Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
The U.K. National Cyber Security Center is warning that nation-state hackers and cybercriminals are exploiting a remote vulnerability in MobileIron's mobile device management tool to target organizations in the country.
Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals.
The FBI has identified nearly 100 spoofed websites that use some incarnation of the agency's name. Fraudsters and other cybercriminals potentially could leverage the sites disinformation campaigns and credential theft.
Researchers have identified a fresh variant of the Grelos skimmer that has co-opted the infrastructure that MageCart uses for its own skimming attacks against e-commerce sites, according to RiskIQ. The malware has been found on several small and mid-size e-commerce sites worldwide.
The Chinese hacking group "Cicada" is exploiting the critical Zerologon vulnerability in Windows Server as part of a cyberespionage campaign that's mainly targeting Japanese companies' locations around the world, according to the security firm Symantec.
A recently identified Chinese hacking group dubbed "FunnyDream" has targeted more than 200 government entities in Southeast Asia since 2018 as part of an ongoing cyberespionage campaign, according to research from Bitdefender.
North Korean hackers are suspected of carrying out a supply chain attack that targeted businesses in South Korea using stolen digital certificates, according to researchers with ESET. The analysts believe that this campaign is related to the Lazarus Group.
Citing human rights concerns, the European Parliament is moving toward tightening export rules for companies that sell so-called dual-use technologies, such as spyware, to countries outside the EU's 27 member countries.
A hacking operation that targeted defense contractors earlier this year was more expansive than first thought, with hackers using never-before-seen malicious tools to target specific victims, McAfee reports. A North Korean-linked APT group is suspected of carrying out the attack.
A recently identified Chinese hacking group is using multiple types of Dynamic Link Library side-loading attack techniques to target non-government organizations in Southeast Asia, especially Myanmar, according to Sophos.
The Hong Kong Monetary Authority's Cybersecurity Fortification Initiative 2.0, an updated version of a framework designed to strengthen cyber resilience in the banking and financial sector, will officially roll out in January and be implemented over the following two years.
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
Aleksandr Brovko, a Russian national, has been sentenced to eight years in federal prison for stealing personally identifiable data and online banking credentials using a botnet, according to the U.S. Justice Department. Federal prosecutors estimate the losses at $100 million.
The U.S. government has released additional details that it says further prove that an "Iranian group" sent a series of threatening emails to some Democratic voters in the weeks leading up to the 2020 elections, as part of a disinformation campaign designed to sow confusion.