Profile of Jai Vijayan

Contributing Writer

News & Commentary Posts: 818

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.

Articles by Jai Vijayan

View Content By Month

Shades of Shamoon: New Disk-Wiping Malware Targets Middle East Orgs

12/4/2019
'ZeroCleare' shares some of the same features as its more notorious predecessor, IBM Security says.
Post a Comment

Kali Linux Gets New Desktop Environment & Undercover Theme

12/2/2019
Updates to pen-testing platform are designed to improve performance and user interface, says Offensive Security, maintainer of the open source project.
Post a Comment

SQL Injection Errors No Longer the Top Software Security Issue

11/27/2019
In newly updated Common Weakness Enumeration (CWE), SQL injection now ranks sixth.
Post a Comment

'Dexphot': A Sophisticated, Everyday Threat

11/26/2019
Though the cryptominer has received little attention, it exemplifies the complexity of modern malware, Microsoft says.
Post a Comment

Most Organizations Have Incomplete Vulnerability Information

11/25/2019
Companies that rely solely on CVE/NVD are missing 33% of disclosed flaws, Risk Based Security says.
Post a Comment

Leaks of NSA, CIA Tools Have Leveled Nation-State Cybercriminal Capabilities

11/21/2019
The wide availability of tools leaked by the Shadow Brokers and WikiLeaks in 2016 and 2017 have given emerging cyber powers a way to catch up, DarkOwl says.
Post a Comment

As Retailers Prepare for the Holiday Season, So Do Cybercriminals

11/20/2019
Online shoppers need to be wary about domain spoofing, fraudulent giveaways, and other scams, ZeroFOX study shows.
Post a Comment

Ransomware Surge & Living-Off-the-Land Tactics Remain Big Threats

11/19/2019
Group-IB's and Rapid7's separate analysis of attack activity in recent months shows threat actors are making life harder for enterprise organizations in a variety of ways.
Post a Comment

GitHub Initiative Seeks to Secure Open Source Code

11/18/2019
New Security Lab will give researchers, developers, code maintainers, and organizations a way to coordinate efforts on addressing vulnerabilities.
Post a Comment

Symantec, McAfee Patch Privilege Escalation Bugs

11/14/2019
All versions of endpoint protection software from both vendors were susceptible to near identical issue, SafeBreach says.
Post a Comment

Self-Cleaning Payment Card-Skimmer Infects E-Commerce Sites

11/13/2019
'Pipka' JavaScript skimmer has infected at least 16 e-commerce websites so far, according to Visa's Payment Fraud Disruption Group.
Post a Comment

While CISOs Fret, Business Leaders Tout Security Robustness

11/12/2019
A new Nominet survey shows a familiar disconnect between business and security teams on the matter of cyber preparedness.
Post a Comment

New DDoS Attacks Leverage TCP Amplification

11/12/2019
Attackers over the past month have been using a rarely seen approach to disrupt services at large organizations in several countries.
Post a Comment

Bugcrowd Pays Out Over $500K in Bounties in One Week

11/8/2019
In all, bug hunters from around the world submitted over 6,500 vulnerabilities in October alone.
Post a Comment

Twitter & Trend Micro Fall Victim to Malicious Insiders

11/7/2019
The companies are the latest on a long and growing list of organizations that have fallen victim to users with legitimate access to enterprise systems and data.
Post a Comment

Kaspersky Analysis Shines Light on DarkUniverse APT Group

11/7/2019
Threat actor was active between 2009 and 2017, targeting military, government, and private organizations.
Post a Comment

Microsoft Security Setting Ironically Increases Risks for Office for Mac Users

11/4/2019
Excel's handling of an old macro format gives unauthenticated remote attackers a way to take control of vulnerable systems, Carnegie Mellon's CERT/CC says.
Post a Comment

Chinese Cyber Espionage Group Steals SMS Messages via Telco Networks

10/31/2019
APT41's new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says.
Post a Comment

Facebook Says Israeli Firm Was Involved in Recent WhatsApp Intrusion

10/30/2019
Evidence suggests NSO Group used WhatsApps servers to distribute mobile spyware to targeted devices.
Post a Comment

8 Trends in Vulnerability and Patch Management

10/30/2019
Unpatched flaws continue to be a major security issue for many organizations.
Post a Comment

Apple Boots 17 Trojan-Laden Apps From Mobile Store

10/24/2019
Malware was designed to carry out click-fraud, Wandera says.
Post a Comment

Oracle Releases Free Tool for Monitoring Internet Routing Security

10/23/2019
IXP Filter Check gives Internet Exchange Points a way to verify whether they are properly filtering out incorrect and malicious routes.
Post a Comment

