Star Health, IT Security News, ET CISO A forensic investigation by an independent firm that went into the allegations made by a hacker against Star Health Insurance’s chief information security officer (CISO) has revealed that there was no evidence of any wrongdoing by the CISO. Earlier, the hacker, whom the company refers to as a threat actor (an unknown person ...
Read More »Blog
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services https://firewall.firm.in/wp-content/uploads/2024/10/machine.png Oct 28, 2024Ravie LakshmananCloud Security / Cyber Attack A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. “The CloudScout toolset is capable of retrieving ...
Read More »Insurance admin services company data breach exposes details about 8 lakh US users – ET CISO
Insurance admin services company data breach exposes details about 8 lakh US users – ET CISO https://etimg.etb2bimg.com/thumb/msid-114610856,imgsize-42686,width-1200,height=765,overlay-etciso/data-breaches/insurance-admin-services-company-data-breach-exposes-details-about-8-lakh-us-users.jpg Insurance administrative services company Landmark Admin has disclosed a data breach. The company confirmed that a cyberattack in May affected over 8 lakh people. The company, which provides back-office services for major insurance carriers, said that it asked a third-party cybersecurity company to ...
Read More »IRDAI tightens fraud rules post hacking incidents, IT Security News, ET CISO
IRDAI tightens fraud rules post hacking incidents, IT Security News, ET CISO The Insurance Regulatory and Development Authority of India (IRDAI) has proposed stricter guidelines in an effort to stem online fraud after recent high-profile cases at insurers like Star Health Insurance Company. The Insurance Fraud Monitoring Framework Guidelines, 2024 requires insurers to adopt strict measures, including board-approved anti-fraud policies, ...
Read More »FIR filed over suspected data breach on Manav Sampada portal – ET CISO
FIR filed over suspected data breach on Manav Sampada portal – ET CISO https://etimg.etb2bimg.com/thumb/msid-114611079,imgsize-75886,width-1200,height=765,overlay-etciso/data-breaches/fir-filed-over-suspected-data-breach-on-manav-sampada-portal.jpg Concerns have emerged over a potential security breach involving the Uttar Pradesh government’s Manav Sampada portal, leading to the filing of an FIR. The alert was raised by Rajeev Kumar Mishra, deputy registrar of the Institute of Engineering and Technology (IET), through an official email dated ...
Read More »Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite
Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite https://firewall.firm.in/wp-content/uploads/2024/10/wifi.png Oct 25, 2024Ravie LakshmananVulnerability / Wi-Fi Security A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found ...
Read More »Mathan Babu Kasilingam bids farewell to Vodafone – ET CISO
Mathan Babu Kasilingam bids farewell to Vodafone – ET CISO https://etimg.etb2bimg.com/thumb/msid-114577874,imgsize-10688,width-1200,height=765,overlay-etciso/ciso-movement/mathan-babu-kasilingam-bids-farewell-to-vodafone.jpg Mathan Babu Kasilingam With heartfelt gratitude, Mathan Babu Kasilingam bids adieu to Vodafone Idea after an impactful tenure as CISO. As he closes this chapter, he eagerly embraces new challenges and opportunities on the horizon. Prior to this appointment, he was with NPCI and HDFC Bank. “It has been ...
Read More »Hong Kong bars services like WhatsApp and Google Drive from government computers, ET CISO
Hong Kong bars services like WhatsApp and Google Drive from government computers, ET CISO The Hong Kong government is barring most civil servants from using popular apps like WhatsApp, WeChat and Google Drive on their work computers due to potential security risks. The latest IT security guidelines from the Digital Policy Office have many civil servants complaining about added inconvenience. ...
Read More »New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection
New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection https://firewall.firm.in/wp-content/uploads/2024/10/trojan.png New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. “Only part of this ...
Read More »Rise of cyberattacks targeting reputations – ET CISO
Rise of cyberattacks targeting reputations – ET CISO https://etimg.etb2bimg.com/thumb/msid-114492449,imgsize-469972,width-1200,height=765,overlay-etciso/ot-security/rise-of-cyberattacks-targeting-reputations.jpg Cybercriminals are expanding their tactics beyond ransomware. They are now manipulating narratives and deploying disinformation. This strategy aims to destabilise organisations and tarnish reputations. Take the recent case involving a leading insurance firm. A typical data breach? Not quite. This one goes much deeper. It’s not just a story of stolen ...
Read More »