Profile of Jai Vijayan

Contributing Writer

News & Commentary Posts: 791

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.

Articles by Jai Vijayan

View Content By Month

Debug Feature in Web Dev Tool Exposed Trump Campaign Site, Others to Attack

10/17/2019
The problem is not with the tool itself but with how some developers and administrators are using it, Comparitech says.
Post a Comment

Typosquatting Websites Proliferate in Run-up to US Elections

10/16/2019
People who mistype the URL for their political candidate or party's website could end up on an opposing party or candidate's website, Digital Shadow's research shows.
Post a Comment

Targeted Ransomware Attacks Show No Signs of Abating

10/15/2019
Criminals are becoming more sophisticated and targeted in going after enterprise organizations, a new Q2/Q3 report finds.
Post a Comment

Cyber Theft, Humint Helped China Cut Corners on Passenger Jet

10/14/2019
Beijing likely saved a lot of time and billions of dollars by copying components for its C919 plane from others, a new report from CrowdStrike says.
Post a Comment

AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security

10/10/2019
At many organizations, the attitude to securing software appears to be throwing a lot of technology at the problem, a new study finds.
Post a Comment

Virginia a Hot Spot For Cybersecurity Jobs

10/9/2019
State has highest number of people in information security roles and the most current job openings, Comparitech study finds.
Post a Comment

Most US Presidential Campaign Websites Offer Little Privacy Protection

10/8/2019
New audit finds that privacy policies on 70% of the sites have no limits on data sharing.
Post a Comment

Iranian Cyberattack on US Presidential Campaign Could Be a Sign of Things to Come

10/8/2019
Political parties and election systems will be heavily targeted in the months leading up to the 2020 general elections, some security experts say.
Post a Comment

Facebook Patches Critical WhatsApp Security Flaw

10/3/2019
Bug gives attackers a way to use GIF images to steal data from Android devices running the message app.
Post a Comment

Millions More Embedded Devices Contain Vulnerable IPnet Software

10/2/2019
FDA, DHS issue fresh warnings on easily exploitable URGENT/11 flaws in medical, SCADA systems, industrial controllers, and other devices.
Post a Comment

New Malware Campaign Targets US Petroleum Companies

10/1/2019
Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says.
Post a Comment

Baltimore Reportedly Had No Data Backup Process for Many Systems

9/30/2019
City lost key data in a ransomware attack earlier this year that's already cost more than $18.2 million in recovery and related expenses.
Post a Comment

Mass Exploitation of vBulletin Flaw Raises Alarm

9/26/2019
The remote code execution bug was a 0-day when it was publicly disclosed Monday, but has now been patched.
Post a Comment

GandCrab Developers Behind Destructive REvil Ransomware

9/25/2019
Code similarities show a definite technical link between the malware strains, Secureworks says.
Post a Comment

5 Updates from PCI SSC That You Need to Know

9/25/2019
As payment technologies evolve, so do the requirements for securing cardholder data.
Post a Comment

Startup Cowbell Cyber Launches 'Continuous Underwriting' Platform

9/24/2019
New inside-out approach will give SMBs a way to buy insurance coverage based on a realistic and ongoing assessment of their risk, company says.
Post a Comment

Cloudflare Introduces 'Bot Fight Mode' Option for Site Operators

9/24/2019
Goal is to help websites detect and block bad bot traffic, vendor says.
Post a Comment

Lion Air the Latest to Get Tripped Up by Misconfigured AWS S3

9/19/2019
The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets.
Post a Comment

WannaCry Detections At An All-Time High

9/18/2019
More than 12,000 variants of the infamous malware are targeting systems that are still open to the EternalBlue exploit - but the potential danger is low, Sophos warns.
Post a Comment

US Turning Up the Heat on North Korea's Cyber Threat Operations

9/16/2019
Sanctions on North Korean nation-state hacking groups came amid reports of fresh malicious campaigns directed at US entities from the isolated nation.
Post a Comment

Indictments Do Little to Stop Iranian Group from New Attacks on Universities

9/12/2019
Cobalt Dickens targeted more than 60 universities in the US and elsewhere this summer, according to a new report.
Post a Comment

New Privacy Features in iOS 13 Let Users Limit Location Tracking

9/10/2019
Apple will introduce other features that allow more secure use of iPhones in workplace settings as well.
Post a Comment

Public Exposure Does Little to Slow China-Based Thrip APT

9/9/2019
Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.
Post a Comment

Chinese Group Built Advanced Trojan by Reverse Engineering NSA Attack Tool

9/6/2019
APT3 quietly monitored an NSA attack on its systems and used the information to build a weapon of its own.
Post a Comment

