Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails."
Researchers at Check Point Research are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. The malware is creating a malicious network that has the potential to launch DDoS attacks.
Microsoft is alerting customers that starting Feb. 9, it will enforce domain controller settings within Active Directory to block connections that could exploit the unpatched Zerologon vulnerability in Windows Server. Microsoft has been warning about the urgency of patching the flaw for months.
OpenWRT, an open-source project that develops operating systems, firmware and other software for connected and embedded devices, is investigating a data breach after a hacker gained access to an administrator account and apparently was able to access usernames and email addresses for community members.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.
Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers at RiskIQ. The hosting service is notorious for catering to cybercriminals and hackers.
The NSA has released guidance on how organizations can adopt encrypted domain name system protocols to prevent eavesdropping and manipulation of DNS traffic. Although the agency's report is geared toward the military and defense contractors, its recommendations can be adopted in all sectors.
Security researchers are warning that attackers appear to have stepped up scanning for vulnerable Zyxel products, including VPN gateways, access point controllers and firewalls. A recently disclosed vulnerability in the company's firmware can create a hard-coded backdoor.
A recently uncovered remote access Trojan, dubbed ElectroRAT, has been stealing cryptocurrency from digital wallets over the past year, according to researchers at Intezer Labs. The malware, written in Golang, can target Windows, Linux and macOS platforms.
Citrix is urging customers to implement a newly provided enhancement to its ADC and Gateway devices that is designed to block attackers from abusing the Datagram Transport Layer Security, or DTLS, protocol to amplify distributed denial-of-service attacks.
Researchers at Morphisec Labs have published fresh details about a malware variant called JSSLoader that the FIN7 hacking group has used for several years.
Researchers at the security firm Intezer have detected a new Golang-based worm that is targeting Windows and Linux servers with monero cryptomining malware.
A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the security firm Eye Control. Users are urged to patch the flaw.
The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.
After a nearly two-month hiatus, the Emotet botnet recently sprung back to life with a fresh spamming and phishing campaign designed to spread other malware as secondary payloads, according to security researchers. The botnet has also been revamped to better avoid network defenses.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
