Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
Attackers co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion, a new report by security firm Group-IB finds.
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that attackers could used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
Exim, one of the most-used message transfer agents, has issued patches for 21 flaws that could put thousands of users at risk of attacks, researchers at security firm Qualys say.
A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The developer of Berkeley Internet Name Domain, or BIND 9, an open-source implementation of domain name systems, is advising users to mitigate three vulnerabilities that attackers could remotely exploit to cause systems to crash or become inaccessible.
A Chinese advanced persistent threat group known as Naikon deployed a new malware backdoor to wage a lengthy cyberespionage campaign against military organizations in Southeast Asia, security firm Bitdefender reports.
The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.
The Babuk ransomware gang is taking credit for an attack against the Metropolitan Police Department of Washington, D.C., and threatening to post exfiltrated data if a ransom is not paid. The department confirms that attackers accessed its network, but it's offering no further details.
A Russian botnet group called Prometei is exploiting unpatched Microsoft Exchange Server vulnerabilities to mine cryptocurrency across the world, a new report by security firm Cybereason finds.
Facebook says it disrupted two Palestinian advanced persistent threat groups that targeted victims across the Middle East as part of cyberespionage campaigns. The groups used malware and advanced social engineering tactics to target journalists, human rights activists and military groups.
Joker malware has targeted more than 500,000 Android devices across the world through malicious apps in AppGallery, the official app store of Huawei, according to the security firm Doctor Web.
The University of Hertfordshire has sustained a cyber incident that severely affected students' online classes and an assignment submission portal. The university, however, notes the incident did not lead to data theft.
The Russian state-sponsored group Fancy Bear was responsible for breaches at the Swedish Sports Confederation that resulted in hackers accessing sensitive athlete information, including doping test results, according to the Swedish Prosecution Authority. But Sweden will not pursue legal action in the case.
President Joe Biden is asking Congress to boost CISA's budget by $110 million to help enable the agency to address a range of cybersecurity issues following several high-profile incidents in the past six months.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
