Profile of Jai Vijayan

Contributing Writer

News & Commentary Posts: 1031

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.

Articles by Jai Vijayan

View Content By Month

Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes

1/27/2021
Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.
Post a Comment

Ransomware Disrupts Operations at Packaging Giant WestRock

1/26/2021
Incident is another reminder of how vulnerable OT environments are to attack, security experts say.
Post a Comment

Critical Vulns Discovered in Vendor Implementations of Key OT Protocol

1/25/2021
Flaws allow denial-of-service attacks and other malicious activity, Claroty says.
Post a Comment

Intel Confirms Unauthorized Access of Earnings-Related Data

1/22/2021
News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.
Post a Comment

DreamBus, FreakOut Botnets Pose New Threat to Linux Systems

1/21/2021
Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes.
Post a Comment

Microsoft Releases New Info on SolarWinds Attack Chain

1/20/2021
Threat actors went to elaborate lengths to maintain operational security around second-stage payload activation, company says.
Post a Comment

Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

1/6/2021
In the past two months alone, attacks against the sector soared 45% — more than double the rate of other sectors, Check Point says.
Post a Comment

DDoS Attacks Spiked, Became More Complex in 2020

12/30/2020
Global pandemic and the easy availability of for-hire services and inexpensive tool sets gave adversaries more opportunities to attack.
Post a Comment

SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector

12/22/2020
Adversaries that successfully execute attack can achieve persistent anytime, anywhere access to a victim network, security researchers say.
Post a Comment

Microsoft Confirms Its Network Was Breached With Tainted SolarWinds Updates

12/18/2020
Attack on thousands of other companies as "moment of reckoning" for governments and industry, company president says.
Post a Comment

5 Key Takeaways From the SolarWinds Breach

12/18/2020
New details continue to emerge each day, and there may be many more lessons to learn from what could be among the largest cyberattacks ever.
Post a Comment

FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond

12/16/2020
White House National Security Council establishes unified group to coordinate response across federal agencies to the threat.
Post a Comment

Concerns Run High as More Details of SolarWinds Hack Emerge

12/15/2020
Enterprises running company's Orion network management software should assume compromise and respond accordingly, security experts say.
Post a Comment

18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack

12/14/2020
Nation-state attackers used poisoned SolarWinds network management software updates to distribute malware; US government orders federal civilian agencies to immediately power down the technology.
Post a Comment

Knowing What the Enemy Knows Is Key to Proper Defense

12/10/2020
Think like an attacker if you want to understand your attack surface, says security researcher at Black Hat Europe.
Post a Comment

Researcher Developed New Kernel-Level Exploits for Old Vulns in Windows

12/9/2020
Problem has to do with a print driver component found in all versions of Windows going back to Windows 7, security researcher from Singular Security Lab says at Black Hat Europe 2020.
Post a Comment

Global Cybercrime Losses Cross $1 Trillion Mark

12/9/2020
A shift from attackers targeting individual systems to entire organizations is pushing up cost of cyberattacks sharply, McAfee says.
Post a Comment

NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability

12/7/2020
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.
Post a Comment

Assessing Cybersecurity Risk in Today's Enterprises

12/4/2020
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Post a Comment

Potential Nation-State Actor Targets COVID-19 Vaccine Supply Chain

12/3/2020
Companies involved in technologies for keeping vaccines cold enough for safe storage and transportation are being targeted in a sophisticated spear-phishing campaign, IBM says.
Post a Comment

Google Security Researcher Develops 'Zero-Click' Exploit for iOS Flaw

12/3/2020
A new patched memory corruption vulnerability in Apple's AWDL protocol can be used to take over iOS devices that are in close proximity to an attacker.
Post a Comment

Unmanaged Devices Heighten Risks for School Networks

12/1/2020
Gaming consoles, Wi-Fi Pineapples, and building management systems are among many devices Armis says it discovered on K–12 school networks.
Post a Comment

