Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
Researchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after a July 2 ransomware attack exploiting flaws in Kaseya's VSA software had a major impact.
A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes.
A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold. Meanwhile, Linux OS users also need to adopt system upgrades to fix a flaw, and Oracle and Juniper have announced product patches.
APT 31, a China-linked hacking group, is targeting French organizations by exploiting home and office routers in an espionage campaign, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France, or ANSSI.
Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in February that resulted in unauthorized access to certain data about its clients.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
In an emergency directive, the U.S. Cybersecurity and Infrastructure Security Agency calls on federal agencies to immediately implement a patch to address the "PrintNightmare" Windows Print Spooler service flaw and disable the service on servers on Microsoft Active Directory domain controllers.
Update: The Cybersecurity and Infrastructure Security Agency reported Tuesday that Microsoft has released an emergency out-of-band security update to address the "PrintNightmare" Windows Print spooler service flaw.
At least seven companies with annual revenue of over $1 billion have been hit so far this year by Hades ransomware, according to an Accenture Security report.
Microsoft recently released updates for its Edge browser, including a fix for a bypass vulnerability that could allow a remote attacker to bypass implemented security restrictions.
A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.
In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers.
SolarMarker malware operators are using "SEO poisoning" techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports.
There is a skills shortage in most tech roles, but cybersecurity for critical infrastructure is a newly identified problem that requires new approaches to resolve. Mex Martinot, Vice president of industrial cyber and digital security business at Siemens Energy, offers advice on steps to bridge the particular skills...
Carl Pei, co-founder of OnePlus, a smartphone company, said Tuesday that his Twitter account had been compromised via a third-party app called IFTTT and a tweet had been injected via his profile for an apparent cryptocurrency scam.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
