Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
A North Korean hacking group wants to make money for the cash-starved Pyongyang regime and conduct bread-and-butter cyberespionage, say Microsoft researchers in a profile of a group they track as "Moonstone Sleet." North Korea has a well-established history of hacking for profit.
Why bother building a crypto-locker when Microsoft has perfectly acceptable encryption software preloaded on desktops? Many ransomware hackers agree with that statement - and they're learning to make such attacks even harder to recover from.
This week, Fluent Bit contains a flaw, Microsoft is nuking VBScript, Irish police and the SEC face fines, a man was sentenced for BEC, a flaw was found in Netflix's Genie, an Australia university said it was breached and Black Basta claimed an attack, and hacker Alcasec was arrested again.
Rockwell Automation warned customers to disconnect industrial control systems from the internet, citing escalating cyberthreats and rising global geopolitical tensions. Disconnecting these systems is a proactive measure to reduce the attack surface.
A previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.
Despite a law enforcement takedown in January, researchers identified new phishing campaigns spreading the Grandoreiro banking Trojan, indicating its return as a malware-as-a-service tool with better encryption and a better domain name generator, according to IBM X-Force researchers.
Police behind an international law enforcement operation targeting LockBit resurrected the leak site they seized earlier this year from the ransomware-as-a-service group and posted a countdown clock suggesting they will reveal the identity of LockBitSupp, the group's leader.
Hackers are taking advantage of D-Link home routers left unpatched for a decade and turning them into a newly formed botnet researchers dubbed "Goldoon." The vulnerability allows attackers to execute arbitrary commands remotely via the proprietary Home Network Administration Protocol.
Researchers detailed a deserialization vulnerability in Siemens software used to monitor energy consumption in industrial settings and attributed the flaw to the German conglomerate's decision to use a programming method that has known security risks.
Likely North Korean threat actors are using fake job interviews to trick software developers into downloading disguised Python backdoors as part of an ongoing espionage campaign. Pyongyang hackers have a history of constructing elaborate social engineering ruses.
Research shows that attackers can physically extract secrets embedded in read-only memory on a shoestring budget. The equipment involves a polishing wheel, a jig and an optical microscope. The attack sounds impossible "until it's observed for real," said Tony Moor, an IOActive researcher.
Russian military intelligence hackers are using an 18 month-old vulnerability in the Windows print spooler utility to deploy a custom tool that elevates privileges and steals credentials. Microsoft says it's seen post-compromise activities against Ukrainian, European and North American governments.
A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.
Hackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warned Microsoft. "I want to buy a car," the hackers tell victims in a note and solicit monero donations.
Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.