Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold. Meanwhile, Linux OS users also need to adopt system upgrades to fix a flaw, and Oracle and Juniper have announced product patches.
APT 31, a China-linked hacking group, is targeting French organizations by exploiting home and office routers in an espionage campaign, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France, or ANSSI.
Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in February that resulted in unauthorized access to certain data about its clients.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
In an emergency directive, the U.S. Cybersecurity and Infrastructure Security Agency calls on federal agencies to immediately implement a patch to address the "PrintNightmare" Windows Print Spooler service flaw and disable the service on servers on Microsoft Active Directory domain controllers.
Researchers at the security firm ESET have uncovered an ongoing espionage campaign using an updated variant of Bandook spyware to target corporate networks in Venezuela and other nations in Latin America.
Update: The Cybersecurity and Infrastructure Security Agency reported Tuesday that Microsoft has released an emergency out-of-band security update to address the "PrintNightmare" Windows Print spooler service flaw.
At least seven companies with annual revenue of over $1 billion have been hit so far this year by Hades ransomware, according to an Accenture Security report.
Taiwanese networking device manufacturer Zyxel is notifying customers about an ongoing series of attacks on some of its enterprise firewall and VPN products and is advising users to maintain proper remote access security policies as it prepares a hotfix.
Microsoft recently released updates for its Edge browser, including a fix for a bypass vulnerability that could allow a remote attacker to bypass implemented security restrictions.
Two brothers who run Africrypt, a currency exchange service based in Johannesburg, South Africa, have been accused by law firm Hanekom Attorneys, acting on behalf of investors, of 'vanishing' along with $3.6 billion in cryptocurrency investments.
A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.
A bill introduced this week in the Australian Parliament would make it mandatory for organizations based in the country to report to the Australian Cyber Security Center any payments they plan to make to ransomware gangs.
The Indian government has set up the Citizen Financial Cyber Fraud Reporting and Management System to report, track - and ultimately freeze - the proceeds of cyberattack-induced financial theft.
The Korea Atomic Energy Research Institute, a South Korean organization, confirms it was recently hacked, apparently by a North Korean group that exploited a VPN vulnerability.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
