Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.
Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthenticated attackers within the same network to execute arbitrary code.
Don't pull data from an operational technology network: OT networks should push data out. Segment critical OT networks. Don't introduce cybersecurity systems into an OT network unless administrators can guarantee they won't hinder a restart after a complete loss of electricity.
Rackspace confirmed that criminals exploited a zero day vulnerability in a ScienceLogic third-party application, forcing the cloud-hosting provider to take monitoring dashboards offline. ScienceLogic confirmed it issued a patch for the zero-day remote code execution vulnerability.
Now patched vulnerabilities in online services from carmaker Kia allowed attackers to remotely control vehicle functions using only a license plate number, putting millions of cars at risk. The flaws were present in the South Korean automaker's official website for owners and in its iOS app.
Attackers can exploit a series of vulnerabilities in the OpenPrinting Common Unix Printing System utility to remotely execute arbitrary code on certain machines. Major Linux distributions reacted Friday by releasing patches. Exploitation requires a victim to attempt to print from a malicious device.
Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberattacks that cause physical damage.
FBI and U.S. Department of Homeland Security officials are in Arkansas City, Kansas, to investigate a cyberattack at the city's water treatment facility. "There has been no disruption to service. Out of caution, the Water Treatment Facility has switched to manual operations," said the city manager.
A new version of the Octo Android malware is spreading across Europe, posing as legitimate apps such as NordVPN and Google Chrome. The latest iteration includes advanced anti-detection mechanisms and a domain generation algorithm for command-and-control communication.
A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.
A North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an apparent attempt at a supply chain attack.
A Chinese state-sponsored botnet called Raptor Train has infected more than 260,000 IoT and office network devices to target critical infrastructure globally. The hackers used zero-days and known vulnerabilities to compromise more than 20 different types of devices to expand their botnet.
Google patched a critical remote execution vulnerability in its cloud platform Cloud Composer service, "CloudImposer," which could have allowed attackers to compromise millions of servers, say researchers from Tenable. The CloudImposer vulnerability could lead to the Jenga Tower effect.
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.
A Chinese search engine optimization operation hacked more than 35 web servers and stole credentials in a campaign to boost the online rankings of malicious porn sites. Researchers from Cisco Talos dubbed the threat cluster DragonRank.
Up-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.