HealthEquity data breach exposes protected health information – ET CISO https://etimg.etb2bimg.com/thumb/msid-111594116,imgsize-41420,width-1200,height=765,overlay-etciso/data-breaches/healthequity-data-breach-exposes-protected-health-information.jpg Healthcare fintech firm HealthEquity has disclosed a data breach following the compromise of a partner’s account, which was used to infiltrate the company’s systems and steal protected health information. The breach was identified after the company detected “anomalous behavior” from a partner’s personal device, prompting an investigation. The investigation ...

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk https://firewall.firm.in/wp-content/uploads/2024/08/solarwinds.png Aug 22, 2024Ravie LakshmananVulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. “The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential ...

Big Tech wants AI to be regulated. Why do they oppose a California AI bill? – ET CISO https://etimg.etb2bimg.com/thumb/msid-112700106,imgsize-38648,width-1200,height=765,overlay-etciso/corporate/big-tech-wants-ai-to-be-regulated-why-do-they-oppose-a-california-ai-bill.jpg California legislators are set to vote on a bill as soon as this week that would broadly regulate how artificial intelligence is developed and deployed in California even as a number of tech giants have voiced broad opposition. Here is background ...

Rubrik says it will continue to invest in India, to open R&D unit in Pune, ET CISO The US-based cybersecurity and cloud data company Rubrik said that the company is actively hiring and would unveil a new research and development (R&D) unit in Pune, as a part of India-focussed strategy. “We have believed in India from a very early age. ...

Personal data of nearly 8 million Angel One customers leaked online – ET CISO https://etimg.etb2bimg.com/thumb/msid-111613595,imgsize-2403626,width-1200,height=765,overlay-etciso/data-breaches/personal-data-of-nearly-8-million-angel-one-customers-leaked-online.jpg AI generated image In a major breach of user data, around 7.9 million personally identifiable information (PII) data belonging to the customers of Mumbai-based stock broking firm Angel One, was released in an online hacker portal on Tuesday. Details like names, addresses, contact numbers and ...

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide https://firewall.firm.in/wp-content/uploads/2024/08/rfid.png Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, ...

Microchip Technology says certain operations disrupted by cyber incident – ET CISO https://etimg.etb2bimg.com/thumb/msid-112671371,imgsize-67032,width-1200,height=765,overlay-etciso/cybercrime-fraud/microchip-technology-says-certain-operations-disrupted-by-cyber-incident.jpg Microchip Technology said on Tuesday an “unauthorized party” disrupted the company’s use of certain servers and some business operations, marking the latest security incident at a U.S. chipmaker this year. After detecting “potentially suspicious activity” in its IT systems on Saturday, Microchip began taking steps to assess ...

Australian cyber security agency accuses China-backed hacker group of stealing user data – ET CISO https://etimg.etb2bimg.com/thumb/msid-111639830,imgsize-7046,width-1200,height=765,overlay-etciso/data-breaches/australian-cyber-security-agency-accuses-china-backed-hacker-group-of-stealing-user-data.jpg Australian cyber security agency accuses China-backed hacker group of stealing user data Cybersecurity firms backed by the Chinese authorities have been accused of stealing passwords and usernames from unnamed Australian networks in 2022, the Australian Cyber Security Centre (ACSC) reported on Tuesday. The investigation ...

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data https://firewall.firm.in/wp-content/uploads/2024/08/ms.png Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) ...

CEA proposes stricter cyber security norms to shield India’s power grid – ET CISO https://etimg.etb2bimg.com/thumb/msid-112671881,imgsize-41302,width-1200,height=765,overlay-etciso/ot-security/cea-proposes-stricter-cyber-security-norms-to-shield-indias-power-grid.jpg In an assertive move to fortify India’s power sector against escalating cyber threats, the Central Electricity Authority (CEA) has released a draft of the Central Electricity Authority (Cyber Security in Power Sector) Regulations. Set to come into effect six months following their publication in the ...