Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Chinese intelligence is conducting cyberespionage campaigns targeting corporations involved with energy extraction in the South China Sea, researchers say. Proofpoint and PwC conclude with moderate confidence the campaign is the work of the threat actor known as TA423 or Red Ladon.
Food delivery firm DoorDash says its customers and employees have been impacted by the phishing attack on its third-party service provider. DoorDash says it experienced "unusual and suspicious activity" on its third-party vendor's computer network that was a victim of a phishing campaign.
Password manager stalwart LastPass acknowledged Thursday that a threat actor gained unauthorized access to its source code and proprietary technical information. The attacker does not appear to have gained access to customer data or encrypted password vaults.
Fintech company Block faces a putative class action demanding damages for customers affected by a 2021 data breach that affected 8.2 million individuals. The company, formerly known as Square and co-founded by former-Twitter CEO Jack Dorsey, disclosed the breach in April.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scraping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities. The tool spoofs the user agent to look like an outdated browser.
In the tit-for-tat world of advanced persistent threats, security measures set by Microsoft such as multifactor authentication are being met by Russian hacking group APT29 with circumvention techniques. Mandiant says it's seeing several new hacking methods by the group, also known as Cozy Bear.
Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain. The latest campaign began in June 2022, uses Grandoreiro banking Trojan and impersonates Mexican government officials, Zscaler ThreatLabz reports.
Threat actors are using Amazon Web Services solutions to create phishing pages that bypass security scanners and scam victims into handing over credentials. Avanan researchers call the method of using legitimate services as a piggyback to land in the inbox "the Static Expressway."
An updated version of the Russian-linked SOVA Android Trojan is back with updated attack techniques targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets. Researchers at Cleafy uncovered that the Trojan now also features ransomware capabilities.
Three Nigerian nationals accused of participating in multimillion-dollar business email compromise fraud with a fixation on universities arrived in the United States after extradition from the United Kingdom. They allegedly attempted to steal more than $5 million.
More than two years after being notified of it, Microsoft issued a fix for a Microsoft Windows Support Diagnostic Tool vulnerability known as DogWalk. The fix is part of the operating system giant's newest Patch Tuesday dump, which includes patches for 141 flaws.
North Korean state-sponsored theft of cryptocurrency could intensify once cryptocurrency becomes accepted as a means of payment settlement, said a panelist at a think tank event in Washington. The United States and South Korea in 2021 committed to enhanced collaboration over cybercrime.
Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.
Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.
Accused cryptocurrency money launderer Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through Bitcoin on the BTC-e cryptocurrency exchange.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.