Lucian Constantin - Author

Stealthy Linux implant BPFdoor has compromised businesses for years, notably in Vietnam

Malware researchers warn about a stealthy backdoor program that has been used by a Chinese threat actor to compromise Linux servers around the world.

Chinese APT group Winnti stole trade secrets in years-long undetected campaign

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection.

TLS implementation flaws open Aruba and Avaya network switches to attack

The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals.

New malware loader Bumblebee adopted by known ransomware access brokers

The Bumblebee downloader has deployed open source penetration testing tools like Cobalt Strike and is delivered through spear-phishing campaigns.

Researchers break Azure PostgreSQL database-as-a-service isolation with cross-tenant attack

Although the vulnerabilities were patched server-side, they allowed privilege escalation and authentication bypass.

Why businesses should patch the latest critical Windows RPC vulnerability right now

Among the over 100 vulnerabilities fixed by Microsoft during the past week in its monthly patch cycle is one that has the security community very worried.

Attackers create malware for serverless computing platforms like AWS Lambda

The new cryptomining malware is written in Go for easier deployment and uses Amazon Web Services' own open-source Go libraries.

Spring4Shell patching is going slow but risk not comparable to Log4Shell

More tools to identify vulnerable applications and options to mitigate the risk from Spring4Shell are also now available.

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

A remote code execution vulnerability in Spring Framework has sparked fears that it could have a widespread impact across enterprise environments.

New ransomware LokiLocker bundles destructive wiping component

A new ransomware operation dubbed LokiLocker has slowly been gaining traction since August among cyber criminals, researchers warn.

Dirty Pipe root Linux vulnerability can also impact containers

The dangerous Linux privilege escalation flaw dubbed Dirty Pipe that was recently disclosed could also impact applications and systems.

New attack bypasses hardware defences for Spectre flaw in Intel and ARM CPUs

Though not as easy to exploit, this proof of concept shows that some Intel and ARM processors are still vulnerable to side-channel attacks.

Critical flaws in APC uninterruptible power supplies poses risks to mission-critical devices

Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited.

Vulnerabilities in remote management agent impacts thousands of medical devices

The Axeda platform, used by hundreds of Internet of Things devices, has seven vulnerabilities, three of which allow for remote code execution.

Nvidia hackers release code-signing certificates that malware can abuse

The hacker group that recently broke into systems belonging to Nvidia has released two of the company's old code-signing certificates.

Stories by Lucian Constantin