Profile of Jai Vijayan

Contributing Writer

News & Commentary Posts: 1008

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.

Articles by Jai Vijayan

View Content By Month

Latest Version of TrickBot Employs Clever New Obfuscation Trick

11/24/2020
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.
Post a Comment

Security Researchers Sound Alarm on Smart Doorbells

11/23/2020
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
Post a Comment

Telos Goes Public

11/19/2020
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.
Post a Comment

Researchers Say They've Developed Fastest Open Source IDS/IPS

11/18/2020
With a five-processor core, "Pigasus" delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University's CyLab.
Post a Comment

Nearly Two Dozen AWS APIs Are Vulnerable to Abuse

11/17/2020
Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.
Post a Comment

Ransomware Operator Promotes Distributed Storage for Stolen Data

11/17/2020
The criminals behind the DarkSide ransomware-as-a-service operation say the system will be harder to take down.
Post a Comment

'Pay2Key' Could Become Next Big Ransomware Threat

11/12/2020
Researchers from Check Point say an Iranian-based threat actor has successfully attacked multiple Israeli companies could soon go global.
Post a Comment

Like the Energizer Bunny, Trickbot Goes On and On

11/12/2020
Recent efforts to take down the virulent botnet have been largely -- but not entirely -- successful.
Post a Comment

Malware Hidden in Encrypted Traffic Surges Amid Pandemic

11/10/2020
Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year.
Post a Comment

New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries

11/9/2020
Ghimob is a full-fledged spy in your pocket, Kaspersky says.
Post a Comment

Insecure APIs a Growing Risk for Organizations

11/9/2020
Security models for application programming interfaces haven't kept pace with requirements of a non-perimeter world, Forrester says.
Post a Comment

The Malware Threat Landscape

11/6/2020
Download this report to learn about the real makeup of online threats, as reported by the defenders who see them every day.
Post a Comment

Ransom Payment No Guarantee Against Doxxing

11/4/2020
Several organizations that paid a ransom to keep attackers from releasing stolen data saw it leaked anyway, according to Coveware.
Post a Comment

APT Groups Get Innovative -- and More Dangerous -- in Q3

11/3/2020
In "curious" trend, more threat actors diversified their tool sets in the third quarter than usual.
Post a Comment

6 Cybersecurity Lessons From 2020

11/3/2020
The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness.
Post a Comment

New Tools Make North Korea's Kimsuky Group More Dangerous

11/2/2020
Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says.
Post a Comment

New Wroba Campaign Is Latest Sign of Growing Mobile Threats

10/30/2020
After years of mostly targeting users in Japan, Korea, and other countries in the region, operators of the Trojan expanded their campaign to the US this week.
Post a Comment

How Data Breaches Affect the Enterprise (2020)

10/29/2020
Thanks to COVID-19 and the sudden movement toward home workers, data breaches have become even more common in the past 12 months. Here’s a look at the damage — and how enterprises are responding.
Post a Comment

Survey Uncovers High Level of Concern Over Firewalls

10/27/2020
More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology.
Post a Comment

Flurry of Warnings Highlight Cyber Threats to US Elections

10/23/2020
FBI and intelligence officials issue fresh warnings about election interference attempts by Iranian and Russian threat actors.
Post a Comment

7 Mobile Browsers Vulnerable to Address-Bar Spoofing

10/22/2020
Flaws allow attackers to manipulate URLs users see on their mobile devices, Rapid7 says.
Post a Comment

Oracle Releases Another Mammoth Security Patch Update

10/21/2020
October's CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.
Post a Comment

Ransomware Attacks Show Little Sign of Slowing in 2021

10/20/2020
With businesses paying increasingly larger ransoms, attackers remain motivated, say security experts who foresee a rise in attacks.
Post a Comment

US Indicts Members of Transnational Money-Laundering Organization

10/15/2020
Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges.
Post a Comment

Microsoft Office 365 Accounts a Big Target for Attackers

10/15/2020
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity.
Post a Comment

Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators

10/13/2020
With attacks showing no signs of abating, some companies have begun offering services to help reduce ransom demands, buy more time, and arrange payments.
Post a Comment

