Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
U.S. federal regulators are revamping their approach to oil pipeline cybersecurity by telling operators they have newfound latitude so long as they implement continuous monitoring and test their posture. Pipeline cybersecurity became a priority after a 2021 ransomware attack led to gas shortages.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The U.S. Department of Justice unsealed its first insider trading case involving cryptocurrency markets, marking an escalation of traditional oversight. The case comes as a federal jury convicted a New York man for defrauding investors who bought into his supposed cryptocurrency.
U.S. Cyber Command and Security Service of Ukraine revealed malware indicators recently detected in Ukraine, which is resisting invasion by Russia. Cybersecurity firm Mandiant, which has ties to the U.S. military, published a detailed analysis of phishing campaigns with links to Belarus and Russia.
Harish Sekar, senior technical evangelist & head of business development, ManageEngine, discusses the ways in which a CISO's job can be a "nightmare," offers tips on how to manage the "how" as well as the "what" of zero trust and handle product sprawl, and weighs in on the importance of false positives.
Compromised logon credentials are the root cause of most data breaches, especially because users tend to reuse passwords, says Vikas Malhotra. Passwords are not going anywhere, he says. The LastPass India country manager also discusses password management and managing identities.
Researchers at BitSight say a common GPS tracker used in fleet management by organizations around the globe could be used by hackers to abruptly stop vehicles on highways or disable a car for ransom. Chinese manufacturer MiCODUS hasn't responded to researchers or U.S. officials.
The U.S. Cybersecurity and Infrastructure Security Agency will open a London office as a first step to building an international presence it hopes will result in more threat indicator data, improved international cybersecurity and more foreign governments adopting similar cybersecurity policies.
The Albanian government says a cyberattack forced the national e-services portal offline. The office of Prime Minister Edi Rama says the attack is similar to those seen in Ukraine and other European countries where there has been an uptick in cyberattacks following Russia's invasion of Ukraine.
Microsoft security researchers say they're tracking a hacking group originating in North Korea that may be a side project of an established threat actor. So far the group, which prefers the name "H0lyGh0st," appears not to have collected any ransom.
Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server. Attackers stole online session cookies, allowing them to defeat MFA and access inboxes. From there, they emailed corporate vendors to obtain financial data.
Microsoft's July Patch Tuesday addresses 84 new security flaws. At the top of this month's "patch me first" list is CVE-2022-22047, a zero-day vulnerability that has been actively exploited in the wild. Also, Windows Autopatch rolls out this month.
Newly spotted ransomware dubbed HavanaCrypt by TrendMicro masquerades as the Google Software Update. For all its sophistication, it fails to drop a ransom note, leading researchers to speculate that it is still in development. Detect and block it before it causes more damage, the company warns.
A federal contractor that makes rocket propulsion systems will pay $9 million to settle allegations from a former executive that it misled the U.S. government over the state of its cybersecurity defenses even after it suffered nation-state hacks. Aerojet Rocketdyne is not admitting any liability.
A misconfigured Alibaba private cloud server has led to the leak of around 1 billion Chinese nationals' personal details. An unknown hacker, identified as "ChinaDan," posted an advertisement on a hacker forum selling 23 terabytes of data for 10 bitcoins, equivalent to about $200,000.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.