Thousands Download Malicious npm Libraries Impersonating Legitimate Tools https://firewall.firm.in/wp-content/uploads/2024/12/npm.png Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve ...

US cybersecurity agency ‘warns’ government officials, politicians: “…immediately review and apply…” – ET CISO https://etimg.etb2bimg.com/thumb/msid-116461509,imgsize-27682,width-1200,height=765,overlay-etciso/cybercrime-fraud/us-cybersecurity-agency-warns-government-officials-politicians-immediately-review-and-apply.jpg The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent recommendation for senior government officials and politicians. It has published a “Mobile Communications Best Practice Guidance”, urging them to immediately switch to end-to-end encrypted messaging apps. In a written advisory, CISA urged individuals ...

Cybersecurity threat trends that will impact Indian businesses in 2025, Barracuda highlights, ET CISO Security experts at Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats have revealed their perspectives on how the cyberthreat landscape is likely to evolve in 2025 and the key trends organisations in India should prepare for. Among other things, the experts ...

HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft https://firewall.firm.in/wp-content/uploads/2024/12/password.png Dec 18, 2024Ravie LakshmananEmail Security / Cloud Security Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto ...

Rising cybersecurity threats demand stronger defenses in the digital age – ET CISO https://etimg.etb2bimg.com/thumb/msid-116423014,imgsize-182272,width-1200,height=765,overlay-etciso/cybercrime-fraud/rising-cybersecurity-threats-demand-stronger-defenses-in-the-digital-age.jpg In today’s increasingly digital world, businesses are far more reliant than ever on sophisticated technologies to ensure the smooth functioning of operations. However, recent high-profile outages and data breaches have cast a long shadow over this digital transformation, underscoring the critical importance of safeguarding sensitive information ...

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware https://firewall.firm.in/wp-content/uploads/2024/12/malware.png Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to ...

92 pc of Indian executives cite security vulnerabilities as primary obstacle to responsible AI usage: Report – ET CISO https://etimg.etb2bimg.com/thumb/msid-116401429,imgsize-32802,width-1200,height=765,overlay-etciso/cybercrime-fraud/92-pc-of-indian-executives-cite-security-vulnerabilities-as-primary-obstacle-to-responsible-ai-usage-report.jpg A significant majority of Indian executives, around 92 per cent, view security vulnerabilities such as hacking and cyber threats as the primary barrier to responsible AI adoption, as per a report by Deloitte. The report highlights growing concerns over privacy ...

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal https://firewall.firm.in/wp-content/uploads/2024/12/mark.png Dec 17, 2024Ravie LakshmananCyber Espionage / Mobile Security A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat actor that has been performing ...

Strengthening enterprise application ecosystems against disruptions – ET CISO https://etimg.etb2bimg.com/thumb/msid-116388462,imgsize-8748,width-1200,height=765,overlay-etciso/cybercrime-fraud/strengthening-enterprise-application-ecosystems-against-disruptions.jpg In an era where disruption is relentless and often unpredictable, enterprise applications are vulnerable to a range of threats, from undersea cable sabotage and AI deepfakes to restrictive regulations. As organizations rely on increasingly complex application ecosystems, it’s crucial to integrate resilience into applications to ensure business continuity. This involves ...

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages https://firewall.firm.in/wp-content/uploads/2024/12/adclick.png Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. “Entirely reliant on a single ad ...