California students take legal action against US education department over massive data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-118162922,imgsize-119596,width-1200,height=765,overlay-etciso/data-breaches/california-students-take-legal-action-against-us-education-department-over-massive-data-breach.jpg A coalition of California college students has filed a lawsuit against the US Department of Education accusing an oversight task force associated with tech magnate Elon Musk of unlawfully accessing confidential student financial records. The legal petition spearheaded by the University of California ...
Read More »Author Archives: firewallfirmadmin
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software https://firewall.firm.in/wp-content/uploads/2025/02/PaloAlto-Networks.png Feb 13, 2025Ravie LakshmananNetwork Security / Vulnerability Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access ...
Read More »Microsoft, Google, Airtel & other tech titans form coalition to curb cyber frauds – ET CISO
Microsoft, Google, Airtel & other tech titans form coalition to curb cyber frauds – ET CISO https://etimg.etb2bimg.com/thumb/msid-118201735,imgsize-84804,width-1200,height=765,overlay-etciso/cybercrime-fraud/microsoft-google-airtel-other-tech-titans-form-coalition-to-curb-cyber-frauds.jpg Leading telecom and tech companies, including Bharti Airtel, Vodafone Idea (Vi), Microsoft, Google and Meta amongst others, have formed a coalition, Safer Internet India (SII), to curb cyber fraud and online scams. India has become the second-most cyber-attacked nation globally post-pandemic as the ...
Read More »Common data security mistakes and how to avoid them, IT Security News, ET CISO
Common data security mistakes and how to avoid them, IT Security News, ET CISO In recent years, the growing frequency and impact of data breaches have highlighted the importance of prioritising privacy and data protection. As businesses increasingly rely on digital platforms, safeguarding sensitive information has become a cornerstone of modern organisational strategies. Indeed, data breaches have surged over the ...
Read More »PayPal agrees to pay $2 million to settle for this data breach – ET CISO
PayPal agrees to pay $2 million to settle for this data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-117619031,imgsize-20694,width-1200,height=765,overlay-etciso/data-breaches/paypal-agrees-to-pay-2-million-to-settle-for-this-data-breach.jpg PayPal has agreed to pay a $2 million fine to New York State for failing to comply with cybersecurity regulations. This led to a data breach in 2022 that exposed the personal information of 35,000 customers. The New York Department of Financial Services (DFS) ...
Read More »Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access https://firewall.firm.in/wp-content/uploads/2025/02/go.png Feb 04, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB ...
Read More »The evolution of DDoS attacks: Why APIs are in the crosshairs – ET CISO
The evolution of DDoS attacks: Why APIs are in the crosshairs – ET CISO https://etimg.etb2bimg.com/thumb/msid-117904285,imgsize-2602,width-1200,height=765,overlay-etciso/cybercrime-fraud/the-evolution-of-ddos-attacks-why-apis-are-in-the-crosshairs.jpg In today’s hyper-connected world, Application Programming Interfaces (APIs) have become the backbone of all digital interactions. They’re all around us. From booking flights to using a ride sharing app, sending a mobile payment, or checking your car’s repair status on your phone, you’re using an ...
Read More »Sensitive DeepSeek data exposed to web, cyber firm says, IT Security News, ET CISO
Sensitive DeepSeek data exposed to web, cyber firm says, IT Security News, ET CISO New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet. In a blog post published Wednesday, Wiz said that scans of DeepSeek’s infrastructure showed that the company had accidentally ...
Read More »LinkedIn lawsuit over use of customer data for AI models is dismissed – ET CISO
LinkedIn lawsuit over use of customer data for AI models is dismissed – ET CISO https://etimg.etb2bimg.com/thumb/msid-117816125,imgsize-51252,width-1200,height=765,overlay-etciso/data-breaches/linkedin-lawsuit-over-use-of-customer-data-for-ai-models-is-dismissed.jpg A proposed class action accusing Microsoft’s LinkedIn of violating the privacy of millions of Premium customers by disclosing their private messages to train generative artificial intelligence models has been dismissed. The plaintiff Alessandro De La Torre on Thursday filed a notice of dismissal without ...
Read More »768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023 https://firewall.firm.in/wp-content/uploads/2025/02/vul.png Feb 03, 2025Ravie LakshmananVulnerability / Network Security As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as “another banner year for threat actors targeting ...
Read More »