Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Hackers, possibly North Korea's Lazarus Group, are behind a campaign that socially engineers cryptocurrency traders into opening an Excel spreadsheet loaded with a malicious macro. Pyongyang hackers specialize in cryptocurrency theft as the regime seeks hard currency to fuel weapons development.
The 2019 seizure by U.S. law enforcement of online criminal marketplace xDedic is paying dividends for lawyers unrolling prosecutions of accused fraudsters who allegedly obtained compromised credentials from the site. The FBI and IRS estimate that xDedic facilitated more than $68 million in fraud.
Thousands of Rackspace customers continue to face hosted Microsoft Exchange Server outages after the managed services giant took the offering offline after being affected by an unspecified security incident Thursday. Rackspace urges affected customers to at least temporarily move to Microsoft 365.
The U.S. federal government says the Cuba ransomware gang actively targets critical infrastructure and that its criminal efforts have netted it $60 million so far. The group has recently modified its techniques, says an alert from the FBI and the Cybersecurity and Infrastructure Security Agency.
Hackers stole customer information but not passwords when they broke into password manager LastPass' third-party cloud storage service, the company disclosed. An unauthorized party used information stolen during a dayslong incident in August to exfiltrate the data.
Acer fixed high-severity bugs that hackers could use to disable the secure boot in several laptops built by the Taiwanese manufacturer. The vulnerability could give threat actors control over operating system boot processes and allow them to disable some protection mechanisms.
India's flagship combined public medical university and hospital continues to grapple with the fallout of a cyber incident it underwent last Wednesday. Patient care services remain affected as of Tuesday as physicians and staff use manual processes in place of disabled electronic systems.
In the next three years, CISOs face daunting challenges, including rapidly changing threat vectors, new APT attacks and the implementation of new defensive solutions, says Anuprita Daga, chief information security officer and chief data protection officer at Yes Bank.
The operators behind the banking Trojan SharkBot are targeting Google Play users to spread its malware masquerading as Android file manager apps that already have tens of thousands of installations, according to researchers from Bitdefender.
A hacking-for-hire group dubbed "Bahamut" is distributing malicious apps through a fake SecureVPN website that enables Android apps to be downloaded from Google Play. Research found that hackers use malicious versions of SoftVPN, SecureVPN and OpenVPN software.
Software life cycle management has always been part of the development team, but organizations are now looking to extend the process beyond the development team to manage the entire supply chain, says Nahas Mohammed, regional sales director at GitHub India.
DevSecOps is about security enablement at every stage within the organization - the people, process and technology. To begin the DevSecOps journey, organizations should enable and empower technology teams to think about secure design first, says GitHub's Hatim Matiwala.
The U.S. government seized seven fake cryptocurrency domains used in a confidence scam based on long-term emotional manipulation of victims that netted criminals more than $10 million. Perpetrators scammed five victims by spoofing the website of the Singapore International Monetary Exchange.
Researchers say Black Basta is dropping QBot malware in a widespread ransomware campaign targeting mostly U.S.-based companies. In the group's latest campaign, attackers are again using the QakBot to install a backdoor and then drop in encryption malware and other malicious code.
A large-scale cyberespionage campaign by notorious China-based advanced persistent threat actor Mustang Panda is targeting government, academic and other sectors globally. Its main targets include Asia-Pacific organizations in Myanmar, Australia, the Philippines, Japan and Taiwan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.