Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Hackers used novel malware to knock out the heating system for 600 apartment buildings during the winter in Ukraine, in a development that poses a wider threat for critical infrastructure. Cybersecurity researchers at Dragos on Tuesday dubbed the new malware "FrostyGoop."
Security researchers say they've traced a spate of backdoor attacks during 2021 against pro-democracy activists in Hong Kong to a Chinese cyberespionage group that has recently retooled its arsenal. The group is tracked by the Symantec Threat Hunter Team as Daggerfly.
Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.
Banks, airlines, media giants and others are being disrupted by a mass, global IT outage tied to Windows PCs. While CrowdStrike has issued a workaround tied to a Falcon software update that appears to be the culprit, many IT administrators say it so far remains difficult to implement at scale.
A new artificial intelligence-based protection system developed by the German government-funded SecDER project is revolutionizing the security of virtual power plants by detecting cyberattacks and predicting failures, according to Fraunhofer SIT Institute Darmstadt.
As the investigation of the attempted assassination of former President Trump unfolds, authorities and cybersecurity experts advise individuals and organizations to beware of online threats in the forms of physical violence, nation-state disinformation and cybercrime campaigns.
A critical vulnerability in Exim Mail Transfer Agent enables threat actors to bypass email security filters and deliver malicious attachments directly to user inboxes. Nearly 5 million servers could be vulnerable, but only 82 public-facing servers have updated to the patched release, Exim 4.98.
A relatively new threat actor has compromised over 1,500 organizations worldwide since February, using open-source security tools to automate and streamline attack processes. Security researchers have tracked a significant escalation in CRYSTALRAY operations.
Multiple threat actors began exploiting a critical vulnerability in PHP within a day of its public disclosure last month and are moving quickly to infect systems with malware, according to a report by the Akamai Security Intelligence Response Team. Administrators are advised to patch immediately.
Multiple critical vulnerabilities in Emerson Rosemount 370XA gas chromatographs could allow malicious actors to access sensitive data, cause denial-of-service conditions and execute arbitrary commands. Emerson recommends that end users update the firmware on the products.
Vulnerabilities in internet-connected temperature monitoring devices - and an accompanying desktop application - mainly used in hospitals could be exploited by hackers to exfiltrate sensitive data or compromise temperature monitoring integrity, researchers warn.
A vulnerability in a common implementation of the firmware booting up desktop computers powered by Intel chips could allow attackers to obtain ongoing persistence, warn security researchers. The flaw is a buffer overflow vulnerability in the Phoenix Technologies SecureCore UEFI implementation.
Cybersecurity researchers say an experiment in developing a fake, malicious extension for Microsoft's Visual Studio Code, the world's most popular integrated development environment, succeeded beyond their wildest expectations. VSCode doesn't manage permissions or visibility, the researchers said.
A ransomware operation with a history of exploiting widespread internet vulnerabilities lost little time in making use of a critical-severity vulnerability in scripting language PHP. The TellYouThePass ransomware group sees opportunity whenever system administrators must scramble to patch systems.
A promise of better security through biometrics fell short after security researchers dismantled an access system made by a Chinese manufacturer and discovered that it contained 24 vulnerabilities. ZKTeco specializes in hybrid biometric verification technology.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.