Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.
Millions of GitHub repositories are vulnerable to a repository renaming flaw that could enable supply chain attacks, a new report by security firm Aqua said. It found 36,983 GitHub repositories vulnerable to repo jacking attacks, including Google and Lyft.
Europe's continued efforts to control its data will not stifle competition and are not an act of "protectionism," a top European Union official said amid growing criticism of the EU's legislative proposal to introduce stringent data-sharing requirements for businesses.
The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.
British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country's top cybersecurity agency warned in a new advisory. Lawyer are under attack from cybercriminals, nation-state groups and ransomware gangs.
Ukrainian cyber police have disrupted a fake investment scam that involved stealing cryptocurrency from the online wallets of several victims in Canada. The scammers operated out of two call centers in the Khmelnytskyi region of Ukraine, mainly targeting Ukrainian citizens living in Canada.
A top European cybercrime official extolled public-private cooperation during a Tuesday conference, saying collaboration is helping in the ongoing fight against ransomware. Consulting with cybersecurity specialists over policy is also a must, said an OECD official.
A British cyber law that criminalizes hacking is outdated, hindering law enforcement action against cyber crooks, U.K. lawmakers heard during a parliamentary hearing on cybercrime. Graeme Biggar, the director general of the U.K's National Crime Agency, said it should be an offense to steal data.
Malware developers are adopting an easy-to-use obfuscation tool that slips malware past antivirus, warn security researchers. BatCloak requires minimal programming skills to use. Among its recent successes is a recent remote access Trojan dubbed SeroXen.
European lawmakers on Thursday denounced the commercial spyware industry and chastised half a dozen member nations for deploying spyware against citizens or selling it abroad. "Spyware is part of the toolkit of authoritarians who undermine democracies," said Dutch MP Sophie in 't Veld.
European lawmakers on Wednesday voted overwhelmingly in favor of restrictions for the artificial intelligence industry, approving a regulatory package obliging generative AI model makers to mitigate societal risks and banning a slew of applications, such as biometric recognition in public places.
Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.
Fortinet has patched a critical vulnerability affecting Fortigate Secure Sockets Layer network VPN devices that allow remote network access. French security firm Olympe uncovered the vulnerability and said the flaw can be exploited without credentials and can bypass multifactor authentication.
Ukrainian cyber defenders say they've identified a cyberespionage campaign active since mid-2022 that gained unauthorized access to "several dozen" computers. A government spokesperson said Tuesday the campaign targets government agencies and media organizations.
Russian cybersecurity firm Kaspersky disclosed iOS zero-click malware on the same day the Kremlin claimed it had uncovered a U.S. intelligence smartphone spy campaign. "We have never worked with any government to insert a backdoor into any Apple product and never will," an Apple spokesperson said.
Ukrainian cyber defenders warn users for the second time this month to be aware of financially motivated phishing campaigns that load the SmokeLoader malware onto computers. Hackers behind UAC-0006 typically target computers used by accountants and look for banking and credential data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.