Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data https://firewall.firm.in/wp-content/uploads/2024/08/ms.png Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) ...
Read More »Author Archives: firewallfirmadmin
CEA proposes stricter cyber security norms to shield India’s power grid – ET CISO
CEA proposes stricter cyber security norms to shield India’s power grid – ET CISO https://etimg.etb2bimg.com/thumb/msid-112671881,imgsize-41302,width-1200,height=765,overlay-etciso/ot-security/cea-proposes-stricter-cyber-security-norms-to-shield-indias-power-grid.jpg In an assertive move to fortify India’s power sector against escalating cyber threats, the Central Electricity Authority (CEA) has released a draft of the Central Electricity Authority (Cyber Security in Power Sector) Regulations. Set to come into effect six months following their publication in the ...
Read More »Angel One’s data breach dates back to April 2023, company clarifies – ET CISO
Angel One’s data breach dates back to April 2023, company clarifies – ET CISO https://etimg.etb2bimg.com/thumb/msid-111640226,imgsize-9956,width-1200,height=765,overlay-etciso/data-breaches/angel-ones-data-breach-dates-back-to-april-2023-company-clarifies.jpg (Representative Image) Angel One has denied any fresh data breach and has assured its customers of enhanced protection measures employed by the company. In a clarification issued on Wednesday, the domestic brokerage said that a reported data breach dates back to April 2023 and was ...
Read More »It’s Time To Untangle the SaaS Ball of Yarn
It’s Time To Untangle the SaaS Ball of Yarn https://firewall.firm.in/wp-content/uploads/2024/08/main.png It’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities ...
Read More »Swiss engineering firm Schlatter says IT systems back up after cyberattack – ET CISO
Swiss engineering firm Schlatter says IT systems back up after cyberattack – ET CISO https://etimg.etb2bimg.com/thumb/msid-112671918,imgsize-28516,width-1200,height=765,overlay-etciso/ot-security/swiss-engineering-firm-schlatter-says-it-systems-back-up-after-cyberattack.jpg Swiss engineering company Schlatter Industries said on Tuesday that its computer network had been back up since Monday following a cyberattack nearly two weeks back. The group said on August 9 that it was hit by a malware-based cyberattack and that unknown perpetrators were attempting ...
Read More »Copyright group takes down Dutch language AI dataset, IT Security News, ET CISO
Copyright group takes down Dutch language AI dataset, IT Security News, ET CISO Dutch-based copyright enforcement group BREIN has taken down a large language dataset that was being offered for use in training AI models, the organization said on Tuesday. The dataset included information collected without permission from tens of thousands of books, news sites, and Dutch language subtitles harvested ...
Read More »Data of nearly all AT&T customers downloaded to a third-party platform in security breach – ET CISO
Data of nearly all AT&T customers downloaded to a third-party platform in security breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-111696831,imgsize-320540,width-1200,height=765,overlay-etciso/data-breaches/data-of-nearly-all-att-customers-downloaded-to-a-third-party-platform-in-security-breach.jpg The AT&T logo is positioned above one of its retail stores in New York, Oct. 24, 2016. A security breach in 2022 compromised the data of nearly all of AT&T’s cellular customers, customers of mobile virtual network operators using AT&T’s wireless network, ...
Read More »GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk https://firewall.firm.in/wp-content/uploads/2024/08/wordpress.png Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, ...
Read More »EU approves biggest grant yet under Chips Act for TSMC Germany plant – ET CISO
EU approves biggest grant yet under Chips Act for TSMC Germany plant – ET CISO https://etimg.etb2bimg.com/thumb/msid-112671956,imgsize-218524,width-1200,height=765,overlay-etciso/corporate/eu-approves-biggest-grant-yet-under-chips-act-for-tsmc-germany-plant.jpg The European Commission said on Tuesday it had approved 5 billion euros ($5.5 billion) in German state aid to support a new microchip plant in Dresden for the European Semiconductor Manufacturing Company (ESMC). The award for the project led by Taiwan’s TSMC is the ...
Read More »Sebi comes out with new cyber security framework for regulated entities, ET CISO
Sebi comes out with new cyber security framework for regulated entities, ET CISO Markets watchdog Sebi on Tuesday issued a new cyber security framework wherein all regulated entities are required to have appropriate security monitoring mechanisms, and the fresh norms will be implemented in a graded manner starting from January 2025. Besides, a Cyber Capability Index (CCI) for market infrastructure ...
Read More »