Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Hackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warned Microsoft. "I want to buy a car," the hackers tell victims in a note and solicit monero donations.
Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
Financially motivated hackers are using the oldie-but-goodie technique of hiding malicious code in digital images to target businesses in Latin America, say security researchers. One image containing a PowerShell script results in Agent Tesla being loaded on the victim computer.
North Korean hackers with an affinity for establishing rapport with targets via social engineering and email are getting smarter about bypassing anti-spam protections and using tracking pixels, say researchers. The group, codenamed Kimsuky, has been operational since 2012.
Israel Defense Forces reported the launch of rockets by Iran from Lebanon into Israel on Saturday. Hezbollah militants claim responsibility, citing retaliation for recent Israeli actions and solidarity with Palestinians in Gaza, according to reports.
Threat actors behind malware distribution platform Raspberry Robin worm have shifted tactics to make the malware harder to detect and for researchers to analyze. Hackers deploying Raspberry Robin - often a precursor to a ransomware attack - now use Windows Script Files.
A financially motivated threat group used a script apparently coded by artificial intelligence to download an info stealer onto victim computers. The script, used to load the Rhadamanthys info stealer, contains "grammatically correct and hyper specific comments above each component of the script."
Network-attached storage manufacturer D-Link says owners of devices vulnerable to remote takeover exploits should suck it up and buy a replacement. Internet scans have tallied the number of affected NAS devices - a handful of servers released on average a decade ago - at more than 92,000.
Security researchers are warning about a relatively new malware called Latrodectus, believed to be an evolutionary successor to the IcedID loader. It has been detected in malicious email campaigns since November 2023, and recent enhancements make it harder to detect and mitigate.
IT and OT security experts say threats to shipping underscore the need for more stringent regulations for passenger, cargo and high-speed vessels by the International Association of Classification Societies. The new IACS cybersecurity and resilience requirements will go into effect July 1.
OpenAI CEO Sam Altman no longer owns the company's $325 million venture capital fund launched with backing from Microsoft. Altman's role as the fund's sole owner raised eyebrows although OpenAI said the arrangement was always meant to be temporary.
Threat actors are sending SMS texts to trick banking customers into downloading new and improved Vultur banking malware that interacts with infected devices and alters files. Vultur typically misuses legitimate applications, enabling remote access to the VNC server on targeted devices.
An active attack campaign dubbed ShadowRay is targeting the widely used Ray open-source artificial intelligence scaling framework. It stems from a vulnerability that researchers say is a flaw but that Ray's developers say is a deliberate design choice.
Iran-aligned threat actor TA450, also called MuddyWater, is using fake salary, compensation and financial incentive emails to trick Israeli employees at multinational organizations into clicking malicious links, according to researchers at security firm Proofpoint.
A new type of denial-of-service threat can disrupt an estimated 300,000 internet hosts that are at risk of exploitation. Researchers at the CISPA Helmholtz Center for Information Security say attackers are using IP spoofing to entangle two servers in a perpetual communication loop.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.