How Hybrid Password Attacks Work and How to Defend Against Them https://firewall.firm.in/wp-content/uploads/2024/10/password.png Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks — ...

Irdai to increase scrutiny of cyber security breaches after Star Health episode – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138567,imgsize-5880,width-1200,height=765,overlay-etciso/ot-security/irdai-to-increase-scrutiny-of-cyber-security-breaches-after-star-health-episode.jpg The Insurance Regulatory and Development Authority (Irdai) is intensifying scrutiny of cyber security lapses in the insurance sector after Star Health Insurance, one of the country’s largest health insurers, suffered a major data breach. Over 31 million customers’ sensitive personal information was allegedly sold ...

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance https://firewall.firm.in/wp-content/uploads/2024/10/big-ip.png Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module ...

Internet Archive reels from ‘catastrophic’ cyberattack, data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138588,imgsize-30230,width-1200,height=765,overlay-etciso/ot-security/internet-archive-reels-from-catastrophic-cyberattack-data-breach.jpg By Anuj Chopra Washington: The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack that exposed the data of millions of users and left the site defaced. The assault on the San Francisco-based nonprofit, claimed by a shadowy group ...

Evidence shows CISO is being wrongly implicated, ET CISO Star Health Insurance did suffer a data breach incident – a massive one, in fact, there’s no refuting that. However, allegations made by the threat actor implicating the company’s CISO, Amarjeet Khanuja, are rife with inconsistencies and anyone with a slim understanding of how enterprise security works can spot holes in ...

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution https://firewall.firm.in/wp-content/uploads/2024/10/gitlab.png Oct 11, 2024Ravie LakshmananDevOps / Vulnerability GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a ...

Government issues ‘high risk’ warning for Microsoft Windows users – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138621,imgsize-37016,width-1200,height=765,overlay-etciso/grc/government-issues-high-risk-warning-for-microsoft-windows-users.jpg The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for Microsoft Windows users. The cyber security under the aegis of Ministry of Electronics and Information Technology said that it has discovered multiple vulnerabilities in Microsoft products including Microsoft Windows, Microsoft Office, Microsoft Azure, Developer Tools, ...

OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation https://firewall.firm.in/wp-content/uploads/2024/10/ai-content.png Oct 10, 2024Ravie LakshmananCybercrime / Disinformation OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, ...

Thales to provide smart digital platform to improve security at Adani airports – ET CISO https://etimg.etb2bimg.com/thumb/msid-114107807,imgsize-16562,width-1200,height=765,overlay-etciso/ot-security/thales-to-provide-smart-digital-platform-to-improve-security-at-adani-airports.jpg European major Thales will deploy a smart digital platform at seven airports operated by the Adani Group that will centrally host all the necessary applications to improve overall airport management, security and passenger experience. Thales and Adani Airport Holdings Ltd have announced a strategic ...

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms https://firewall.firm.in/wp-content/uploads/2024/10/shopping.png Oct 10, 2024Ravie LakshmananCybercrime / Malware Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. “At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all ...