Latest Version of MalLocker Android Ransomware Packs New Tricks

10/9/2020
Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says.
Post a Comment

New 'HEH' Botnet Targets Exposed Telnet Services

10/7/2020
Latest threat is one in a growing list of malware developed in the Go programming language.
Post a Comment

New Research Finds Bugs in Every Anti-Malware Product Tested

10/6/2020
Products from every vendor had issues that allowed attackers to elevate privileges on a system -- if they already were on it.
Post a Comment

3 Months for the Cybercrime Books

10/2/2020
From July through September, US law enforcement handed down major indictments or sanctions against foreign threat groups at least six times.
Post a Comment

New HP Bug Bounty Program Targets Vulns in Printer Cartridges

10/1/2020
White-hat hackers will receive $10,000 for each security bug they discover plus a base fee, under this invitation-only initiative.
Post a Comment

GitHub Tool Spots Security Vulnerabilities in Code

9/30/2020
Scanner, which just became generally available, lets developers spot problems before code gets into production.
Post a Comment

New Campaign by China-Linked Group Targets US Orgs for First Time

9/29/2020
In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.
Post a Comment

6 Things to Know About the Microsoft 'Zerologon' Flaw

9/25/2020
Until all domain controllers are updated, the entire infrastructure remains vulnerable, the DHS' CISA warns.
Post a Comment

Malware Attacks Declined But Became More Evasive in Q2

9/24/2020
Most of the malware used in attacks last quarter were designed to evade signature-based detection tools, WatchGuard says.
Post a Comment

India's Cybercrime and APT Operations on the Rise

9/23/2020
Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights.
Post a Comment

Indictments Unlikely to Deter China's APT41 Activity

9/17/2020
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.
Post a Comment

What's on Your Enterprise Network? You Might Be Surprised

9/16/2020
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.
Post a Comment

How IT Security Organizations are Attacking the Cybersecurity Problem

9/16/2020
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Post a Comment

More Cyberattacks in the First Half of 2020 Than in All of 2019

9/15/2020
The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.
Post a Comment

Large Cloud Providers Much Less Likely Than Enterprises to Get Breached

9/14/2020
Pen-test results also show a majority of organizations have few protections against attackers already on the network.
Post a Comment

Cyber-Risks Explode With Move to Telehealth Services

9/10/2020
The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest.
Post a Comment

Ransomware Attacks Disrupt School Reopenings

9/9/2020
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the country.
Post a Comment

Facebook Announces Formal Vulnerability Disclosure Policy for Third-Party Bugs

9/3/2020
The social media giant has also launched a new website for sharing information on WhatsApp security.
Post a Comment

Most IoT Hardware Dangerously Easy to Crack

9/2/2020
Manufacturers need to invest more effort into protecting root-level access to connected devices, security researcher says.
Post a Comment

5 Tips for Triaging Risk from Exposed Credentials

9/2/2020
Not all exposed usernames and passwords present a threat. Here's how to quickly identify the ones that do.
Post a Comment

New Threat Activity by Lazarus Group Spells Trouble for Orgs

9/1/2020
The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say.
Post a Comment

Old Malware Tool Acquires New Tricks

8/27/2020
Latest version of Qbot has acquired a new feature for collecting email threads from Outlook clients.
Post a Comment

'Transparent Tribe' APT Group Deploys New Android Spyware for Cyber Espionage

8/26/2020
The group, which has been around since at least 2013, has impacted thousands of organizations, mostly in India.
Post a Comment

MITRE Releases 'Shield' Active Defense Framework

8/24/2020
Free knowledge base offers techniques and tactics for engaging with and better defending against network intruders.
Post a Comment

Sophisticated P2P Botnet Targeting SSH Servers

8/19/2020
'FritzFrog' is fileless, uses its own proprietary P2P implementation, and has breached at least 500 servers so far, Guardicore says.
Post a Comment

Ransomware Attack on Carnival May Have Been Its Second Compromise This Year

8/18/2020
Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June.
Post a Comment

Reported Breach Count for H1 2020 Lowest in Five Years

8/17/2020
While reported breach numbers are down, a handful of "mega" breaches resulted in more data records being exposed than ever before, analysis shows.
Post a Comment

