Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged https://firewall.firm.in/wp-content/uploads/2024/12/exploit.png Dec 10, 2024Ravie LakshmananVulnerability / Threat Analysis Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat ...

Indian insurance market: Climbing the growth ladder amidst emerging risks – ET CISO https://etimg.etb2bimg.com/thumb/msid-116157527,imgsize-335590,width-1200,height=765,overlay-etciso/cybercrime-fraud/indian-insurance-market-climbing-the-growth-ladder-amidst-emerging-risks.jpg The Indian insurance sector is growing at a phenomenal pace. The fastest maturing insurance industry among the G20 countries, India’s insurance industry is set to become the sixth biggest insurance market worldwide in the next ten years. Rising consumer awareness, higher incomes, a growing sense of ...

Report, IT Security News, ET CISO India saw a 3000% increase in cyber attacks on application programming interfaces in the July-September quarter, according to a new report. Focused distributed denial of service (DDoS) attacks were 85% more frequent than those on websites, highlighting the heightened risk landscape for organisations relying heavily on API gateways, cybersecurity company IndusFace said in a ...

Financial institutions double down on more checks for tech partners – ET CISO https://etimg.etb2bimg.com/thumb/msid-116125812,imgsize-2565646,width-1200,height=765,overlay-etciso/data-breaches/financial-institutions-double-down-on-more-checks-for-tech-partners.jpg Regulated entities such as banks and financial services companies are evaluating options like having backup service providers and tightening their data-sharing norms with technology service companies in the wake of a massive data leak that impacted Signzy. Bengaluru-based Signzy is a regulatory technology firm which offers ...

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering https://firewall.firm.in/wp-content/uploads/2024/12/rnsomware.png Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. “Users within the target environment will be ...

Privacy, competition and a call for digital reform – ET CISO https://etimg.etb2bimg.com/thumb/msid-116127509,imgsize-9146,width-1200,height=765,overlay-etciso/corporate/privacy-competition-and-a-call-for-digital-reform.jpg In a historic decision the Competition Commission of India (CCI) fined Meta Platforms, Inc. (Meta) ₹213.14 crore for abusing its dominant position in the Indian market. This landmark event follows WhatsApp’s 2021 privacy policy covertly pushing users to accept its expanded data-sharing practices without meaningful/ informed consent. This ...

RBI to roll out AI-based model to curb Mule Accounts fraud, ET CISO Highlighting the steps taken by the Reserve Bank of India (RBI), Governor Shaktikanta Das on Friday said the central bank is set to roll out AI/ML-based tool to curb the Mule Accounts fraud menace. Governor said the AI/ML based model called MuleHunter.AITM, being piloted by Reserve Bank ...

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware https://firewall.firm.in/wp-content/uploads/2024/12/cyberattack.png Dec 06, 2024The Hacker NewsMalware / Threat Intelligence The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early ...

FCC chair proposes cybersecurity rules in response to China’s Salt Typhoon telecom hack – ET CISO https://etimg.etb2bimg.com/thumb/msid-116030385,imgsize-46094,width-1200,height=765,overlay-etciso/cybercrime-fraud/fcc-chair-proposes-cybersecurity-rules-in-response-to-chinas-salt-typhoon-telecom-hack.jpg FILE PHOTO: Jessica Rosenworcel attends a hearing in Washington, U.S. June 24, 2020. Jonathan Newton/Pool via REUTERS/File Photo U.S. Federal Communications Commission Chairwoman Jessica Rosenworcel is proposing that communications service providers be required to submit an annual certification attesting that they have a ...

At least 20% cybercrimes involve dark web usage by attackers: report, ET CISO At least 20% of cybercrimes in India involve attackers using dark web, according to a report by cyber security firm Lisianthus. The dark web is a platform on the internet that can be accessed using special tools. It is usually very difficult to trace the identity and ...