Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
Federal investigators have seized two domains impersonating the pharmaceutical firms Moderna, which has begun shipping a COVID-19 vaccine, and Regeneron, which developed a treatment for COVID-19, according to the U.S. Justice Department. Fraudsters were using the websites for identity theft.
The FBI is warning of increased activity - including disruption of a police dispatch system - by the operators of DoppelPaymer, a ransomware variant linked to high-profile attacks over the last several months. The cybercriminals also are calling victims to pressure them into paying ransoms.
Assets worth $4 million have been seized by authorities in Singapore from the former CEO of Phantom Secure, a now-defunct encrypted telecommunications services provider that offered services to transnational organized criminal syndicates, according to the U.S. Justice Department.
A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices that exploit at least 31 vulnerabilities, according to Juniper Threat Labs.
An updated version of the AgentTesla information-stealing malware now boasts additional data harvesting capabilities, including the ability to target more web browsers and email clients, according to Cofense. The malware has become popular with fraudsters and BEC gangs.
Several recent ransomware attacks, including those involving Ryuk and Egregor, have used a commodity malware variant called SystemBC as a backdoor, according to Sophos.
Researchers with Palo Alto Networks' Unit 42 are tracking a relatively new cryptomining botnet called "PGMiner," which is targeting PostgreSQL database servers to illegally mine for monero. Currently, the malware only targets Linux-based database servers.
Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations and then demanding payment, according to Guardicore Labs. The attackers are also selling access to over 250,000 stolen databases.
CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.
A former Cisco engineer has been sentenced to serve two years in federal prison after pleading guilty to charges that he hacked his former company, causing $1.4 million in damages.
The Norwegian parliament's investigation into the hacking of email accounts of some elected officials and government employees in August has found that the Russia-linked group APT28, also known as Fancy Bear, is likely responsible.
Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
A hacking group behind an Android spyware variant has recently added fresh capabilities that include the ability to snoop on private chats on Skype, Instagram and WhatsApp, according to ReversingLabs. This APT group, believed to be tied to Iran, has recently been sanctioned by the U.S. Treasury Department.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Another federal judge is blocking the Trump administration's attempt to ban the Chinese-made social media app TikTok from being used in the U.S. The White House claims that the data the app collects on American users poses a national security threat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
