Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch DDoS attacks on demand, according researchers at Bitdefender.
Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.
If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.
Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.
Microsoft is warning that attackers are exploiting a pair of critical, zero-day flaws in Windows that allow for remote code execution, which could enable a threat actor to take over an infected device. Although a patch for the flaws is not expected until April, the company described workarounds.
Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.
TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
A new variant of TrickBot, which is using remote desktop protocol brute-force methods to target potential victims and bypass security protocols, is mainly targeting telecom services in the U.S. and Hong Kong, attempting to steal intellectual property as well as financial data, according to Bitdefender.
Microsoft Edge is one of the least private web browsers, according to a security researcher in Ireland. The researcher's new academic paper says the browser sends specific device identifiers, as well as URLs that users browsed, back to the company's corporate servers.
The ACLU has filed a Freedom of Information Act lawsuit against the Department Of Homeland Security and three of its agencies in an effort to learn more about how the department uses facial recognition technology at airports and the country's borders.