Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority rights and education.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
More lawsuits have been filed in the wake of the Capital One breach that exposed the data of more than 100 million individuals. GitHub is also a target of one of those lawsuits, which alleges the code-sharing site failed to promptly remove breached data.
A newly discovered vulnerability in Visa's contactless payment cards could allow fraudsters to bypass payment limits of 30 British pounds ($37) at U.K. banks, according to researchers at Positive Technologies, who claim the vulnerability could be exploited in other countries as well.
A newly discovered mobile ransomware strain called Filecoder.C is targeting Android devices through malicious links in online forums and then spreading via contact lists through SMS messages that attempt to entice others to install an app, according to research by the security firm ESET.
A week after a ransomware attack locked up customer files and data at online cloud hosting provider iNSYNQ, the company is continuing to recover and restore its internal infrastructure. It remains unclear how much longer this process will take, the company acknowledges.
Former government contractor Harold Thomas Martin III has been sentenced to serve nine years in federal prison after he pleaded guilty to stealing and retaining classified and secret files and data from U.S. government agencies, including the National Security Agency and CIA.
Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense.
After recently issuing interim cybersecurity guidelines for private enterprises, Singapore has issued similar guidance for public sector agencies and departments in an effort to enhance data security in light of recent data breaches in the nation.
Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media reports.
In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users.
A new ransomware strain called eCh0raix is targeting enterprise storage devices sold by QNAP Network by exploiting vulnerabilities in the gear and bypassing weak credentials using brute-force techniques, warns security firm Anomali.
Security researchers have found yet another unsecured database that left personal data exposed to the internet. In this latest case, a MongoDB database containing about 188 million records, mostly culled from websites and search engines, was exposed, researchers say.
Sensitive information, including credit card and phone numbers, was left exposed to the internet on an unsecured database belonging to Fieldwork Software, which provides cloud-based services to small businesses, researchers note in a new report.