Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority rights and education.
An unidentified hacking group with suspected Chinese ties is targeting critical infrastructure in Southeast Asia as part of a cyberespionage campaign to exfiltrate information about the victims' SCADA systems, says a report by security firm Symantec.
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
A newly uncovered banking Trojan dubbed Vultur is targeting Android users through screen recording to capture the victims' banking credentials, a new report by security firm ThreatFabric says.
The bug hunting team at pentesting firm Haxolot.com uncovered a remote code execution vulnerability in Moodle, an open-source online learning platform widely used by universities worldwide. The flaw has since been patched.
A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the security firm Sygnia says.
A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.
Hack-for-hire group StrongPity deployed Android malware to target visitors to Syria's e-government website as part of its latest cyberespionage campaign, security firm Trend Micro reports.
Security researchers identified flaws in messaging app Telegram's cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
Attackers have been exploiting a zero-day flaw in SolarWinds' Serv-U Managed File Transfer Server and Serv-U Secured FTP software, the security software vendor warns. The company has released patched versions that mitigate the flaw, discovered by Microsoft, and is urging users to update.
Interpol has announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes. The announcement from the agency comes in the wake of rising ransomware threats to supply chains and critical infrastructure across the world.
Investment banking giant Morgan Stanley is the latest company to report a data breach tied to zero-day attacks on Accellion's legacy File Transfer Appliance - yet another indicator of the sustained impact of supply chain attacks.
Microsoft's emergency, out-of-band patch for a critical remote code vulnerability dubbed "PrintNightmare" falls short in addressing the local privilege escalation part of the flaw, according to security researchers.
U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially affecting scores of managed service providers and their clients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
