Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Despite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.
Police behind an international law enforcement operation targeting LockBit resurrected the leak site they seized earlier this year from the ransomware-as-a-service group and posted a countdown clock suggesting they will reveal the identity of LockBitSupp, the group's leader.
Hackers are taking advantage of D-Link home routers left unpatched for a decade and turning them into a newly formed botnet researchers dubbed "Goldoon." The vulnerability allows attackers to execute arbitrary commands remotely via the proprietary Home Network Administration Protocol.
Researchers detailed a deserialization vulnerability in Siemens software used to monitor energy consumption in industrial settings and attributed the flaw to the German conglomerate's decision to use a programming method that has known security risks.
Likely North Korean threat actors are using fake job interviews to trick software developers into downloading disguised Python backdoors as part of an ongoing espionage campaign. Pyongyang hackers have a history of constructing elaborate social engineering ruses.
Research shows that attackers can physically extract secrets embedded in read-only memory on a shoestring budget. The equipment involves a polishing wheel, a jig and an optical microscope. The attack sounds impossible "until it's observed for real," said Tony Moor, an IOActive researcher.
Russian military intelligence hackers are using an 18 month-old vulnerability in the Windows print spooler utility to deploy a custom tool that elevates privileges and steals credentials. Microsoft says it's seen post-compromise activities against Ukrainian, European and North American governments.
A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.
Hackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warned Microsoft. "I want to buy a car," the hackers tell victims in a note and solicit monero donations.
Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
Financially motivated hackers are using the oldie-but-goodie technique of hiding malicious code in digital images to target businesses in Latin America, say security researchers. One image containing a PowerShell script results in Agent Tesla being loaded on the victim computer.
North Korean hackers with an affinity for establishing rapport with targets via social engineering and email are getting smarter about bypassing anti-spam protections and using tracking pixels, say researchers. The group, codenamed Kimsuky, has been operational since 2012.
Israel Defense Forces reported the launch of rockets by Iran from Lebanon into Israel on Saturday. Hezbollah militants claim responsibility, citing retaliation for recent Israeli actions and solidarity with Palestinians in Gaza, according to reports.
Threat actors behind malware distribution platform Raspberry Robin worm have shifted tactics to make the malware harder to detect and for researchers to analyze. Hackers deploying Raspberry Robin - often a precursor to a ransomware attack - now use Windows Script Files.
A financially motivated threat group used a script apparently coded by artificial intelligence to download an info stealer onto victim computers. The script, used to load the Rhadamanthys info stealer, contains "grammatically correct and hyper specific comments above each component of the script."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.