Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.
Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.
Microsoft is warning that attackers are exploiting a pair of critical, zero-day flaws in Windows that allow for remote code execution, which could enable a threat actor to take over an infected device. Although a patch for the flaws is not expected until April, the company described workarounds.
Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.
TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
A new variant of TrickBot, which is using remote desktop protocol brute-force methods to target potential victims and bypass security protocols, is mainly targeting telecom services in the U.S. and Hong Kong, attempting to steal intellectual property as well as financial data, according to Bitdefender.
Microsoft Edge is one of the least private web browsers, according to a security researcher in Ireland. The researcher's new academic paper says the browser sends specific device identifiers, as well as URLs that users browsed, back to the company's corporate servers.
An unsecured Amazon Web Services S3 bucket left 425 GB of financial data, including credit reports, bank statements and more, exposed to the internet, according to a VPN Mentor researcher.
The ACLU has filed a Freedom of Information Act lawsuit against the Department Of Homeland Security and three of its agencies in an effort to learn more about how the department uses facial recognition technology at airports and the country's borders.
Payment card data stolen last year when hackers compromised online stores that were using the Volusion checkout platform is now surfacing on dark web sites and forums, according to Gemini Advisory.
The FBI has arrested a Russian national who allegedly ran an online forum that enabled cybercriminals to buy and sell stolen data and personally identifiable information.
A former acting inspector general of the Department of Homeland Security and another official have been indicted for allegedly stealing DHS proprietary software and databases and then attempting to resell the technology back to the government.
As companies continue to grapple with the challenges of insider threats, machine learning coupled with behavioral analytics can assist in predicting and detecting potential threats from employees and contractors, according to a panel of security experts at RSA 2020.
Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.
The operators behind the "Raccoon" infostealer Trojan have added new capabilities to this malware-as-service offering, which now has the ability to steal data from over 60 applications, according to researchers at the security firm CyberArk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
