Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
A novel side-channel attack exploits radio signals emitted by random access memory in air-gapped computers, presenting a new threat to highly secure networks. One of the most effective ways to mitigate the risk is to cover sensitive machines with Faraday shielding.
Operators behind a mysterious botnet named for a TCP routing port number are expanding the universe of targeted devices and taking steps to hide their infrastructure, warn Sekoia researchers. The 7777 - or Quad7 - botnet appears to have emerged in 2023.
Progress Software released an urgent patch Thursday to fix a critical vulnerability that hackers could exploit to launch remote attacks. The company is no stranger to urgent patching. It was at the center of a Memorial Day 2023 mass hacking incident.
A Chinese-speaking hacking group is targeting drone manufacturers in Taiwan and other military-related industries on the island country located roughly 100 miles from mainland China. Trend Micro on Friday said it tracks the threat actor as "Tidrone."
Cybercriminals are using a critical remote code execution vulnerability in an open-source geospatial data platform to spread malware globally across several industries. GeoServer Project maintainers released a patch on July 1. The vulnerability has a CVSS score of 9.8 out of 10.
The FBI had a loose hard disk disposal problem that auditors say put classified information at risk. The bureau, auditor said, has a tracking system for obsolete computers and servers earmarked for destruction - but not for storage media extracted from the computer chassis.
Iranian operatives stepped up influence and hacking operations against U.S. targets as presidential election ramps up for its final months, Microsoft warned on Thursday. Iran is one of a handful of authoritarian countries that use hacking and disinformation to undermine American democracy.
Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.
Software used to manage a fifth of the world's solar electricity contained flaws enabling full access to attackers, risking grid overloads and blackouts. Solar power accounts for a sliver of overall U.S. electricity generation but will make up half of domestic electricity generation by 2050.
A zero-day pre-authentication vulnerability in Apache OFBiz is putting critical business functions at risk by enabling unauthorized remote code execution. The vulnerability's root cause lies in a flaw in OFBiz's authentication mechanism.
A vulnerability in Rockwell Automation's ControlLogix 1756 devices allows attackers to bypass a critical security feature, turning the trusted slot mechanism into a hacker's secret passageway to jump between slots and gain access to industrial control systems.
A newly discovered remote access Trojan is attacking Android users primarily to initiate money transfers on infected devices, but it has an additional capability: It can wipe the infected device once it's done. BingoMod masquerades as a mobile security tool.
Maritime facilities and ports in the Indian Ocean and Mediterranean Sea have become targets of spear-phishing attacks in a cyberespionage campaign that BlackBerry's Threat Research and Intelligence team attributes to SideWinder, a suspected India state-sponsored threat group.
Ransomware hackers discovered a way to gain full administrative privileges on VMware ESXi hypervisors connected to Microsoft's Active Directory, a finding that resulted in extortion demands from cybercriminals, including Storm-0506, Storm-1175, Octo Tempest and Manatee Tempest.
Hackers apparently stymied by improved network detection of malware are turning to fake GitHub repositories to host malicious links and archives embedded with viruses. A threat actor dubbed "Stargazer Goblin" is a step beyond hackers who merely use GitHub repositories to host malicious code.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.