Business Email Compromise Attacks Involving MFA Bypass Increase

8/13/2020
Adversaries are using legacy email clients to access and take over accounts protected with strong authentication, Abnormal Security says.
Post a Comment

Adaptive Shield Emerges From Stealth

8/13/2020
Israeli startup joins growing number of vendors offering platform for detecting and mitigating common configuration errors in cloud environments.
Post a Comment

Researchers Trick Facial-Recognition Systems

8/11/2020
Goal was to see if computer-generated images that look like one person would get classified as another person.
Post a Comment

Researchers Create New Framework to Evaluate User Security Awareness

8/6/2020
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats.
Post a Comment

Energy Market Manipulation with High-Wattage IoT Botnets

8/6/2020
Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.
Post a Comment

DDoS Attacks Doubled in Q2 Compared with Prior Quarter

8/5/2020
Most attacks were small, but the big ones got bigger than ever, Cloudflare says.
Post a Comment

DHS Urges 'Highest Priority' Attention on Old Chinese Malware Threat

8/3/2020
"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008.
Post a Comment

Ill-Defined Career Paths Hamper Growth for IT Security Pros

7/30/2020
Appsec and cloud security skills are the most in demand, and a shortage of staff is wearing on security teams, a new study shows.
Post a Comment

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

7/29/2020
More than 130 security researchers and developers are ready to showcase their work.
Post a Comment

Average Cost of a Data Breach: $3.86 Million

7/29/2020
New IBM study shows that security system complexity and cloud migration can amplify breach costs.
Post a Comment

Organizations Continue to Struggle With App Vulns

7/24/2020
A high percentage of discovered bugs remain unremediated for a long time, a new study shows.
Post a Comment

Twitter Breach a Reminder of Need to Protect Corporate Social Media Use

7/23/2020
Intruders had access to direct messages associated with 36 accounts in last week's attack, social media giant discloses.
Post a Comment

Surge in Consumer-Grade IoT Devices Undermining Enterprise Security

7/22/2020
Individuals and business groups are connecting everything from Amazon Echo devices to data-sampling sensors on networks with sensitive systems with little regard to safety, two reports show.
Post a Comment

US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research

7/21/2020
Pair working on behalf of themselves and China's Ministry of State Security, Justice Department says.
Post a Comment

Twitter Breach Highlights Privileged Account Security Issue

7/20/2020
Security incident that allowed attackers to hijack high-profile accounts suggests social media giant's controls for spotting insider abuse were not strong enough, security experts say.
Post a Comment

Twitter Attack Raises Concerns Over its Internal Controls

7/16/2020
Attackers temporarily gained control of the accounts of Joe Biden, Barack Obama, Bill Gates, and others, to tweet a bitcoin scam.
Post a Comment

Vulns in Open Source EHR Puts Patient Health Data at Risk

7/15/2020
Five high-risk flaws in health IT software from LibreHealth, a researcher at Bishop Fox finds.
Post a Comment

New Mirai Variant Surfaces with Exploits for 9 Vulnerabilities Products

7/14/2020
Impacted products include routers, IP cameras, DVRs, and smart TVs.
Post a Comment

Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers

7/10/2020
RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps.
Post a Comment

'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store

7/9/2020
Authors of the malware, which signs up mobile users for premium services, are repeatedly finding ways to bypass app review checks.
Post a Comment

Study Finds 15 Billion Stolen, Exposed Credentials in Criminal Markets

7/8/2020
Data is fueling account takeover attacks in a big way, Digital Shadows says.
Post a Comment

Microsoft Seizes Domains Used in COVID-19-Themed Attacks

7/7/2020
Court grants company's bid to shut down infrastructure used in recent campaigns against Office 365 users.
Post a Comment

North Korea's Lazarus Group Diversifies Into Card Skimming

7/6/2020
Since at least May 2019, the state-sponsored threat actor has stolen card data from dozens of retailers, including major US firms.
Post a Comment

Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign

7/1/2020
Malware used to download WastedLocker on target networks was hosted on legit websites belonging to one parent company, Symantec says.
Post a Comment

FCC Designates Huawei & ZTE as National Security Threats

6/30/2020
Backdoors in 5G network equipment from these vendors could enable espionage and malicious activity, agency says.
Post a Comment