About 50% of Apps Are Accruing Unaddressed Vulnerabilities

10/22/2019
In rush to fix newly discovered security issues, developers are neglecting to address older ones, Veracode study finds.
Post a Comment

Russian Hackers Using Iranian APT's Infrastructure in Widespread Attacks

10/21/2019
New advisory from the UK's NCSC and the NSA throws fresh light on activity first revealed by Symantec in June.
Post a Comment

Debug Feature in Web Dev Tool Exposed Trump Campaign Site, Others to Attack

10/17/2019
The problem is not with the tool itself but with how some developers and administrators are using it, Comparitech says.
Post a Comment

Typosquatting Websites Proliferate in Run-up to US Elections

10/16/2019
People who mistype the URL for their political candidate or party's website could end up on an opposing party or candidate's website, Digital Shadow's research shows.
Post a Comment

Targeted Ransomware Attacks Show No Signs of Abating

10/15/2019
Criminals are becoming more sophisticated and targeted in going after enterprise organizations, a new Q2/Q3 report finds.
Post a Comment

Cyber Theft, Humint Helped China Cut Corners on Passenger Jet

10/14/2019
Beijing likely saved a lot of time and billions of dollars by copying components for its C919 plane from others, a new report from CrowdStrike says.
Post a Comment

AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security

10/10/2019
At many organizations, the attitude to securing software appears to be throwing a lot of technology at the problem, a new study finds.
Post a Comment

Virginia a Hot Spot For Cybersecurity Jobs

10/9/2019
State has highest number of people in information security roles and the most current job openings, Comparitech study finds.
Post a Comment

Most US Presidential Campaign Websites Offer Little Privacy Protection

10/8/2019
New audit finds that privacy policies on 70% of the sites have no limits on data sharing.
Post a Comment

Iranian Cyberattack on US Presidential Campaign Could Be a Sign of Things to Come

10/8/2019
Political parties and election systems will be heavily targeted in the months leading up to the 2020 general elections, some security experts say.
Post a Comment

Facebook Patches Critical WhatsApp Security Flaw

10/3/2019
Bug gives attackers a way to use GIF images to steal data from Android devices running the message app.
Post a Comment

Millions More Embedded Devices Contain Vulnerable IPnet Software

10/2/2019
FDA, DHS issue fresh warnings on easily exploitable URGENT/11 flaws in medical, SCADA systems, industrial controllers, and other devices.
Post a Comment

New Malware Campaign Targets US Petroleum Companies

10/1/2019
Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says.
Post a Comment

Baltimore Reportedly Had No Data Backup Process for Many Systems

9/30/2019
City lost key data in a ransomware attack earlier this year that's already cost more than $18.2 million in recovery and related expenses.
Post a Comment

Mass Exploitation of vBulletin Flaw Raises Alarm

9/26/2019
The remote code execution bug was a 0-day when it was publicly disclosed Monday, but has now been patched.
Post a Comment

GandCrab Developers Behind Destructive REvil Ransomware

9/25/2019
Code similarities show a definite technical link between the malware strains, Secureworks says.
Post a Comment

5 Updates from PCI SSC That You Need to Know

9/25/2019
As payment technologies evolve, so do the requirements for securing cardholder data.
Post a Comment

Startup Cowbell Cyber Launches 'Continuous Underwriting' Platform

9/24/2019
New inside-out approach will give SMBs a way to buy insurance coverage based on a realistic and ongoing assessment of their risk, company says.
Post a Comment

Cloudflare Introduces 'Bot Fight Mode' Option for Site Operators

9/24/2019
Goal is to help websites detect and block bad bot traffic, vendor says.
Post a Comment

Lion Air the Latest to Get Tripped Up by Misconfigured AWS S3

9/19/2019
The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets.
Post a Comment

WannaCry Detections At An All-Time High

9/18/2019
More than 12,000 variants of the infamous malware are targeting systems that are still open to the EternalBlue exploit - but the potential danger is low, Sophos warns.
Post a Comment

US Turning Up the Heat on North Korea's Cyber Threat Operations

9/16/2019
Sanctions on North Korean nation-state hacking groups came amid reports of fresh malicious campaigns directed at US entities from the isolated nation.
Post a Comment

Indictments Do Little to Stop Iranian Group from New Attacks on Universities

9/12/2019
Cobalt Dickens targeted more than 60 universities in the US and elsewhere this summer, according to a new report.
Post a Comment

New Privacy Features in iOS 13 Let Users Limit Location Tracking

9/10/2019
Apple will introduce other features that allow more secure use of iPhones in workplace settings as well.
Post a Comment

