Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.
The Lazarus Group, which has ties to the North Korean government, recently targeted an employee of a cryptocurrency exchange with a fake job offer in order to plant malware and steal virtual currency, according to F-Secure.
State CISOs are finding it challenging to meet the needs for risk management and new cybersecurity investments at a time when tax revenue continues to shrink during the COVID-19 pandemic and agencies are expecting budget cuts.
The FBI and CISA warn that hackers are increasingly using voice phishing, or vishing, to target employees who are working from home due to the COVID-19 pandemic, steal their credentials and other data and use the information to launch other attacks or to steal financial data.
The COVID-19 pandemic is forcing big businesses to rethink their security plans. For example, the National Football League is experimenting with "zero trust" architectures, while Jet Blue is focusing on more frequent risk assessments.
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
A new study from Sophos describes how the Dharma ransomware-as-a-service model offers low-skilled hackers the ability to profit from attacks on unprotected small businesses.
Two critical, zero-day vulnerabilities affecting Internet Explorer and multiple versions of the Windows operating system are being exploited in the wild, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency warn, urging prompt patching.
Malwarebytes reports that a newly discovered phishing campaign is spoofing a U.S. Small Business Administration loan offer in an attempt to steal banking credentials and other personal data.
President Donald Trump, citing national security concerns, has signed two executive orders that will ban the Chinese-owned social media platforms TikTok and WeChat from the U.S. within 45 days. The orders appear designed to accelerate the sale of the two platforms to American firms.
Several Canon USA corporate websites remained offline Friday after the company reportedly sustained a ransomware attack. Earlier, the imaging company reported user data was missing from a cloud database.
WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.
The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.
Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.
Fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials, according to the security firm Abnormal Security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
