Adoption of AI spotlights businesses to invest in proactive cybersecurity defences, ET CISO Rapid adoption of Artificial Intelligence has powered growth but opened avenues for cybercriminals to misuse AI for sophisticated attacks, Kaspersky has said spotlighting the need for businesses to invest in proactive cybersecurity defences to meet new-age challenges. Kaspersky, a global cybersecurity and digital privacy company, said it ...

Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers https://firewall.firm.in/wp-content/uploads/2024/08/cloud.png Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might ...

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure https://firewall.firm.in/wp-content/uploads/2024/08/ms.png Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following ...

Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys https://firewall.firm.in/wp-content/uploads/2024/08/python.jpg Aug 11, 2024Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims’ secrets. “The legitimate Solana Python API project is known as ...

Microsoft blames Delta for its struggle to recover from global cyber outage, ET CISO Microsoft blamed Delta Air Lines on Tuesday for its dayslong struggle to recover from a global cyber outage that led it to cancel more than 6,000 flights. A software update last month by global cybersecurity firm CrowdStrike triggered system problems for Microsoft customers, including many airlines. ...

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions https://firewall.firm.in/wp-content/uploads/2024/08/chrome.png Aug 10, 2024Ravie LakshmananBrowser Security / Online Fraud An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack ...

OpenAI worries its AI voice may charm users, IT Security News, ET CISO OpenAI says it is concerned that a realistic voice feature for its artificial intelligence might cause people to bond with the bot at the cost of human interactions. The San Francisco-based company cited literature which it said indicates that chatting with AI as one might with a ...

Researchers Uncover 10 Flaws in Google’s File Transfer Tool Quick Share https://firewall.firm.in/wp-content/uploads/2024/08/hack.png Aug 10, 2024Ravie LakshmananVulnerability / Mobile Security As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. “The Quick Share ...

Five lessons CISOs can learn from CrowdStrike incident, IT Security News, ET CISO The recent legal battle between CrowdStrike and Delta Airlines has shed light on several crucial cybersecurity lessons. When Delta faced significant disruptions due to a software issue attributed to CrowdStrike, it highlighted the complex challenges that arise within IT security management. This incident serves as a vital ...

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs https://firewall.firm.in/wp-content/uploads/2024/08/hacker.png Aug 09, 2024Ravie LakshmananNational Security / Identity Theft The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a “laptop farm” to help get North Koreans remote jobs with American and British companies. Matthew Isaac Knoot is charged with ...