Public Exposure Does Little to Slow China-Based Thrip APT

9/9/2019
Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.
Post a Comment

Chinese Group Built Advanced Trojan by Reverse Engineering NSA Attack Tool

9/6/2019
APT3 quietly monitored an NSA attack on its systems and used the information to build a weapon of its own.
Post a Comment

New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims

9/5/2019
Tide's method for protecting passwords splinters them up into tiny pieces and stores them on distributed nodes.
Post a Comment

5G Standard to Get New Security Specifications

9/4/2019
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.
Post a Comment

Over 47K Supermicro Corporate Servers Vulnerable to Attack

9/3/2019
Vulnerabilities in a remote-monitoring component give attackers a way to mount virtual USBs on systems, Eclypsium warns.
Post a Comment

New Botnet Targets Android Set-Top Boxes

8/29/2019
ARES has already infected thousands of devices and is growing, IoT security firm says.
Post a Comment

Facebook Patches Second Account-Takeover Flaw in Instagram

8/28/2019
The password-recovery mechanism once again puts users of the photo- and video-sharing platform at risk.
Post a Comment

CrowdStrike Launches Fund for Early-Stage Endpoint Security Startups

8/27/2019
It's goal is to accelerate delivery of third-party apps that add on and extend the company's Falcon cloud-hosted services.
Post a Comment

New Malware Variant Targets Old Adobe, Office Vulnerabilities

8/22/2019
Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says.
Post a Comment

Silence APT Group Broadens Attacks on Banks, Gets More Dangerous

8/21/2019
Over the past year, the financial damage linked to the Russian-speaking threat group has spiked fivefold, Group-IB says.
Post a Comment

Apple Misstep Leaves iPhones Open to Jailbreak

8/20/2019
Newest version of iOS contains a critical bug that the company had previously already patched.
Post a Comment

Instagram Added to Facebook Data-Abuse Bounty Program

8/19/2019
Social media giant also launches invitation-only bug bounty program for 'Checkout on Instagram'.
Post a Comment

More Than 20 Data Breaches Reported Per Day in First Half of 2019

8/15/2019
But incidents involving SSNs, addresses, birth dates were smaller than in previous years.
Post a Comment

Trend Micro Patches Privilege Escalation Bug in its Password Manager

8/14/2019
Organizations should update to latest build as soon as possible, security vendor says.
Post a Comment

Orgs Doing More App Security Testing but Fixing Fewer Vulns

8/13/2019
On average, US organizations took nearly five months to fix critical vulnerabilities according to WhiteHat Security's annual vulnerability report.
Post a Comment

2019 Pwnie Award Winners (And Those Who Wish They Weren't)

8/13/2019
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Post a Comment

Researchers Show How SQLite Can Be Modified to Attack Apps

8/12/2019
New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check Point says.
Post a Comment

Equifax CISO: 'Trust Starts and Ends with You'

8/8/2019
Organizational culture is key to good enterprise security posture, Jamil Farshchi told Black Hat attendees.
Post a Comment

WhatsApp Messages Can Be Intercepted, Manipulated

8/8/2019
Check Point security researchers demonstrate how a dangerous security weakness in the messaging application can be abused to spread fake news and carry out online scams.
Post a Comment

Ransomware Used in Multimillion-Dollar Attacks Gets More Automated

8/5/2019
The authors of MegaCortex appear to have traded security for convenience and speed, say researchers at Accenture iDefense.
Post a Comment

PCI Security Council, Retail ISAC Warn Retailers on Magecart Attacks

8/1/2019
Online card-skimming activities grew sharply this summer fueled by the availability of attack kits and other factors, Malwarebytes says.
Post a Comment

Flaws in SanDisk SSD Dashboard Present Malware & Data Loss Risks

7/31/2019
Organizations using the utility should immediately install the latest version of the software, security vendor Trustwave says.
Post a Comment

Sextortion Email Scams Rise Sharply

7/30/2019
Cybercriminals are increasingly trying to trick people into paying ransoms by threatening to expose compromising activities to friends and family.
Post a Comment

Russian Threat Group May Have Devised a 'Man-on-the-Side' Attack

7/25/2019
Data from an intrusion last year suggests Iron Liberty group may have a new trick up its sleeve, Secureworks says.
Post a Comment

Android Malware 'Triada' Most Active on Telco Networks

7/25/2019
Google in May disclosed that several Android devices had been shipped pre-installed with the RAT.
Post a Comment

With Data Breach Costs, Time is Money

7/24/2019
The sooner a company can detect and respond to an incident, the less likely they are to pay for it, a new IBM-Ponemon study finds.
Post a Comment

Penetration Test Data Shows Risk to Domain Admin Credentials

7/23/2019
But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.
Post a Comment