3 Years After NotPetya, Many Organizations Still in Danger of Similar Attacks

6/30/2020
The same gaps that enabled ransomware to spread remain in patching, network segmentation, backup practices, security experts say.
Post a Comment

Major US Companies Targeted in New Ransomware Campaign

6/26/2020
Evil Corp. group hit at least 31 customers in campaign to deploy WastedLocker malware, according to Symantec.
Post a Comment

Criminals Turn to IM Platforms to Avoid Law Enforcement Scrutiny

6/25/2020
Researchers from IntSights observed a sharp increase in the use of popular instant messaging apps over the past year among threat groups.
Post a Comment

7 Tips for Effective Deception

6/25/2020
The right decoys can frustrate attackers and help detect threats more quickly.
Post a Comment

Attackers Scanning for PoS Software in New Sodinokibi Ransomware Campaign

6/23/2020
Making extra money from victims appears to be the goal, Symantec says.
Post a Comment

Cisco Patches Flaw in Webex Videoconferencing App

6/18/2020
Vulnerability would have allowed an attacker to gain access to sensitive information on a system, Trustwave's SpiderLabs says.
Post a Comment

Lazarus Group May Have Been Behind 2019 Attacks on European Targets

6/17/2020
Telemetry hints that the North Korean actor was behind major cyber-espionage campaign focused on military and aerospace companies, ESET says.
Post a Comment

83% of Forbes 2000 Companies' Web Domains Are Poorly Protected

6/16/2020
Only a handful have controls against domain-name hijacking, DNS modifications, and other threats, a new CSC study finds.
Post a Comment

Intel Tackles Malware Related to Memory Security at Hardware Level

6/15/2020
New control-flow enforcement technology will become available with upcoming Tiger Lake mobile processor, chipmaker says.
Post a Comment

15 Individuals Plead Guilty to Multimillion-Dollar Online Auction Fraud Scheme

6/12/2020
Members of Romanian gang used fraudulent ads for nonexistent products to extract money from US Internet users, DoJ says.
Post a Comment

FBI Says Sudden Increase in Mobile Banking Is Heightening Risks For Users

6/11/2020
Mobile malware and fake apps purporting to be legitimate banking software are big risks, law enforcement agency says.
Post a Comment

Rate of Ransomware Attacks in Healthcare Slows in H1 2020

6/10/2020
But lull is unlikely to continue for long, some security experts say.
Post a Comment

Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk

6/9/2020
"CallStranger" flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.
Post a Comment

DARPA Launches Bug Bounty Program

6/8/2020
Unlike most crowdsourced vulnerability-hunting projects, this one is targeted at hardware defenses.
Post a Comment

Q&A: Eugene Spafford on the Risks of Internet Voting

6/5/2020
Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don't know how to manage, says the Purdue University professor and security leader.
Post a Comment

Kaspersky IDs Sophisticated New Malware Targeted at Air-Gapped Systems

6/3/2020
'USBCulprit' is one of several tools that suggest previously known Cycldek group is more dangerous than previous assumed, security vendor says.
Post a Comment

Mobile Phishing Attacks Increase Sharply

6/2/2020
Organizations need to include smartphones and tablets in their phishing mitigation strategies, a new report suggests.
Post a Comment

Data on Indian Mobile Payments App Reportedly Exposed via Open S3 Bucket

6/1/2020
Over 7 million records exposed, according to vpnMentor, but app maker says there is no sign of malicious use.
Post a Comment

Researchers ID Hacktivist Who Defaced Nearly 5,000 Websites

5/28/2020
Opsec mistakes lead a Check Point researcher to an individual in Brazil who was behind a longtime hacking campaign.
Post a Comment

Netwalker Ransomware Tools Reveal Attacker Tactics and Techniques

5/27/2020
Malware and related files show that ransomware operators don't need a cutting-edge arsenal to be effective.
Post a Comment

Turla Backdoor Adds Gmail Web Interface for Command-and-Control

5/26/2020
The latest version of ComRAT is another sign of the threat actor's continued focus on targets in the government, military, and other sectors.
Post a Comment

Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity

5/26/2020
The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.
Post a Comment