Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.
Multiple Chinese hacking groups are using a botnet named for a TCP routing port number to conduct password spraying attacks, warned Microsoft Thursday. The Quad7 operators are almost certainly located in China. Botnet activity can be difficult to monitor.
A ransomware attack on German pharmaceutical distributor AEP detected Monday has not led to medication shortages so far, report local media. AEP disclosed Wednesday that hackers successfully encrypted some of its IT systems. Pharmacies usually work with several wholesalers.
Firewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation-state tactic.
Large language models developed by Meta and Mistral AI are among a dozen artificial intelligence models that fail to meet the cybersecurity and fairness requirements of the European Union AI Act, which went into effect on Aug. 1, said developers of a new open-source AI evaluation tool.
A Russian-state hacking group is posing as Microsoft employees and sending malicious configuration files as email attachments to target organizations across the world. The campaign has the hallmarks of a Midnight Blizzard phishing campaign although its use of an RDP configuration file is novel.
Dependence on foreign capital in the United Kingdom for investments into artificial intelligence will stymie British technological progress, a parliamentary committee heard Tuesday. An absence of capital makes it hard for British firms to scale operations, said Michael Holmes, CEO at Scale Space
The foreign minister of Italy condemned Monday as a threat to democracy the private investigation firm that prosecutors in Milan say illegally accessed government databases for years to assemble illicit dossiers. Four individuals are under house arrest.
Security researchers found backdoored software packages in the NPM software library, apparent evidence of an ongoing campaign by North Korean hackers to social engineer coders into installing infostealers. Pyongyang hackers have a history of bizarre methods for stealing money.
The Irish Data Protection Commission imposed a 310 million euro fine on LinkedIn for violating a European privacy law stemming from the company's use of customer data. It ordered the social media platform to bring its data processing under compliance.
Researchers at Mandiant say a new threat cluster, first observed June 27, has been exploiting a Fortinet zero-day that the network edge device manufacturer publicly disclosed Wednesday. Researchers said they can't assess the threat actor's motivation or location.
The U.K. government should work ahead of a June deadline to retain its status as a trusted host of European commercial and law enforcement data, urged the head of a parliamentary committee. The economic value of an EU "adequacy agreement" is "substantial," wrote Peter Ricketts.
Security researchers have developed an AI tool that can detect remote code flaws and arbitrary zero-day code in software. Protect AI applied the tool to nearly 10,000 GitHub projects and on CVSS data and uncovered local file inclusion, cross-site scripting and remote code flaws in APIs.
The U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.
The U.K. experienced a 50% spike in cybersecurity incidents posing national security risks this year, according to NCSC CEO Richard Horne. Growing advancements in emerging tech are widening the gap between offensive and defensive cyber capabilities, he warned.
Intesa Sanpaolo bank of Italy this week told the country's data regulator that an employee - who has since been fired - accessed sensitive banking details of the country's prime minister and other politicians for years. The Italian Data Protection Authority is investigating the data breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.