New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims

9/5/2019
Tide's method for protecting passwords splinters them up into tiny pieces and stores them on distributed nodes.
Post a Comment

5G Standard to Get New Security Specifications

9/4/2019
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.
Post a Comment

Over 47K Supermicro Corporate Servers Vulnerable to Attack

9/3/2019
Vulnerabilities in a remote-monitoring component give attackers a way to mount virtual USBs on systems, Eclypsium warns.
Post a Comment

New Botnet Targets Android Set-Top Boxes

8/29/2019
ARES has already infected thousands of devices and is growing, IoT security firm says.
Post a Comment

Facebook Patches Second Account-Takeover Flaw in Instagram

8/28/2019
The password-recovery mechanism once again puts users of the photo- and video-sharing platform at risk.
Post a Comment

CrowdStrike Launches Fund for Early-Stage Endpoint Security Startups

8/27/2019
It's goal is to accelerate delivery of third-party apps that add on and extend the company's Falcon cloud-hosted services.
Post a Comment

New Malware Variant Targets Old Adobe, Office Vulnerabilities

8/22/2019
Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says.
Post a Comment

Silence APT Group Broadens Attacks on Banks, Gets More Dangerous

8/21/2019
Over the past year, the financial damage linked to the Russian-speaking threat group has spiked fivefold, Group-IB says.
Post a Comment

Apple Misstep Leaves iPhones Open to Jailbreak

8/20/2019
Newest version of iOS contains a critical bug that the company had previously already patched.
Post a Comment

Instagram Added to Facebook Data-Abuse Bounty Program

8/19/2019
Social media giant also launches invitation-only bug bounty program for 'Checkout on Instagram'.
Post a Comment

More Than 20 Data Breaches Reported Per Day in First Half of 2019

8/15/2019
But incidents involving SSNs, addresses, birth dates were smaller than in previous years.
Post a Comment

Trend Micro Patches Privilege Escalation Bug in its Password Manager

8/14/2019
Organizations should update to latest build as soon as possible, security vendor says.
Post a Comment

Orgs Doing More App Security Testing but Fixing Fewer Vulns

8/13/2019
On average, US organizations took nearly five months to fix critical vulnerabilities according to WhiteHat Security's annual vulnerability report.
Post a Comment

2019 Pwnie Award Winners (And Those Who Wish They Weren't)

8/13/2019
This year's round-up includes awards into two new categories: most under-hyped research and epic achievement.
Post a Comment

Researchers Show How SQLite Can Be Modified to Attack Apps

8/12/2019
New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check Point says.
Post a Comment

Equifax CISO: 'Trust Starts and Ends with You'

8/8/2019
Organizational culture is key to good enterprise security posture, Jamil Farshchi told Black Hat attendees.
Post a Comment

WhatsApp Messages Can Be Intercepted, Manipulated

8/8/2019
Check Point security researchers demonstrate how a dangerous security weakness in the messaging application can be abused to spread fake news and carry out online scams.
Post a Comment

Ransomware Used in Multimillion-Dollar Attacks Gets More Automated

8/5/2019
The authors of MegaCortex appear to have traded security for convenience and speed, say researchers at Accenture iDefense.
Post a Comment

PCI Security Council, Retail ISAC Warn Retailers on Magecart Attacks

8/1/2019
Online card-skimming activities grew sharply this summer fueled by the availability of attack kits and other factors, Malwarebytes says.
Post a Comment

Flaws in SanDisk SSD Dashboard Present Malware & Data Loss Risks

7/31/2019
Organizations using the utility should immediately install the latest version of the software, security vendor Trustwave says.
Post a Comment

Sextortion Email Scams Rise Sharply

7/30/2019
Cybercriminals are increasingly trying to trick people into paying ransoms by threatening to expose compromising activities to friends and family.
Post a Comment

Russian Threat Group May Have Devised a 'Man-on-the-Side' Attack

7/25/2019
Data from an intrusion last year suggests Iron Liberty group may have a new trick up its sleeve, Secureworks says.
Post a Comment

Android Malware 'Triada' Most Active on Telco Networks

7/25/2019
Google in May disclosed that several Android devices had been shipped pre-installed with the RAT.
Post a Comment

With Data Breach Costs, Time is Money

7/24/2019
The sooner a company can detect and respond to an incident, the less likely they are to pay for it, a new IBM-Ponemon study finds.
Post a Comment

Penetration Test Data Shows Risk to Domain Admin Credentials

7/23/2019
But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.
Post a Comment

