Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
The COVID-19 pandemic is forcing big businesses to rethink their security plans. For example, the National Football League is experimenting with "zero trust" architectures, while Jet Blue is focusing on more frequent risk assessments.
A new study from Sophos describes how the Dharma ransomware-as-a-service model offers low-skilled hackers the ability to profit from attacks on unprotected small businesses.
Two critical, zero-day vulnerabilities affecting Internet Explorer and multiple versions of the Windows operating system are being exploited in the wild, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency warn, urging prompt patching.
President Donald Trump, citing national security concerns, has signed two executive orders that will ban the Chinese-owned social media platforms TikTok and WeChat from the U.S. within 45 days. The orders appear designed to accelerate the sale of the two platforms to American firms.
WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.
Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.
Fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials, according to the security firm Abnormal Security.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
Despite warnings from security researchers and U.S. Cyber Command earlier this month, thousands of users have not yet patched their F5 BIG-IP networking products to fix a critical vulnerability that could allow for remote code execution, according to the security firm Expanse.
A malicious app called Welcome Chat has been spotted targeting Android users in Middle Eastern countries - where chat apps are illegal, according to new report by security firm ESET.
Auction website LiveAuctioneers has acknowledged that it sustained a data breach in June. The announcement came after threat intelligence firm CloudSEK reported that it discovered about 3.4 million LiveAutioneers customers' records had been posted for sale on a darknet forum.
A Russian national has been found guilty of hacking LinkedIn, Dropbox and the now defunct Formspring to steal millions of user credentials, some of which were later sold on underground markets.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
A recent inspector general's report finds that NASA still struggles with implementing an agencywide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019. The oversite report lists a series of improvements that NASA should make.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