BitPaymer Ransomware Operators Wage Custom, Targeted Attacks

7/18/2019
A new framework is allowing the threat group to compile variants of the malware for each victim, Morphisec says.
Post a Comment

8 Legit Tools and Utilities That Cybercriminals Commonly Misuse

7/18/2019
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
Post a Comment

800K Systems Still Vulnerable to BlueKeep

7/17/2019
Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says.
Post a Comment

Lenovo NAS Firmware Flaw Exposes Stored Data

7/16/2019
More than 5,100 vulnerable devices containing multiple terabytes of data are open to exploitation, researchers found.
Post a Comment

APT Groups Make Quadruple What They Spend on Attack Tools

7/11/2019
Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.
Post a Comment

New Ransomware Targets QNAP's Network-Attached Storage Devices

7/10/2019
More than 19,000 systems in the US are potentially at risk from eCh0raix.
Post a Comment

Zoom Client for Mac Exposing Users to Serious Risks

7/9/2019
Videoconferencing software maker downplays risks and says mitigations are on the way.
Post a Comment

New 'WannaHydra' Malware a Triple Threat to Android

7/3/2019
The latest variant of WannaLocker is a banking Trojan, spyware tool, and ransomware.
Post a Comment

TA505 Group Launches New Targeted Attacks

7/3/2019
Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore.
Post a Comment

Thousands of Facebook Users Hit in Malware Distribution Campaign

7/1/2019
'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.
Post a Comment

New Exploit for Microsoft Excel Power Query

6/27/2019
Proof-of-concept, which allows remote code execution, is latest to exploit Dynamic Data Exchange (DDE) and is another reminder why organizations must ensure Office settings are secure.
Post a Comment

7 Ways to Mitigate Supply Chain Attacks

6/27/2019
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
Post a Comment

Email Threats Continue to Grow as Attackers Evolve, Innovate

6/25/2019
Threat actors increasingly using malicious URLs, HTTPS domains, file-sharing sites in email attacks, FireEye says.
Post a Comment

DDoS-for-Hire Services Doubled in Q1

6/24/2019
Impact of FBI's takedown of 15 'booter' domains last December appears to have been temporary.
Post a Comment

Customers of 3 MSPs Hit in Ransomware Attacks

6/20/2019
Early information suggests threat actors gained access to remote monitoring and management tools from Webroot and Kaseya to distribute malware.
Post a Comment

Inside the FBI's Fight Against Cybercrime

6/20/2019
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.
Post a Comment

Insecure Home IoT Devices a Clear and Present Danger to Corporate Security

6/19/2019
Avast-sponsored study shows wide prevalence of IoT devices, many with weak credentials and other security vulnerabilities.
Post a Comment

DHS Tests Remote Exploit for BlueKeep RDP Vulnerability

6/17/2019
Agency urges organizations with vulnerable systems to apply mitigations immediately.
Post a Comment

BlueKeep RDP Vulnerability a Ticking Time Bomb

6/13/2019
One month after Microsoft disclosed the flaw, nearly 1 million systems remain unpatched, and Internet scans looking for vulnerable systems have begun increasing.
Post a Comment

SQL Injection Attacks Represent Two-Third of All Web App Attacks

6/13/2019
When Local File Inclusion attacks are counted, nearly nine in 10 attacks are related to input validation failures, Akamai report shows.
Post a Comment

Cross-Site Scripting Errors Continue to Be Most Common Web App Flaw

6/11/2019
In vulnerability disclosure programs, organizations are paying more in total for XSS issues than any other vulnerability type, HackerOne says.
Post a Comment

Huawei Represents Massive Supply Chain Risk: Report

6/10/2019
The Chinese technology giant's enormous product and service footprint gives it access to more data than almost any other single organization, Recorded Future says.
Post a Comment

Vietnam Rises as Cyberthreat

6/5/2019
The country's rapid economic growth and other factors are driving an increase in cybercrime and cyber espionage activity.
Post a Comment

Carbanak Attack: Two Hours to Total Compromise

6/4/2019
Investigation of the cybercrime group's attack on an East European bank shows how some attackers require very little time to broaden their access and establish persistence on a network.
Post a Comment

Zebrocy APT Group Expands Malware Arsenal with New Backdoor Family

6/3/2019
Group's constant experimentation and malware changes are complicating efforts for defenders, Kaspersky Lab says.
Post a Comment

7 Recent Wins Against Cybercrime

5/24/2019
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
Post a Comment

DDoS Attacks Up in Q1 After Months of Steady Decline

5/22/2019
Sudden surge suggests that new actors have stepped up to the plate to replace the old operators.
Post a Comment

Author

Profile of Jai Vijayan