Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority rights and education.
Security researchers at FortiGuard Labs have uncovered another DarkSide ransomware variant with destructive capabilities. But the researchers say the variant is "unrelated to the Colonial Pipeline campaign" and no longer active.
A previously uncovered banking Trojan dubbed "Bizarro" is now targeting European banking customers through a spear-phishing campaign that attempts to steal credentials, according to the security firm Kaspersky.
Attackers co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion, a new report by security firm Group-IB finds.
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that attackers could used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.
Facebook says it disrupted two Palestinian advanced persistent threat groups that targeted victims across the Middle East as part of cyberespionage campaigns. The groups used malware and advanced social engineering tactics to target journalists, human rights activists and military groups.
President Joe Biden is asking Congress to boost CISA's budget by $110 million to help enable the agency to address a range of cybersecurity issues following several high-profile incidents in the past six months.
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.