Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.
Software used to manage a fifth of the world's solar electricity contained flaws enabling full access to attackers, risking grid overloads and blackouts. Solar power accounts for a sliver of overall U.S. electricity generation but will make up half of domestic electricity generation by 2050.
A zero-day pre-authentication vulnerability in Apache OFBiz is putting critical business functions at risk by enabling unauthorized remote code execution. The vulnerability's root cause lies in a flaw in OFBiz's authentication mechanism.
A vulnerability in Rockwell Automation's ControlLogix 1756 devices allows attackers to bypass a critical security feature, turning the trusted slot mechanism into a hacker's secret passageway to jump between slots and gain access to industrial control systems.
A newly discovered remote access Trojan is attacking Android users primarily to initiate money transfers on infected devices, but it has an additional capability: It can wipe the infected device once it's done. BingoMod masquerades as a mobile security tool.
Maritime facilities and ports in the Indian Ocean and Mediterranean Sea have become targets of spear-phishing attacks in a cyberespionage campaign that BlackBerry's Threat Research and Intelligence team attributes to SideWinder, a suspected India state-sponsored threat group.
Ransomware hackers discovered a way to gain full administrative privileges on VMware ESXi hypervisors connected to Microsoft's Active Directory, a finding that resulted in extortion demands from cybercriminals, including Storm-0506, Storm-1175, Octo Tempest and Manatee Tempest.
Hackers apparently stymied by improved network detection of malware are turning to fake GitHub repositories to host malicious links and archives embedded with viruses. A threat actor dubbed "Stargazer Goblin" is a step beyond hackers who merely use GitHub repositories to host malicious code.
Hundreds of laptop and server models from mainstream manufacturers are at risk of hacking that bypasses protections meant to ensure only trusted software can load during computer bootup, warn researchers from California supply chain startup Binarly.
Phishing hackers have developed a new technique for smuggling malware past secure email gateway defenses, said researchers at Cofense who uncovered a recent info stealer campaign. "I honestly think that it was someone testing the water to see if it would work - and it did work," a researcher said.
Hackers used novel malware to knock out the heating system for 600 apartment buildings during the winter in Ukraine, in a development that poses a wider threat for critical infrastructure. Cybersecurity researchers at Dragos on Tuesday dubbed the new malware "FrostyGoop."
Security researchers say they've traced a spate of backdoor attacks during 2021 against pro-democracy activists in Hong Kong to a Chinese cyberespionage group that has recently retooled its arsenal. The group is tracked by the Symantec Threat Hunter Team as Daggerfly.
Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.
Banks, airlines, media giants and others are being disrupted by a mass, global IT outage tied to Windows PCs. While CrowdStrike has issued a workaround tied to a Falcon software update that appears to be the culprit, many IT administrators say it so far remains difficult to implement at scale.
A new artificial intelligence-based protection system developed by the German government-funded SecDER project is revolutionizing the security of virtual power plants by detecting cyberattacks and predicting failures, according to Fraunhofer SIT Institute Darmstadt.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.