New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication https://firewall.firm.in/wp-content/uploads/2024/08/hacking.png Aug 02, 2024Ravie LakshmananCyber Attack / Windows Security Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. The newly identified malware strain has been codenamed BITSLOTH by Elastic Security Labs, which made the discovery ...

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal https://firewall.firm.in/wp-content/uploads/2024/08/sans.jpg Aug 02, 2024The Hacker NewsVulnerability / Network Security Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities ...

DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws https://firewall.firm.in/wp-content/uploads/2024/08/tiktok.jpg Aug 03, 2024Ravie LakshmananPrivacy / Data Protection The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts ...

OpenAI assigns new project to AI safety leader Madry in revamp, ET CISO OpenAI Chief Executive Sam Altman said on Tuesday the ChatGPT maker’s AI safety leader Aleksander Madry was working on a new research project, as the startup rejigs the preparedness team. “Aleksander is working on a new and v(very) important research project,” Altman said in a post on ...

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool https://firewall.firm.in/wp-content/uploads/2024/08/ddos.png Aug 03, 2024Ravie LakshmananDDoS Attack / Server Security Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is ...

Budget, budget everywhere, but no cyber funds in sight!, IT Security News, ET CISO By Krishna MukherjeeHollywood flicks such as The Revenant, Gravity, Mad Max: Fury Road, and The Martian have one thing in common: the protagonist is fighting a battle for survival with no resources in-hand. This scenario mirrors the situation faced by today’s cybersecurity heroes. CISOs are tasked ...

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs https://firewall.firm.in/wp-content/uploads/2024/08/cynet.png Aug 02, 2024The Hacker News In today’s digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer resources. Managed service providers (MSPs) are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards ...

In world first, EU’s sweeping AI law enters into force, ET CISO (Representative Image) The European Union’s landmark law on artificial intelligence came into force on Thursday, which Brussels vows will drive innovation while protecting citizens’ rights. The EU earlier this year adopted the world’s first sweeping rules to govern AI, especially powerful systems like OpenAI’s ChatGPT after difficult and ...

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure https://firewall.firm.in/wp-content/uploads/2024/08/malware (2).jpg Aug 02, 2024Ravie LakshmananCyber Espionage / Malware A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. “The campaign likely targeted diplomats and began as early as March ...

Ransomware attack forces hundreds of small Indian banks offline, ET CISO Representative image A ransomware attack on a technology service provider has forced payment systems across nearly 300 small Indian local banks to shut down temporarily, two sources directly aware of the matter said. The attack affected C-Edge Technologies, a provider of banking technology systems to small banks across the ...