Profile of Jai Vijayan

Contributing Writer

News & Commentary Posts: 971

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.

Articles by Jai Vijayan

View Content By Month

Indictments Unlikely to Deter China's APT41 Activity

9/17/2020
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.
Post a Comment

What's on Your Enterprise Network? You Might Be Surprised

9/16/2020
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
Post a Comment

How IT Security Organizations are Attacking the Cybersecurity Problem

9/16/2020
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Post a Comment

More Cyberattacks in the First Half of 2020 Than in All of 2019

9/15/2020
The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
Post a Comment

Large Cloud Providers Much Less Likely Than Enterprises to Get Breached

9/14/2020
Pen-test results also show a majority of organizations have few protections against attackers already on the network.
Post a Comment

Cyber-Risks Explode With Move to Telehealth Services

9/10/2020
The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest.
Post a Comment

Ransomware Attacks Disrupt School Reopenings

9/9/2020
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.
Post a Comment

Facebook Announces Formal Vulnerability Disclosure Policy for Third-Party Bugs

9/3/2020
The social media giant has also launched a new website for sharing information on WhatsApp security.
Post a Comment

Most IoT Hardware Dangerously Easy to Crack

9/2/2020
Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
Post a Comment

5 Tips for Triaging Risk from Exposed Credentials

9/2/2020
Not all exposed usernames and passwords present a threat. Here's how to quickly identify the ones that do.
Post a Comment

New Threat Activity by Lazarus Group Spells Trouble for Orgs

9/1/2020
The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say.
Post a Comment

Old Malware Tool Acquires New Tricks

8/27/2020
Latest version of Qbot has acquired a new feature for collecting email threads from Outlook clients.
Post a Comment

'Transparent Tribe' APT Group Deploys New Android Spyware for Cyber Espionage

8/26/2020
The group, which has been around since at least 2013, has impacted thousands of organizations, mostly in India.
Post a Comment

MITRE Releases 'Shield' Active Defense Framework

8/24/2020
Free knowledge base offers techniques and tactics for engaging with and better defending against network intruders.
Post a Comment

Sophisticated P2P Botnet Targeting SSH Servers

8/19/2020
'FritzFrog' is fileless, uses its own proprietary P2P implementation, and has breached at least 500 servers so far, Guardicore says.
Post a Comment

Ransomware Attack on Carnival May Have Been Its Second Compromise This Year

8/18/2020
Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June.
Post a Comment

Reported Breach Count for H1 2020 Lowest in Five Years

8/17/2020
While reported breach numbers are down, a handful of "mega" breaches resulted in more data records being exposed than ever before, analysis shows.
Post a Comment

Business Email Compromise Attacks Involving MFA Bypass Increase

8/13/2020
Adversaries are using legacy email clients to access and take over accounts protected with strong authentication, Abnormal Security says.
Post a Comment

Adaptive Shield Emerges From Stealth

8/13/2020
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
Post a Comment

Researchers Trick Facial-Recognition Systems

8/11/2020
Goal was to see if computer-generated images that look like one person would get classified as another person.
Post a Comment

Researchers Create New Framework to Evaluate User Security Awareness

8/6/2020
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
Post a Comment

Energy Market Manipulation with High-Wattage IoT Botnets

8/6/2020
Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.
Post a Comment

DDoS Attacks Doubled in Q2 Compared with Prior Quarter

8/5/2020
Most attacks were small, but the big ones got bigger than ever, Cloudflare says.
Post a Comment

DHS Urges 'Highest Priority' Attention on Old Chinese Malware Threat

8/3/2020
"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008.
Post a Comment

Ill-Defined Career Paths Hamper Growth for IT Security Pros

7/30/2020
Appsec and cloud security skills are the most in demand, and a shortage of staff is wearing on security teams, a new study shows.
Post a Comment

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

7/29/2020
More than 130 security researchers and developers are ready to showcase their work.
Post a Comment

Average Cost of a Data Breach: $3.86 Million

7/29/2020
New IBM study shows that security system complexity and cloud migration can amplify breach costs.
Post a Comment