Latest Version of TrickBot Employs Clever New Obfuscation Trick

11/24/2020
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.
Post a Comment

Security Researchers Sound Alarm on Smart Doorbells

11/23/2020
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
Post a Comment

Telos Goes Public

11/19/2020
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.
Post a Comment

Researchers Say They've Developed Fastest Open Source IDS/IPS

11/18/2020
With a five-processor core, "Pigasus" delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University's CyLab.
Post a Comment

Nearly Two Dozen AWS APIs Are Vulnerable to Abuse

11/17/2020
Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.
Post a Comment

Ransomware Operator Promotes Distributed Storage for Stolen Data

11/17/2020
The criminals behind the DarkSide ransomware-as-a-service operation say the system will be harder to take down.
Post a Comment

'Pay2Key' Could Become Next Big Ransomware Threat

11/12/2020
Researchers from Check Point say an Iranian-based threat actor has successfully attacked multiple Israeli companies could soon go global.
Post a Comment

Like the Energizer Bunny, Trickbot Goes On and On

11/12/2020
Recent efforts to take down the virulent botnet have been largely -- but not entirely -- successful.
Post a Comment

Malware Hidden in Encrypted Traffic Surges Amid Pandemic

11/10/2020
Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year.
Post a Comment

New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries

11/9/2020
Ghimob is a full-fledged spy in your pocket, Kaspersky says.
Post a Comment

Insecure APIs a Growing Risk for Organizations

11/9/2020
Security models for application programming interfaces haven't kept pace with requirements of a non-perimeter world, Forrester says.
Post a Comment

The Malware Threat Landscape

11/6/2020
Download this report to learn about the real makeup of online threats, as reported by the defenders who see them every day.
Post a Comment

Ransom Payment No Guarantee Against Doxxing

11/4/2020
Several organizations that paid a ransom to keep attackers from releasing stolen data saw it leaked anyway, according to Coveware.
Post a Comment

APT Groups Get Innovative -- and More Dangerous -- in Q3

11/3/2020
In "curious" trend, more threat actors diversified their tool sets in the third quarter than usual.
Post a Comment

6 Cybersecurity Lessons From 2020

11/3/2020
The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness.
Post a Comment

New Tools Make North Korea's Kimsuky Group More Dangerous

11/2/2020
Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says.
Post a Comment

New Wroba Campaign Is Latest Sign of Growing Mobile Threats

10/30/2020
After years of mostly targeting users in Japan, Korea, and other countries in the region, operators of the Trojan expanded their campaign to the US this week.
Post a Comment

How Data Breaches Affect the Enterprise (2020)

10/29/2020
Thanks to COVID-19 and the sudden movement toward home workers, data breaches have become even more common in the past 12 months. Here’s a look at the damage — and how enterprises are responding.
Post a Comment

Survey Uncovers High Level of Concern Over Firewalls

10/27/2020
More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology.
Post a Comment

Flurry of Warnings Highlight Cyber Threats to US Elections

10/23/2020
FBI and intelligence officials issue fresh warnings about election interference attempts by Iranian and Russian threat actors.
Post a Comment

7 Mobile Browsers Vulnerable to Address-Bar Spoofing

10/22/2020
Flaws allow attackers to manipulate URLs users see on their mobile devices, Rapid7 says.
Post a Comment

Oracle Releases Another Mammoth Security Patch Update

10/21/2020
October's CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.
Post a Comment

Ransomware Attacks Show Little Sign of Slowing in 2021

10/20/2020
With businesses paying increasingly larger ransoms, attackers remain motivated, say security experts who foresee a rise in attacks.
Post a Comment

US Indicts Members of Transnational Money-Laundering Organization

10/15/2020
Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges.
Post a Comment

Microsoft Office 365 Accounts a Big Target for Attackers

10/15/2020
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.
Post a Comment

Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators

10/13/2020
With attacks showing no signs of abating, some companies have begun offering services to help reduce ransom demands, buy more time, and arrange payments.
Post a Comment

