OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf https://firewall.firm.in/wp-content/uploads/2024/10/cyberattac.png Oct 13, 2024Ravie Lakshmanan The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying ...

Trump campaign turns to secure hardware after hacking incident – ET CISO https://etimg.etb2bimg.com/thumb/msid-114165352,imgsize-55794,width-1200,height=765,overlay-etciso/ot-security/trump-campaign-turns-to-secure-hardware-after-hacking-incident.jpg Republican presidential candidate Donald Trump’s campaign is now using specialized, encrypted mobile phones and secure laptops in an effort to protect staff following a series of successful Iranian hacks and two attempts to assassinate the former president. The campaign recently purchased a package of these devices from ...

Apple researchers question AI’s reasoning ability in mathematics, ET CISO A team of Apple researchers has questioned the formal reasoning capabilities of large language models (LLMs), particularly in mathematics. They found that LLMs exhibit noticeable variance when responding to different instantiations of the same question. Literature suggests that the reasoning process in LLMs is probabilistic pattern-matching rather than formal reasoning. ...

Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation https://firewall.firm.in/wp-content/uploads/2024/10/arrested.png Oct 11, 2024Ravie LakshmananCybercrime / Dark Web The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation ...

Report sounds the alarm on toxic cloud exposures threatening Indian organisations – ET CISO https://etimg.etb2bimg.com/thumb/msid-114090161,imgsize-402500,width-1200,height=765,overlay-etciso/research/report-sounds-the-alarm-on-toxic-cloud-exposures-threatening-indian-organisations.jpg Rajnish Gupta Tenable, the exposure management company, released the Tenable Cloud Risk Report 2024, highlighting that organisations globally and in India are unknowingly exposed to the “toxic cloud triad,” a trifecta of cloud security risks that could lead to severe data breaches and financial losses. ...

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks https://firewall.firm.in/wp-content/uploads/2024/10/phishing.png A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories ...

Cyber attack on Uttarakhand’s ITDA, hacker seeks ransom – ET CISO https://etimg.etb2bimg.com/thumb/msid-114107670,imgsize-1564323,width-1200,height=765,overlay-etciso/cybercrime-fraud/cyber-attack-on-uttarakhands-itda-hacker-seeks-ransom.jpg The Uttarakhand Police has registered a case against an unidentified person who allegedly hacked into the state’s Information Technology Development Agency (ITDA) server and demanded a ransom. An FIR under section 308(4)(extortion) of the BNS and 65/66/66C of the IT Act has been registered at the Cyber Crime ...

How Hybrid Password Attacks Work and How to Defend Against Them https://firewall.firm.in/wp-content/uploads/2024/10/password.png Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks — ...

Irdai to increase scrutiny of cyber security breaches after Star Health episode – ET CISO https://etimg.etb2bimg.com/thumb/msid-114138567,imgsize-5880,width-1200,height=765,overlay-etciso/ot-security/irdai-to-increase-scrutiny-of-cyber-security-breaches-after-star-health-episode.jpg The Insurance Regulatory and Development Authority (Irdai) is intensifying scrutiny of cyber security lapses in the insurance sector after Star Health Insurance, one of the country’s largest health insurers, suffered a major data breach. Over 31 million customers’ sensitive personal information was allegedly sold ...

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance https://firewall.firm.in/wp-content/uploads/2024/10/big-ip.png Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module ...