Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT https://firewall.firm.in/wp-content/uploads/2024/09/zscaler.png Sep 09, 2024Ravie LakshmananFinancial Security / Malware The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) referred to as Quasar RAT since June 2024. “Attacks have ...

US proposes requiring reporting for advanced AI, cloud providers – ET CISO https://etimg.etb2bimg.com/thumb/msid-113214784,imgsize-8240,width-1200,height=765,overlay-etciso/grc/us-proposes-requiring-reporting-for-advanced-ai-cloud-providers.jpg The U.S. Commerce Department said Monday it is proposing to require detailed reporting requirements for advanced artificial intelligence developers and cloud computing providers to ensure the technologies are safe and can withstand cyberattacks. The proposal from the department’s Bureau of Industry and Security would set mandatory reporting ...

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout https://firewall.firm.in/wp-content/uploads/2024/09/one.png Sep 09, 2024The Hacker NewsData Protection / Threat Detection The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach ...

Video game performers reach agreement with 80 video games on AI terms – ET CISO https://etimg.etb2bimg.com/thumb/msid-113181905,imgsize-156646,width-1200,height=765,overlay-etciso/corporate/video-game-performers-reach-agreement-with-80-video-games-on-ai-terms.jpg After striking for over a month, video game performers have reached agreements with 80 games that have signed interim or tiered budget agreements with the performers’ union and accepted the artificial intelligence provisions they have been seeking. Members of the Screen Actors Guild-American Federation ...

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks https://firewall.firm.in/wp-content/uploads/2024/09/airgap.png Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai ...

Can privacy and national security coexist on encrypted messaging platforms? – ET CISO https://etimg.etb2bimg.com/thumb/msid-113181987,imgsize-71542,width-1200,height=765,overlay-etciso/ot-security/can-privacy-and-national-security-coexist-on-encrypted-messaging-platforms.jpg Telegram CEO Pavel Durov’s recent arrest in France has reignited the debate on balancing user privacy with national security concerns in encrypted messaging platforms. Detained on charges of inadequate monitoring of illegal activities on Telegram, Durov’s case highlights the growing tension between privacy advocates and law ...

Cybercriminals target SMEs as large companies beef up security, ET CISO Cybercriminals are turning their focus to small and medium enterprises (SMEs) as large organisations bolster their cybersecurity infrastructure, maintain data redundancy, invest in cyber insurance, and refuse to pay ransom. Hacker groups like Lockbit, BlackCat and Akira are increasingly targeting SMEs in healthcare, retail and manufacturing, who sometimes remain ...

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware https://firewall.firm.in/wp-content/uploads/2024/09/jeo.jpg Sep 06, 2024Ravie LakshmananCryptocurrency / APT Attack A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote ...

Nvidia, Microsoft hit with patent lawsuit over AI computing technology – ET CISO https://etimg.etb2bimg.com/thumb/msid-113144034,imgsize-31078,width-1200,height=765,overlay-etciso/corporate/nvidia-microsoft-hit-with-patent-lawsuit-over-ai-computing-technology.jpg Artificial intelligence computing giants Nvidia and Microsoft were sued in U.S. court on Thursday for allegedly stealing a small Texas company’s data processor technology to help fuel development of AI products. Plaintiff Xockets accused Nvidia and Microsoft of “rampant” patent infringement in the lawsuit, filed in ...

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation https://firewall.firm.in/wp-content/uploads/2024/09/sonic.jpg Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of ...