Organizations Continue to Struggle With App Vulns

7/24/2020
A high percentage of discovered bugs remain unremediated for a long time, a new study shows.
Post a Comment

Twitter Breach a Reminder of Need to Protect Corporate Social Media Use

7/23/2020
Intruders had access to direct messages associated with 36 accounts in last week's attack, social media giant discloses.
Post a Comment

Surge in Consumer-Grade IoT Devices Undermining Enterprise Security

7/22/2020
Individuals and business groups are connecting everything from Amazon Echo devices to data-sampling sensors on networks with sensitive systems with little regard to safety, two reports show.
Post a Comment

US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research

7/21/2020
Pair working on behalf of themselves and China's Ministry of State Security, Justice Department says.
Post a Comment

Twitter Breach Highlights Privileged Account Security Issue

7/20/2020
Security incident that allowed attackers to hijack high-profile accounts suggests social media giant's controls for spotting insider abuse were not strong enough, security experts say.
Post a Comment

Twitter Attack Raises Concerns Over its Internal Controls

7/16/2020
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.
Post a Comment

Vulns in Open Source EHR Puts Patient Health Data at Risk

7/15/2020
Five high-risk flaws in health IT software from LibreHealth, a researcher at Bishop Fox finds.
Post a Comment

New Mirai Variant Surfaces with Exploits for 9 Vulnerabilities Products

7/14/2020
Impacted products include routers, IP cameras, DVRs, and smart TVs.
Post a Comment

Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers

7/10/2020
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
Post a Comment

'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store

7/9/2020
Authors of the malware, which signs up mobile users for premium services, are repeatedly finding ways to bypass app review checks.
Post a Comment

Study Finds 15 Billion Stolen, Exposed Credentials in Criminal Markets

7/8/2020
Data is fueling account takeover attacks in a big way, Digital Shadows says.
Post a Comment

Microsoft Seizes Domains Used in COVID-19-Themed Attacks

7/7/2020
Court grants company's bid to shut down infrastructure used in recent campaigns against Office 365 users.
Post a Comment

North Korea's Lazarus Group Diversifies Into Card Skimming

7/6/2020
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.
Post a Comment

Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign

7/1/2020
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.
Post a Comment

FCC Designates Huawei & ZTE as National Security Threats

6/30/2020
Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
Post a Comment

3 Years After NotPetya, Many Organizations Still in Danger of Similar Attacks

6/30/2020
The same gaps that enabled ransomware to spread remain in patching, network segmentation, backup practices, security experts say.
Post a Comment

Major US Companies Targeted in New Ransomware Campaign

6/26/2020
Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec.
Post a Comment

Criminals Turn to IM Platforms to Avoid Law Enforcement Scrutiny

6/25/2020
Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.
Post a Comment

7 Tips for Effective Deception

6/25/2020
The right decoys can frustrate attackers and help detect threats more quickly.
Post a Comment

Attackers Scanning for PoS Software in New Sodinokibi Ransomware Campaign

6/23/2020
Making extra money from victims appears to be the goal, Symantec says.
Post a Comment

Cisco Patches Flaw in Webex Videoconferencing App

6/18/2020
Vulnerability would have allowed an attacker to gain access to sensitive information on a system, Trustwave's SpiderLabs says.
Post a Comment

Lazarus Group May Have Been Behind 2019 Attacks on European Targets

6/17/2020
Telemetry hints that the North Korean actor was behind major cyber-espionage campaign focused on military and aerospace companies, ESET says.
Post a Comment

83% of Forbes 2000 Companies' Web Domains Are Poorly Protected

6/16/2020
Only a handful have controls against domain-name hijacking, DNS modifications, and other threats, a new CSC study finds.
Post a Comment

Intel Tackles Malware Related to Memory Security at Hardware Level

6/15/2020
New control-flow enforcement technology will become available with upcoming Tiger Lake mobile processor, chipmaker says.
Post a Comment

