Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Emotet malware is again active. Researchers marked the latest sighting of the Microsoft Office-loving Trojan in what's becoming a cycle of reemergence and hibernation. Among its improved evasion techniques: pasting a chunk of "Moby Dick" to bulk up the word count of macro-laden Word documents.
Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
In this week's roundup: an incident affecting News Corp and ransomware at Dish Network, Washington's Pierce Transit and the U.S. Marshals Service. Also: a DDoS attack on Danish hospitals from a threat actor that isn't what it claims and a bit of good news about a ransomware decryptor.
Security researchers uncovered an investment scam network that draws on an online infrastructure of hundreds of hosts and thousands of domains to target primarily Indian victims by impersonating Fortune 100 companies. Most payment amounts defaulted to Indian rupees.
A leader of an international crime network that attempted to launder more than $25 million in fraudulently obtained funds, including through business email compromise, received a sentence of more than a decade in prison. Valentine Iro, 34, pleaded guilty to conspiracy to engage in money laundering.
A campaign targeting government entities in the Asia-Pacific and North America regions with an info stealer hosted on a Discord server shares infrastructure with a campaign that used Microsoft OneNote to deliver malware. Menlo Security says the unknown threat actor doesn’t seem to be a major player.
The European Commission has directed employees to remove the ByteDance-owned, short-form video app TikTok from their phones and corporate devices, citing security concerns. The decision follows similar bans in the U.S. and other countries, driven by fears of Chinese hacking and influence.
The United States is warning domestic and European organizations to be extra vigilant about their presence in cyberspace on the one-year anniversary of Russia's 2022 invasion of Ukraine. Friday marks 12 months since Moscow initiated a war of conquest against its European neighbor.
Microsoft, in its February monthly dump of fixes, is patching three actively exploited zero-day vulnerabilities, including one that coaxes users into downloading a file that bypasses Office security features. In all, the computing giant pushed fixes for 77 vulnerabilities.
The Play ransomware group listed networking hardware manufacturer A10 Networks on its leak site after briefly gaining access to the company's IT infrastructure, according to data breach notifications firm BetterCyber. The Play group says it has confidential data, technical documentation and more.
Reddit says hackers penetrated its internal systems via a phishing attack but that user passwords and accounts appear safe. The self-proclaimed "front page of the internet" says the hackers gained access to its internal documents, code and some internal business systems.
Three of the planet's largest social media platforms suffered outages Wednesday, blocking some users at Twitter, Instagram and YouTube from accessing their accounts. At Twitter, many users received a message Wednesday saying they were "over the daily limit" and were unable to post.
A Massachusetts maker of semiconductor manufacturing equipment says it halted operations at some facilities following a ransomware attack. A market analysts tells Information Security Media Group a slowdown in semiconductor demand means the attacks' short-term effects will be limited.
An Android banking Trojan is targeting Brazilian adopters of an instant payment platform known as Pix, marking another foray by the South American country's criminal underground into digital larceny. Brazil has been a hotbed of Trojan activity perpetuated by domestic cybercriminals.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
