Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Hundreds of laptop and server models from mainstream manufacturers are at risk of hacking that bypasses protections meant to ensure only trusted software can load during computer bootup, warn researchers from California supply chain startup Binarly.
Phishing hackers have developed a new technique for smuggling malware past secure email gateway defenses, said researchers at Cofense who uncovered a recent info stealer campaign. "I honestly think that it was someone testing the water to see if it would work - and it did work," a researcher said.
Hackers used novel malware to knock out the heating system for 600 apartment buildings during the winter in Ukraine, in a development that poses a wider threat for critical infrastructure. Cybersecurity researchers at Dragos on Tuesday dubbed the new malware "FrostyGoop."
Security researchers say they've traced a spate of backdoor attacks during 2021 against pro-democracy activists in Hong Kong to a Chinese cyberespionage group that has recently retooled its arsenal. The group is tracked by the Symantec Threat Hunter Team as Daggerfly.
Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.
Banks, airlines, media giants and others are being disrupted by a mass, global IT outage tied to Windows PCs. While CrowdStrike has issued a workaround tied to a Falcon software update that appears to be the culprit, many IT administrators say it so far remains difficult to implement at scale.
A new artificial intelligence-based protection system developed by the German government-funded SecDER project is revolutionizing the security of virtual power plants by detecting cyberattacks and predicting failures, according to Fraunhofer SIT Institute Darmstadt.
As the investigation of the attempted assassination of former President Trump unfolds, authorities and cybersecurity experts advise individuals and organizations to beware of online threats in the forms of physical violence, nation-state disinformation and cybercrime campaigns.
A critical vulnerability in Exim Mail Transfer Agent enables threat actors to bypass email security filters and deliver malicious attachments directly to user inboxes. Nearly 5 million servers could be vulnerable, but only 82 public-facing servers have updated to the patched release, Exim 4.98.
A relatively new threat actor has compromised over 1,500 organizations worldwide since February, using open-source security tools to automate and streamline attack processes. Security researchers have tracked a significant escalation in CRYSTALRAY operations.
Multiple threat actors began exploiting a critical vulnerability in PHP within a day of its public disclosure last month and are moving quickly to infect systems with malware, according to a report by the Akamai Security Intelligence Response Team. Administrators are advised to patch immediately.
Microsoft has found critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers, potentially compromising industrial operations.
Multiple critical vulnerabilities in Emerson Rosemount 370XA gas chromatographs could allow malicious actors to access sensitive data, cause denial-of-service conditions and execute arbitrary commands. Emerson recommends that end users update the firmware on the products.
Vulnerabilities in internet-connected temperature monitoring devices - and an accompanying desktop application - mainly used in hospitals could be exploited by hackers to exfiltrate sensitive data or compromise temperature monitoring integrity, researchers warn.
A vulnerability in a common implementation of the firmware booting up desktop computers powered by Intel chips could allow attackers to obtain ongoing persistence, warn security researchers. The flaw is a buffer overflow vulnerability in the Phoenix Technologies SecureCore UEFI implementation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.