Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services https://firewall.firm.in/wp-content/uploads/2024/10/machine.png Oct 28, 2024Ravie LakshmananCloud Security / Cyber Attack A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. “The CloudScout toolset is capable of retrieving ...

Insurance admin services company data breach exposes details about 8 lakh US users – ET CISO https://etimg.etb2bimg.com/thumb/msid-114610856,imgsize-42686,width-1200,height=765,overlay-etciso/data-breaches/insurance-admin-services-company-data-breach-exposes-details-about-8-lakh-us-users.jpg Insurance administrative services company Landmark Admin has disclosed a data breach. The company confirmed that a cyberattack in May affected over 8 lakh people. The company, which provides back-office services for major insurance carriers, said that it asked a third-party cybersecurity company to ...

IRDAI tightens fraud rules post hacking incidents, IT Security News, ET CISO The Insurance Regulatory and Development Authority of India (IRDAI) has proposed stricter guidelines in an effort to stem online fraud after recent high-profile cases at insurers like Star Health Insurance Company. The Insurance Fraud Monitoring Framework Guidelines, 2024 requires insurers to adopt strict measures, including board-approved anti-fraud policies, ...

FIR filed over suspected data breach on Manav Sampada portal – ET CISO https://etimg.etb2bimg.com/thumb/msid-114611079,imgsize-75886,width-1200,height=765,overlay-etciso/data-breaches/fir-filed-over-suspected-data-breach-on-manav-sampada-portal.jpg Concerns have emerged over a potential security breach involving the Uttar Pradesh government’s Manav Sampada portal, leading to the filing of an FIR. The alert was raised by Rajeev Kumar Mishra, deputy registrar of the Institute of Engineering and Technology (IET), through an official email dated ...

Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite https://firewall.firm.in/wp-content/uploads/2024/10/wifi.png Oct 25, 2024Ravie LakshmananVulnerability / Wi-Fi Security A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found ...

Mathan Babu Kasilingam bids farewell to Vodafone – ET CISO https://etimg.etb2bimg.com/thumb/msid-114577874,imgsize-10688,width-1200,height=765,overlay-etciso/ciso-movement/mathan-babu-kasilingam-bids-farewell-to-vodafone.jpg Mathan Babu Kasilingam With heartfelt gratitude, Mathan Babu Kasilingam bids adieu to Vodafone Idea after an impactful tenure as CISO. As he closes this chapter, he eagerly embraces new challenges and opportunities on the horizon. Prior to this appointment, he was with NPCI and HDFC Bank. “It has been ...

Hong Kong bars services like WhatsApp and Google Drive from government computers, ET CISO The Hong Kong government is barring most civil servants from using popular apps like WhatsApp, WeChat and Google Drive on their work computers due to potential security risks. The latest IT security guidelines from the Digital Policy Office have many civil servants complaining about added inconvenience. ...

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection https://firewall.firm.in/wp-content/uploads/2024/10/trojan.png New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. “Only part of this ...

Rise of cyberattacks targeting reputations – ET CISO https://etimg.etb2bimg.com/thumb/msid-114492449,imgsize-469972,width-1200,height=765,overlay-etciso/ot-security/rise-of-cyberattacks-targeting-reputations.jpg Cybercriminals are expanding their tactics beyond ransomware. They are now manipulating narratives and deploying disinformation. This strategy aims to destabilise organisations and tarnish reputations. Take the recent case involving a leading insurance firm. A typical data breach? Not quite. This one goes much deeper. It’s not just a story of stolen ...

How to rebuild trust after a cybersecurity breach?, IT Security News, ET CISO Bob Huber, Chief Security Officer and Head of Research, Tenable AI innovation and adoption are rapidly advancing in India and globally. Yet, at this peak of technological progress, trust in institutions is waning. A recent study by Edelman reveals that 39% of people are twice as likely ...