15 Individuals Plead Guilty to Multimillion-Dollar Online Auction Fraud Scheme

6/12/2020
Members of Romanian gang used fraudulent ads for nonexistent products to extract money from US Internet users, DoJ says.
Post a Comment

FBI Says Sudden Increase in Mobile Banking Is Heightening Risks For Users

6/11/2020
Mobile malware and fake apps purporting to be legitimate banking software are big risks, law enforcement agency says.
Post a Comment

Rate of Ransomware Attacks in Healthcare Slows in H1 2020

6/10/2020
But lull is unlikely to continue for long, some security experts say.
Post a Comment

Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk

6/9/2020
"CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.
Post a Comment

DARPA Launches Bug Bounty Program

6/8/2020
Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.
Post a Comment

Q&A: Eugene Spafford on the Risks of Internet Voting

6/5/2020
Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.
Post a Comment

Kaspersky IDs Sophisticated New Malware Targeted at Air-Gapped Systems

6/3/2020
'USBCulprit' is one of several tools that suggest previously known Cycldek group is more dangerous than previous assumed, security vendor says.
Post a Comment

Mobile Phishing Attacks Increase Sharply

6/2/2020
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
Post a Comment

Data on Indian Mobile Payments App Reportedly Exposed via Open S3 Bucket

6/1/2020
Over 7 million records exposed, according to vpnMentor, but app maker says there is no sign of malicious use.
Post a Comment

Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites

5/28/2020
Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign.
Post a Comment

Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques

5/27/2020
Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.
Post a Comment

Turla Backdoor Adds Gmail Web Interface for Command-and-Control

5/26/2020
The latest version of ComRAT is another sign of the threat actor's continued focus on targets in the government, military, and other sectors.
Post a Comment

Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity

5/26/2020
The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.
Post a Comment

Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses

5/21/2020
The economic impact of bot traffic can be unexpectedly substantial, a PerimeterX-commissioned study finds.
Post a Comment

Most Bluetooth Devices Vulnerable to Impersonation Attacks

5/21/2020
Vulnerabilities in the Bluetooth authentication process give attackers a way to insert rogue devices between two securely paired devices, academic researchers find.
Post a Comment

Magecart Plants Card Skimmers via Old Magento Plug-in Flaw

5/19/2020
The FBI has warned ecommerce sites about attacks targeting a more than three-year-old flaw in the Magmi mass importer.
Post a Comment

Hackers Hit Food Supply Company

5/19/2020
The attackers behind the REvil ransomware family has also threatened to release personal data on Madonna and other celebrities to the highest bidders.
Post a Comment

UK Supercomputing Service ARCHER Still Offline After Monday Attack

5/15/2020
Incident comes amid US warnings about Chinese cybergroups targeting organizations involved in COVID-19-related research.
Post a Comment

Microsoft Patch for Reverse RDP Flaw Leaves Room for Other Attacks

5/14/2020
Fix released in February is Microsoft's second pass at fully addressing issue that Check Point first disclosed at Black Hat USA last summer.
Post a Comment

Organizations Conduct App Penetration Tests More Frequently - and Broadly

5/13/2020
Compliance is no longer the primary motivator. AppSec is, Cobalt.io says.
Post a Comment

Website Attacks Become Quieter & More Persistent

5/12/2020
Threat actors have pivoted from noisy attacks to intrusions where stealth and ROI are primary goals, new report says.
Post a Comment

6 Free Cybersecurity Training and Awareness Courses

5/12/2020
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
Post a Comment

Data Breaches Declined in Q1 2020 Over Q1 2019 -- Or Did They?

