New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions https://firewall.firm.in/wp-content/uploads/2024/08/chrome.png Aug 10, 2024Ravie LakshmananBrowser Security / Online Fraud An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack ...

OpenAI worries its AI voice may charm users, IT Security News, ET CISO OpenAI says it is concerned that a realistic voice feature for its artificial intelligence might cause people to bond with the bot at the cost of human interactions. The San Francisco-based company cited literature which it said indicates that chatting with AI as one might with a ...

Researchers Uncover 10 Flaws in Google’s File Transfer Tool Quick Share https://firewall.firm.in/wp-content/uploads/2024/08/hack.png Aug 10, 2024Ravie LakshmananVulnerability / Mobile Security As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. “The Quick Share ...

Five lessons CISOs can learn from CrowdStrike incident, IT Security News, ET CISO The recent legal battle between CrowdStrike and Delta Airlines has shed light on several crucial cybersecurity lessons. When Delta faced significant disruptions due to a software issue attributed to CrowdStrike, it highlighted the complex challenges that arise within IT security management. This incident serves as a vital ...

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs https://firewall.firm.in/wp-content/uploads/2024/08/hacker.png Aug 09, 2024Ravie LakshmananNational Security / Identity Theft The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a “laptop farm” to help get North Koreans remote jobs with American and British companies. Matthew Isaac Knoot is charged with ...

The cornerstone of digital trust in modern enterprise, ET CISO Identity has emerged as the new battleground for cybersecurity in today’s rapidly evolving digital landscape as threat actors are increasingly leveraging identity to compromise enterprises. They are exploiting weaknesses in identity management to gain unauthorized access to data and systems, highlighting the critical importance of securing digital identities. Unlike traditional ...

INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore https://firewall.firm.in/wp-content/uploads/2024/08/bec-scam.png Aug 06, 2024Ravie LakshmananEmail Security / Financial Fraud INTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC ...

Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks https://firewall.firm.in/wp-content/uploads/2024/08/cyberattack.png Aug 05, 2024Ravie LakshmananNetwork Security / Threat Intelligence Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). “The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate ...

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen https://firewall.firm.in/wp-content/uploads/2024/08/main.gif Aug 05, 2024Ravie LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft ...

CrowdStrike rejects Delta Air Lines claims over flight woes, IT Security News, ET CISO CrowdStrike on Sunday rejected a claim by Delta Air Lines that it should be blamed for flight disruptions following a July 19 global outage sparked by a faulty update, and suggested it had minimal potential liability. Delta CEO Ed Bastian said last week the outage had ...