Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.
Cybercriminals are disguising malware as phony browser updates on compromised websites. Fraudulent updates for Chrome, Firefox and Edge browsers are luring unsuspecting users into downloading malware that can steal data, take over devices or deploy ransomware.
Microsoft fixed three zero-days under actively exploitation in its patch dump for the month of October: A disclosure flaw in WordPad that can be exploited to obtain hashed passwords, a bug in Skype for Business and a patch to fix exposure to the Rapid Reset exploit.
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
Microsoft says it spotted an unusual hacking campaign in which hackers attempted to move laterally through the Azure cloud after compromising a virtual SQL server. It marks the first time that computing giant defenders have seen a lateral movement attempt with SQL Server as the starting point.
Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.
Android banking Trojan Xenomorph has resurfaced in a new campaign targeting cryptocurrency wallets and various financial institutions. The malware has been actively targeting users in Europe and is now focused on institutions in the United States, Canada, Spain, Italy, Portugal and Belgium.
Security researchers discovered a novel backdoor targeting a governmental agency in the Middle East for espionage purposes. Deadglyph is unique because it's made up of different parts written in different programming languages: native x64 binary and a .NET assembly.
The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U.S. authorities. The group operates on a ransomware-as-a-service model.
Chinese-speaking hackers associated with criminal activity have redoubled efforts to target compatriots with malware to remotely control victim computers, pointing to a worrying surge in financially driven activity in the Sino cyber underworld, say researchers at Proofpoint.
Multiple hackers are minting newer capabilities from an open-source information stealer to spawn new variants. The malware steals sensitive information such as corporate credentials, which are resold to other threat actors for attacks, including operations related to espionage or ransomware.
A cyberespionage campaign by a well-funded but lesser-known hacking group is using previously unknown backdoors to hack government agencies and tech companies. The group, dubbed Earth Estries by Trend Micro, appears well practiced in cA cyberespionage campaign by a well-funded but lesser-known hacking group is using...
Hackers are deploying a novel Android malware using an uncommon communication method to steal banking login data from compromised devices primarily in Southeast Asia. Users download the malware from phishing websites disguised as app stores that target Vietnamese and Thai speakers.
A backdoor Trojan known as SmokeLoader is deploying a customized Wi-Fi scanning executable to triangulate the location of infected Windows devices. The malware, dubbed "Whiffy Recon," uses nearby Wi-Fi access points as a data point for Google's geolocation API.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.