Risk of data breaches, cyber frauds up due to digitization: RBI report – ET CISO https://etimg.etb2bimg.com/thumb/msid-112124677,imgsize-59604,width-1200,height=765,overlay-etciso/data-breaches/risk-of-data-breaches-cyber-frauds-up-due-to-digitization-rbi-report.jpg The average cost of data breaches in India stand at $2.18 million in 2023, up 28% since 2020 though less than the global average cost of $4.5 million, RBI’s annual report on currency and finance which was themed around digitalisation said. The report citing ...
Read More »Author Archives: firewallfirmadmin
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks https://firewall.firm.in/wp-content/uploads/2024/08/chip.jpg Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The ...
Read More »Microsoft warns Office and Microsoft 365 users of unpatched ‘security flaw’ – ET CISO
Microsoft warns Office and Microsoft 365 users of unpatched ‘security flaw’ – ET CISO https://etimg.etb2bimg.com/thumb/msid-112484796,imgsize-121374,width-1200,height=765,overlay-etciso/ot-security/microsoft-warns-office-and-microsoft-365-users-of-unpatched-security-flaw.jpg Microsoft has revealed a serious security flaw in its Office software that could expose sensitive information to hackers. The unpatched vulnerability, labeled CVE-2024-38200 and rated 7.5 on the CVSS scale, allows attackers to impersonate users and potentially access confidential data. Researchers Jim Rush and Metin ...
Read More »Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems https://firewall.firm.in/wp-content/uploads/2024/08/solar.png Aug 12, 2024Ravie LakshmananCritical Infrastructure / Vulnerability Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. “If exploited, these vulnerabilities could allow an attacker to control inverter ...
Read More »How Phishing Attacks Adapt Quickly to Capitalize on Current Events
How Phishing Attacks Adapt Quickly to Capitalize on Current Events https://firewall.firm.in/wp-content/uploads/2024/08/cyber-main.png In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier ...
Read More »Adoption of AI spotlights businesses to invest in proactive cybersecurity defences, ET CISO
Adoption of AI spotlights businesses to invest in proactive cybersecurity defences, ET CISO Rapid adoption of Artificial Intelligence has powered growth but opened avenues for cybercriminals to misuse AI for sophisticated attacks, Kaspersky has said spotlighting the need for businesses to invest in proactive cybersecurity defences to meet new-age challenges. Kaspersky, a global cybersecurity and digital privacy company, said it ...
Read More »Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers https://firewall.firm.in/wp-content/uploads/2024/08/cloud.png Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might ...
Read More »Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure https://firewall.firm.in/wp-content/uploads/2024/08/ms.png Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following ...
Read More »Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys https://firewall.firm.in/wp-content/uploads/2024/08/python.jpg Aug 11, 2024Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims’ secrets. “The legitimate Solana Python API project is known as ...
Read More »Microsoft blames Delta for its struggle to recover from global cyber outage, ET CISO
Microsoft blames Delta for its struggle to recover from global cyber outage, ET CISO Microsoft blamed Delta Air Lines on Tuesday for its dayslong struggle to recover from a global cyber outage that led it to cancel more than 6,000 flights. A software update last month by global cybersecurity firm CrowdStrike triggered system problems for Microsoft customers, including many airlines. ...
Read More »