Latest Version of MalLocker Android Ransomware Packs New Tricks

10/9/2020
Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.
Post a Comment

New 'HEH' Botnet Targets Exposed Telnet Services

10/7/2020
Latest threat is one in a growing list of malware developed in the Go programming language.
Post a Comment

New Research Finds Bugs in Every Anti-Malware Product Tested

10/6/2020
Products from every vendor had issues that allowed attackers to elevate privileges on a system -- if they already were on it.
Post a Comment

3 Months for the Cybercrime Books

10/2/2020
From July through September, US law enforcement handed down major indictments or sanctions against foreign threat groups at least six times.
Post a Comment

New HP Bug Bounty Program Targets Vulns in Printer Cartridges

10/1/2020
White-hat hackers will receive $10,000 for each security bug they discover plus a base fee, under this invitation-only initiative.
Post a Comment

GitHub Tool Spots Security Vulnerabilities in Code

9/30/2020
Scanner, which just became generally available, lets developers spot problems before code gets into production.
Post a Comment

New Campaign by China-Linked Group Targets US Orgs for First Time

9/29/2020
In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.
Post a Comment

6 Things to Know About the Microsoft 'Zerologon' Flaw

9/25/2020
Until all domain controllers are updated, the entire infrastructure remains vulnerable, the DHS' CISA warns.
Post a Comment

Malware Attacks Declined But Became More Evasive in Q2

9/24/2020
Most of the malware used in attacks last quarter were designed to evade signature-based detection tools, WatchGuard says.
Post a Comment

India's Cybercrime and APT Operations on the Rise

9/23/2020
Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights.
Post a Comment

Indictments Unlikely to Deter China's APT41 Activity

9/17/2020
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.
Post a Comment

What's on Your Enterprise Network? You Might Be Surprised

9/16/2020
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
Post a Comment

How IT Security Organizations are Attacking the Cybersecurity Problem

9/16/2020
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Post a Comment

More Cyberattacks in the First Half of 2020 Than in All of 2019

9/15/2020
The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
Post a Comment

Large Cloud Providers Much Less Likely Than Enterprises to Get Breached

9/14/2020
Pen-test results also show a majority of organizations have few protections against attackers already on the network.
Post a Comment

Cyber-Risks Explode With Move to Telehealth Services

9/10/2020
The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest.
Post a Comment

Ransomware Attacks Disrupt School Reopenings

9/9/2020
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.
Post a Comment

Facebook Announces Formal Vulnerability Disclosure Policy for Third-Party Bugs

9/3/2020
The social media giant has also launched a new website for sharing information on WhatsApp security.
Post a Comment

Most IoT Hardware Dangerously Easy to Crack

9/2/2020
Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
Post a Comment

5 Tips for Triaging Risk from Exposed Credentials

9/2/2020
Not all exposed usernames and passwords present a threat. Here's how to quickly identify the ones that do.
Post a Comment

New Threat Activity by Lazarus Group Spells Trouble for Orgs

9/1/2020
The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say.
Post a Comment

Old Malware Tool Acquires New Tricks

8/27/2020
Latest version of Qbot has acquired a new feature for collecting email threads from Outlook clients.
Post a Comment

'Transparent Tribe' APT Group Deploys New Android Spyware for Cyber Espionage

8/26/2020
The group, which has been around since at least 2013, has impacted thousands of organizations, mostly in India.
Post a Comment

MITRE Releases 'Shield' Active Defense Framework

8/24/2020
Free knowledge base offers techniques and tactics for engaging with and better defending against network intruders.
Post a Comment

Sophisticated P2P Botnet Targeting SSH Servers

8/19/2020
'FritzFrog' is fileless, uses its own proprietary P2P implementation, and has breached at least 500 servers so far, Guardicore says.
Post a Comment

Ransomware Attack on Carnival May Have Been Its Second Compromise This Year

8/18/2020
Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June.
Post a Comment

