminal app are encouraged to update as soon as possible.

Zero-day vulnerability gives attackers full control of Android phones

Zero-day vulnerability gives attackers full control of Android phones

Attackers are reportedly exploiting an unpatched vulnerability to take control of Android devices and potentially deliver spyware. The flaw affects phones models from multiple manufacturers including Google, Samsung, Huawei, LG and...

Load More