Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation https://firewall.firm.in/wp-content/uploads/2024/10/arrested.png Oct 11, 2024Ravie LakshmananCybercrime / Dark Web The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation ...

Report sounds the alarm on toxic cloud exposures threatening Indian organisations – ET CISO https://etimg.etb2bimg.com/thumb/msid-114090161,imgsize-402500,width-1200,height=765,overlay-etciso/research/report-sounds-the-alarm-on-toxic-cloud-exposures-threatening-indian-organisations.jpg Rajnish Gupta Tenable, the exposure management company, released the Tenable Cloud Risk Report 2024, highlighting that organisations globally and in India are unknowingly exposed to the “toxic cloud triad,” a trifecta of cloud security risks that could lead to severe data breaches and financial losses. ...

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks https://firewall.firm.in/wp-content/uploads/2024/10/phishing.png A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories ...

Cyber attack on Uttarakhand’s ITDA, hacker seeks ransom – ET CISO https://etimg.etb2bimg.com/thumb/msid-114107670,imgsize-1564323,width-1200,height=765,overlay-etciso/cybercrime-fraud/cyber-attack-on-uttarakhands-itda-hacker-seeks-ransom.jpg The Uttarakhand Police has registered a case against an unidentified person who allegedly hacked into the state’s Information Technology Development Agency (ITDA) server and demanded a ransom. An FIR under section 308(4)(extortion) of the BNS and 65/66/66C of the IT Act has been registered at the Cyber Crime ...

How Hybrid Password Attacks Work and How to Defend Against Them https://firewall.firm.in/wp-content/uploads/2024/10/password.png Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks — ...

Irdai to increase scrutiny of cyber security breaches after Star Health episode – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138567,imgsize-5880,width-1200,height=765,overlay-etciso/ot-security/irdai-to-increase-scrutiny-of-cyber-security-breaches-after-star-health-episode.jpg The Insurance Regulatory and Development Authority (Irdai) is intensifying scrutiny of cyber security lapses in the insurance sector after Star Health Insurance, one of the country’s largest health insurers, suffered a major data breach. Over 31 million customers’ sensitive personal information was allegedly sold ...

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance https://firewall.firm.in/wp-content/uploads/2024/10/big-ip.png Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module ...

Internet Archive reels from ‘catastrophic’ cyberattack, data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138588,imgsize-30230,width-1200,height=765,overlay-etciso/ot-security/internet-archive-reels-from-catastrophic-cyberattack-data-breach.jpg By Anuj Chopra Washington: The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack that exposed the data of millions of users and left the site defaced. The assault on the San Francisco-based nonprofit, claimed by a shadowy group ...

Evidence shows CISO is being wrongly implicated, ET CISO Star Health Insurance did suffer a data breach incident – a massive one, in fact, there’s no refuting that. However, allegations made by the threat actor implicating the company’s CISO, Amarjeet Khanuja, are rife with inconsistencies and anyone with a slim understanding of how enterprise security works can spot holes in ...

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution https://firewall.firm.in/wp-content/uploads/2024/10/gitlab.png Oct 11, 2024Ravie LakshmananDevOps / Vulnerability GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a ...