5/11/2020
Numbers are down, but that may only be because organizations have been too busy fighting COVID-19-related cyberthreats to notice compromises, Risk Based Security says.
Post a Comment

Attacks on WordPress Sites Surge

5/6/2020
Defiant says it observed a 30-fold increase in attacks in just the past few days.
Post a Comment

Instacart Patches Security Bug That Would Have Let Attackers Spoof SMS Messages

5/5/2020
Attackers could have exploited the issue to lead online shoppers to malicious websites or to get them to download malware, Tenable says.
Post a Comment

Attackers Exploit SaltStack Flaws to Compromise Open Source OS & Blogging Platform

5/4/2020
Intruders gained access to core systems at the Android-based LineageOS project and the Ghost platform.
Post a Comment

Fake Microsoft Teams Emails Phish for Credentials

5/1/2020
Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.
Post a Comment

Average Ransomware Payments Soared in the First Quarter

4/29/2020
Criminals extorting large amounts of money from big enterprises pulled up the overall average significantly compared with the fourth quarter of 2019, Coveware says.
Post a Comment

Continued Use of Python 2 Will Heighten Security Risks

4/28/2020
With support for the programming language no longer available, organizations should port to Python 3, security researches say.
Post a Comment

Microsoft Patches Dangerous Teams Vulnerability

4/27/2020
CyberArk says issue would have allowed attackers to take over Teams accounts using a malicious GIF.
Post a Comment

WHO Confirms Email Credentials Leak

4/24/2020
Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused.
Post a Comment

Apple Downplays Threat Posed by Newly Disclosed Zero-Days in iOS

4/24/2020
Bugs don't pose an immediate threat, and there is no evidence they were exploited, as ZecOps claimed earlier this week, Apple says.
Post a Comment

Apple iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks

4/22/2020
One of the flaws is remotely exploitable with no user interaction needed, ZecOps says.
Post a Comment

Domain Registrars Under Pressure to Combat COVID-19-Related Scams

4/22/2020
A huge increase in malicious website registrations has prompted concern from US lawmakers.
Post a Comment

Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing

4/21/2020
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
Post a Comment

Pen-Test Results Hint at Improvements in Enterprise Security

4/17/2020
Though many problems remain, organizations are making attackers work harder.
Post a Comment

Massive Bot-Enabled Ad Fraud Campaign Targeted Connected TVs

4/16/2020
ICEBUCKET operation is the largest ever to attempt to steal from advertisers by using bots to impersonate human smart-TV viewers, White Ops says.
Post a Comment

New Malware Family Assembles IoT Botnet

4/15/2020
'Mozi' combines code from three previously known IoT malware.
Post a Comment

Insecure Home Office Networks Heighten Work-at-Home Risks

4/14/2020
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
Post a Comment

Pandemic Could Make Schools Bigger Targets of Ransomware Attacks

4/13/2020
Most have had to implement distance learning, making them much more vulnerable, Armor says.
Post a Comment

Emails Impersonating Trump, White House Seek to Exploit Pandemic Fears

4/9/2020
The phishing campaign is only the latest among many related to COVID-19, INKY says.
Post a Comment

'Unkillable' Android Malware App Continues to Infect Devices Worldwide

4/8/2020
The xHelper Trojan has compromised over 55,000 devices so far, Kaspersky says.
Post a Comment

Chinese APT Groups Targeted Enterprise Linux Systems in Decade-Long Data Theft Campaign

4/7/2020
Organizations across multiple industries compromised in a systematic effort to steal IP and other sensitive business data, BlackBerry says.
Post a Comment

More Attackers Have Begun Using Zero-Day Exploits

4/6/2020
Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says.
Post a Comment

Phishers Try 'Text Direction Deception' Technique to Bypass Email Filters

4/2/2020
With COVID-19 concerns running high, attackers are trying new tactics to get to users.
Post a Comment

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

4/2/2020
Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.
Post a Comment

Attackers Leverage Excel File Encryption to Deliver Malware

4/1/2020
Technique involves saving malicious Excel file as "read-only" and tricking users into opening it, Mimecast says.
Post a Comment

Researchers Uncover Unsophisticated - But Creative - Watering-Hole Attack

3/31/2020
Holy Water campaign is targeting users of a specific religious and ethnic group in Asia, Kaspersky says.
Post a Comment

Researchers Spot Sharp Increase in Zoom-Themed Domain Registrations

3/30/2020
Attackers are attempting to take advantage of the surge in teleworking prompted by COVID-19, Check Point says.
Post a Comment