BitPaymer Ransomware Operators Wage Custom, Targeted Attacks

7/18/2019
A new framework is allowing the threat group to compile variants of the malware for each victim, Morphisec says.
Post a Comment

8 Legit Tools and Utilities That Cybercriminals Commonly Misuse

7/18/2019
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
Post a Comment

800K Systems Still Vulnerable to BlueKeep

7/17/2019
Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says.
Post a Comment

Lenovo NAS Firmware Flaw Exposes Stored Data

7/16/2019
More than 5,100 vulnerable devices containing multiple terabytes of data are open to exploitation, researchers found.
Post a Comment

APT Groups Make Quadruple What They Spend on Attack Tools

7/11/2019
Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.
Post a Comment

New Ransomware Targets QNAP's Network-Attached Storage Devices

7/10/2019
More than 19,000 systems in the US are potentially at risk from eCh0raix.
Post a Comment

Zoom Client for Mac Exposing Users to Serious Risks

7/9/2019
Videoconferencing software maker downplays risks and says mitigations are on the way.
Post a Comment

New 'WannaHydra' Malware a Triple Threat to Android

7/3/2019
The latest variant of WannaLocker is a banking Trojan, spyware tool, and ransomware.
Post a Comment

TA505 Group Launches New Targeted Attacks

7/3/2019
Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore.
Post a Comment

Thousands of Facebook Users Hit in Malware Distribution Campaign

7/1/2019
'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.
Post a Comment

New Exploit for Microsoft Excel Power Query

6/27/2019
Proof-of-concept, which allows remote code execution, is latest to exploit Dynamic Data Exchange (DDE) and is another reminder why organizations must ensure Office settings are secure.
Post a Comment

7 Ways to Mitigate Supply Chain Attacks

6/27/2019
Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.
Post a Comment

Email Threats Continue to Grow as Attackers Evolve, Innovate

6/25/2019
Threat actors increasingly using malicious URLs, HTTPS domains, file-sharing sites in email attacks, FireEye says.
Post a Comment

DDoS-for-Hire Services Doubled in Q1

6/24/2019
Impact of FBI's takedown of 15 'booter' domains last December appears to have been temporary.
Post a Comment

Customers of 3 MSPs Hit in Ransomware Attacks

6/20/2019
Early information suggests threat actors gained access to remote monitoring and management tools from Webroot and Kaseya to distribute malware.
Post a Comment

Inside the FBI's Fight Against Cybercrime

6/20/2019
Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.
Post a Comment

Insecure Home IoT Devices a Clear and Present Danger to Corporate Security

6/19/2019
Avast-sponsored study shows wide prevalence of IoT devices, many with weak credentials and other security vulnerabilities.
Post a Comment

DHS Tests Remote Exploit for BlueKeep RDP Vulnerability

6/17/2019
Agency urges organizations with vulnerable systems to apply mitigations immediately.
Post a Comment

BlueKeep RDP Vulnerability a Ticking Time Bomb

6/13/2019
One month after Microsoft disclosed the flaw, nearly 1 million systems remain unpatched, and Internet scans looking for vulnerable systems have begun increasing.
Post a Comment

SQL Injection Attacks Represent Two-Third of All Web App Attacks

6/13/2019
When Local File Inclusion attacks are counted, nearly nine in 10 attacks are related to input validation failures, Akamai report shows.
Post a Comment

Cross-Site Scripting Errors Continue to Be Most Common Web App Flaw

6/11/2019
In vulnerability disclosure programs, organizations are paying more in total for XSS issues than any other vulnerability type, HackerOne says.
Post a Comment

Huawei Represents Massive Supply Chain Risk: Report

6/10/2019
The Chinese technology giant's enormous product and service footprint gives it access to more data than almost any other single organization, Recorded Future says.
Post a Comment

Vietnam Rises as Cyberthreat

6/5/2019
The country's rapid economic growth and other factors are driving an increase in cybercrime and cyber espionage activity.
Post a Comment

Carbanak Attack: Two Hours to Total Compromise

6/4/2019
Investigation of the cybercrime group's attack on an East European bank shows how some attackers require very little time to broaden their access and establish persistence on a network.
Post a Comment

Zebrocy APT Group Expands Malware Arsenal with New Backdoor Family

6/3/2019
Group's constant experimentation and malware changes are complicating efforts for defenders, Kaspersky Lab says.
Post a Comment

7 Recent Wins Against Cybercrime

5/24/2019
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
Post a Comment

DDoS Attacks Up in Q1 After Months of Steady Decline

5/22/2019
Sudden surge suggests that new actors have stepped up to the plate to replace the old operators.
Post a Comment

