Stolen credentials are fueling modern cyberattacks, ETCISO Attackers don’t need to find a technical route into your business if they can successfully gain access using stolen credentials. Once they are inside, they often rely on commercially available tools to hide their presence and quietly add new users to groups with higher IT rights. Such identity fraud and the abuse of ...

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials https://firewall.firm.in/wp-content/uploads/2026/04/nextjs.jpg Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos has attributed the operation to ...

Bits AI Security Analyst reduces threat investigation time by up to 98% https://etimg.etb2bimg.com/thumb/msid-129919771,imgsize-6898,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/bits-ai-security-analyst-reduces-threat-investigation-time-by-up-to-98.jpg Datadog has made its Bits AI Security Analyst generally available as part of its Cloud SIEM offering. The launch comes as security operations center (SOC) teams face increasing pressure from growing alert volumes, investigation workloads and AI-powered attacks, making it harder for human analysts alone to investigate, ...

Porter partners with Incognia to curb delivery partner account misuse, ETCISO Porter, India’ss leading goods transport agency, has partnered with Incognia, the pioneer in next-generation identity solutions, to combat multi-account order abuse and strengthen fairness, transparency, and sustainability within its driver- partner. Since the partnership began, Incognia has helped Porter achieve a reduction in fraudulent overlapping orders, enabling the company ...

Block the Prompt, Not the Work: The End of https://firewall.firm.in/wp-content/uploads/2026/04/red.jpg There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say “No.” No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, ...

F5 and Forcepoint expand AI security collaboration https://etimg.etb2bimg.com/thumb/msid-129895002,imgsize-11670,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/f5-and-forcepoint-expand-ai-security-collaboration.jpg F5 and Forcepoint have announced an alliance focused on securing AI systems across their lifecycle, from data discovery and classification to runtime protection and ongoing monitoring. The partnership comes as enterprises expand the use of AI across copilots, assistants and automated workflows, while security teams face challenges in tracking sensitive data, understanding ...

Barracuda expands AI security capabilities and partner program, ETCISO Barracuda Networks announced updates to its BarracudaONE cybersecurity platform and its partner program. The platform updates focus on three areas: Email security for Google Workspace: Barracuda Email Protection now includes expanded impersonation protection and automated incident response for Google Workspace, in addition to existing support for Microsoft 365. Network edge security: ...

Data privacy is becoming an infrastructure imperative https://etimg.etb2bimg.com/thumb/msid-127902085,imgsize-337112,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-privacy-a-key-infrastructure-challenge-for-indian-enterprises.jpg For Indian enterprises, managing data privacy is rapidly becoming fundamental to infrastructure engineering and risk management. It is no longer advisable to relegate privacy to legal tick-boxes or compliance checklists. As organizations modernize digital estates across cloud, hybrid, and edge environments, privacy must be treated as part of the data lifecycle engineering ...

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass https://firewall.firm.in/wp-content/uploads/2026/04/whatsapp-exploit.jpg Ravie LakshmananApr 01, 2026Social Engineering / Malware Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and ...

AI acceleration in APAC exposes growing API security gap https://etimg.etb2bimg.com/thumb/msid-129944886,imgsize-62988,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/ai-acceleration-in-apac-exposes-growing-api-security-gap.jpg Across Asia-Pacific, organizations are rapidly embedding AI into core digital services such as customer care, financial management and supply chain automation. This shift is increasing dependence on APIs, which are also becoming a growing security risk. New APAC findings from Akamai’s 2026 Apps, APIs and DDoS State of the Internet ...