Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique https://firewall.firm.in/wp-content/uploads/2024/08/domain.png Aug 01, 2024Ravie LakshmananVulnerability / Threat Intelligence Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over ...
Read More »Author Archives: firewallfirmadmin
Crowdstrike Microsoft disaster could have been avoided, IT Security News, ET CISO
Crowdstrike Microsoft disaster could have been avoided, IT Security News, ET CISO A faulty configuration update for MS Windows was the reason behind one of the world’s most extensive technology disruptions ever. The outage on July 19, 2024 was triggered by an error during a CrowdStrike software update. This caused a system collapse, which resulted in the ‘blue screen of ...
Read More »DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight
DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight https://firewall.firm.in/wp-content/uploads/2024/07/ssl.png Jul 31, 2024Ravie LakshmananWeb Security / Compliance Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The ...
Read More »Microsoft outage: Govt asks companies to block these 25 ‘dangerous URLs’ – ET CISO
Microsoft outage: Govt asks companies to block these 25 ‘dangerous URLs’ – ET CISO https://etimg.etb2bimg.com/thumb/msid-112155949,imgsize-50308,width-1200,height=765,overlay-etciso/ot-security/microsoft-outage-govt-asks-companies-to-block-these-25-dangerous-urls.jpg Earlier this month several businesses across the world came to a standstill, thanks to a flawed security update that the US-based cybersecurity company CrowdStrike pushed for Microsoft Windows machines. The defective software update pushed by CrowdStrike to its customers disrupted airlines, banks, hospitals and other ...
Read More »Is GenAI a CISO’s worst nightmare or a dream come true?, IT Security News, ET CISO
Is GenAI a CISO’s worst nightmare or a dream come true?, IT Security News, ET CISO Neelesh Kripalani, Chief Technology Officer, Clover Infotech According to Gartner, by 2027, Generative AI (GenAI) will contribute to a 30% reduction in false positive rates for application security testing and threat detection by refining results from other techniques to categorize benign from malicious events. ...
Read More »Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware
Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware https://firewall.firm.in/wp-content/uploads/2024/07/malware.png Jul 30, 2024Ravie LakshmananMalware / Cyber Threat Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the ...
Read More »AI startups swap independence for Big Tech’s deep pockets – ET CISO
AI startups swap independence for Big Tech’s deep pockets – ET CISO https://etimg.etb2bimg.com/thumb/msid-112098686,imgsize-38648,width-1200,height=765,overlay-etciso/ot-security/ai-startups-swap-independence-for-big-techs-deep-pockets.jpg It’s the case of the vanishing startup: some of Silicon Valley’s most promising names in the fast-developing generative AI space are being gobbled up by or tied to the hip of US tech giants. Short on funds, in the past few months promising companies like Inflection AI ...
Read More »UK, EU question X over use of data to train Grok AI, IT Security News, ET CISO
UK, EU question X over use of data to train Grok AI, IT Security News, ET CISO Elon Musk-owned X recently enabled by default a setting that allows the social media platform to utilise user data to train its AI model, Grok. This means X can use user posts, interactions, and outputs from Grok for training and refining its AI, ...
Read More »French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems https://firewall.firm.in/wp-content/uploads/2024/07/france.png Jul 27, 2024NewsroomMalware / Cyber Intelligence French judicial authorities, in collaboration with Europol, have launched a so-called “disinfection operation” to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor’s Office, Parquet de Paris, said the initiative was launched on July 18 and that it’s expected ...
Read More »94% automotive firms struggle to recruit talent in cybersecurity: Report – ET CISO
94% automotive firms struggle to recruit talent in cybersecurity: Report – ET CISO https://etimg.etb2bimg.com/thumb/msid-112057862,imgsize-11204,width-1200,height=765,overlay-etciso/corporate/94-automotive-firms-struggle-to-recruit-talent-in-cybersecurity-report.jpg The report by EdTech platform Skill-Lync is based on an extensive survey, involving over 220 leaders from the engineering and HR divisions of top automotive firms in India About 94 per cent of automotive firms struggle to recruit talent in artificial intelligence (AI) and cybersecurity, according ...
Read More »