New Trickbot Variant Uses URL Redirection to Spread

5/20/2019
Switch in tactic is the latest attempt by operators of the prolific banking Trojan to slip past detection mechanisms.
Post a Comment

Q1 2019 Smashes Record For Most Reported Vulnerabilities in a Quarter

5/17/2019
Once again, a high-proportion of the reported flaws have no current fix, according to Risk Based Security.
Post a Comment

US Charges Members of GozNym Cybercrime Gang

5/16/2019
The FBI and counterparts from other nations say group infected over 41,000 computers with malware that steals banking credentials.
Post a Comment

GDPR Drives Changes, but Privacy by Design Proves Elusive

5/15/2019
One year later, the EU mandate's biggest impact has been to focus more attention on data protection and privacy, security analysts say.
Post a Comment

Korean APT Adds Rare Bluetooth Device-Harvester Tool

5/13/2019
ScarCruft has evolved into a skilled and resourceful threat group, new research shows.
Post a Comment

Data Dump Purportedly Reveals Details on Previously Unknown Iranian Threat Group

5/9/2019
Rana targets airline companies and others in well-planned, well-researched attacks, Israel's ClearSky says.
Post a Comment

2018 Arrests Have Done Little to Stop Marauding Threat Group

5/8/2019
In fact, FIN7's activities only appear to have broadened, according to a new report.
Post a Comment

Orgs Are Quicker to Disclose Breaches Reported to Them Via External Sources

5/7/2019
Companies that find a breach on their own take substantially longer to report a breach, a new analysis shows.
Post a Comment

Attackers Add a New Spin to Old Scams

5/6/2019
Scammers are figuring out unique ways of abusing cloud services to make their attacks look more genuine, Netskope says.
Post a Comment

New Exploits For Old Configuration Issues Heighten Risk for SAP Customers

5/2/2019
Exploits give attackers a way to create havoc in business-critical SAP ERP, CRM, SCM, and other environments, Onapsis says.
Post a Comment

Digital Ad-Fraud Losses Decline

5/1/2019
Even so, more work remains to be done to address online ad fraud operations that cause billions of dollars in losses annually for advertisers.
Post a Comment

Financial Data for Multiple Companies Dumped Online in Failed Extortion Bid

4/30/2019
Potential victims reportedly include Oracle, Volkswagen, Airbus and Porsche.
Post a Comment

Docker Forces Password Reset for 190,000 Accounts After Breach

4/29/2019
Organizations impacted by breach, which gave attackers illegal access to a database containing sensitive account information, need to check their container images.
Post a Comment

Security Vulns in Microsoft Products Continue to Increase

4/25/2019
The good news: Removing admin privileges can mitigate most of them, a new study by BeyondTrust shows.
Post a Comment

TA505 Abusing Legit Remote Admin Tool in String of Attacks

4/24/2019
Russian-speaking threat group has been targeting retailers and financial institutions in the US and abroad via a spear-phishing campaign.
Post a Comment

Exploits for Adobe Vulnerabilities Spiked in 2018

4/23/2019
With Flash Player on way out, attackers are renewing their focus on Acrobat Reader, RiskSense found.
Post a Comment

Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies

4/22/2019
Motive remains unclear though financial theft appears to be one possibility, Check Point Research says.
Post a Comment

6 Takeaways from Ransomware Attacks in Q1

4/18/2019
Customized, targeted ransomware attacks were all the rage.
Post a Comment

Nation-State Hacker Group Hijacking DNS to Redirect Email, Web Traffic

4/17/2019
'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.
Post a Comment

7 Tips for an Effective Employee Security Awareness Program

4/17/2019
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
Post a Comment

Threat Group Exploits Chrome Bug to Serve Malicious Ads to iOS Users

4/16/2019
A new exploit developed by eGobbler is allowing it to distribute malvertisements–more than 500 million to date–at huge scale, Confiant says.
Post a Comment

Microsoft Downplays Scope of Email Attack

4/15/2019
An unknown attacker used a support agent's credentials to access email content belonging to some Outlook, Hotmail users.
Post a Comment

Majority of Hotel Websites Leak Guest Booking Info

4/10/2019
Third parties such as ad, search engine, and analytics firms often have access to guest name, address, phone numbers, credit cards and other data, Symantec says.
Post a Comment

Verizon Patches Trio of Vulnerabilities in Home Router

4/9/2019
One of the flaws gives attackers way to gain root access to devices, Tenable says.
Post a Comment

Author

Profile of Jai Vijayan