Reported Breach Count for H1 2020 Lowest in Five Years

8/17/2020
While reported breach numbers are down, a handful of "mega" breaches resulted in more data records being exposed than ever before, analysis shows.
Post a Comment

Business Email Compromise Attacks Involving MFA Bypass Increase

8/13/2020
Adversaries are using legacy email clients to access and take over accounts protected with strong authentication, Abnormal Security says.
Post a Comment

Adaptive Shield Emerges From Stealth

8/13/2020
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
Post a Comment

Researchers Trick Facial-Recognition Systems

8/11/2020
Goal was to see if computer-generated images that look like one person would get classified as another person.
Post a Comment

Researchers Create New Framework to Evaluate User Security Awareness

8/6/2020
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
Post a Comment

Energy Market Manipulation with High-Wattage IoT Botnets

8/6/2020
Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.
Post a Comment

DDoS Attacks Doubled in Q2 Compared with Prior Quarter

8/5/2020
Most attacks were small, but the big ones got bigger than ever, Cloudflare says.
Post a Comment

DHS Urges 'Highest Priority' Attention on Old Chinese Malware Threat

8/3/2020
"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008.
Post a Comment

Ill-Defined Career Paths Hamper Growth for IT Security Pros

7/30/2020
Appsec and cloud security skills are the most in demand, and a shortage of staff is wearing on security teams, a new study shows.
Post a Comment

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

7/29/2020
More than 130 security researchers and developers are ready to showcase their work.
Post a Comment

Average Cost of a Data Breach: $3.86 Million

7/29/2020
New IBM study shows that security system complexity and cloud migration can amplify breach costs.
Post a Comment

Organizations Continue to Struggle With App Vulns

7/24/2020
A high percentage of discovered bugs remain unremediated for a long time, a new study shows.
Post a Comment

Twitter Breach a Reminder of Need to Protect Corporate Social Media Use

7/23/2020
Intruders had access to direct messages associated with 36 accounts in last week's attack, social media giant discloses.
Post a Comment

Surge in Consumer-Grade IoT Devices Undermining Enterprise Security

7/22/2020
Individuals and business groups are connecting everything from Amazon Echo devices to data-sampling sensors on networks with sensitive systems with little regard to safety, two reports show.
Post a Comment

US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research

7/21/2020
Pair working on behalf of themselves and China's Ministry of State Security, Justice Department says.
Post a Comment

Twitter Breach Highlights Privileged Account Security Issue

7/20/2020
Security incident that allowed attackers to hijack high-profile accounts suggests social media giant's controls for spotting insider abuse were not strong enough, security experts say.
Post a Comment

Twitter Attack Raises Concerns Over its Internal Controls

7/16/2020
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.
Post a Comment

Vulns in Open Source EHR Puts Patient Health Data at Risk

7/15/2020
Five high-risk flaws in health IT software from LibreHealth, a researcher at Bishop Fox finds.
Post a Comment

New Mirai Variant Surfaces with Exploits for 9 Vulnerabilities Products

7/14/2020
Impacted products include routers, IP cameras, DVRs, and smart TVs.
Post a Comment

Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers

7/10/2020
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
Post a Comment

'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store

7/9/2020
Authors of the malware, which signs up mobile users for premium services, are repeatedly finding ways to bypass app review checks.
Post a Comment

Study Finds 15 Billion Stolen, Exposed Credentials in Criminal Markets

7/8/2020
Data is fueling account takeover attacks in a big way, Digital Shadows says.
Post a Comment

Microsoft Seizes Domains Used in COVID-19-Themed Attacks

7/7/2020
Court grants company's bid to shut down infrastructure used in recent campaigns against Office 365 users.
Post a Comment

North Korea's Lazarus Group Diversifies Into Card Skimming

7/6/2020
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.
Post a Comment

Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign

7/1/2020
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.
Post a Comment

FCC Designates Huawei & ZTE as National Security Threats

6/30/2020
Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
Post a Comment