Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.
Nigerian cybercriminal gangs have become even more proficient in waging business email compromise attacks, according to an analysis from Palo Alto Network's Unit 42 that describes recent trends.
If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.
Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.
Microsoft is warning that attackers are exploiting a pair of critical, zero-day flaws in Windows that allow for remote code execution, which could enable a threat actor to take over an infected device. Although a patch for the flaws is not expected until April, the company described workarounds.
Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.
TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
A new variant of TrickBot, which is using remote desktop protocol brute-force methods to target potential victims and bypass security protocols, is mainly targeting telecom services in the U.S. and Hong Kong, attempting to steal intellectual property as well as financial data, according to Bitdefender.
Microsoft Edge is one of the least private web browsers, according to a security researcher in Ireland. The researcher's new academic paper says the browser sends specific device identifiers, as well as URLs that users browsed, back to the company's corporate servers.
An unsecured Amazon Web Services S3 bucket left 425 GB of financial data, including credit reports, bank statements and more, exposed to the internet, according to a VPN Mentor researcher.
The ACLU has filed a Freedom of Information Act lawsuit against the Department Of Homeland Security and three of its agencies in an effort to learn more about how the department uses facial recognition technology at airports and the country's borders.
Payment card data stolen last year when hackers compromised online stores that were using the Volusion checkout platform is now surfacing on dark web sites and forums, according to Gemini Advisory.
The FBI has arrested a Russian national who allegedly ran an online forum that enabled cybercriminals to buy and sell stolen data and personally identifiable information.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.
