The Facts About Continuous Penetration Testing and Why It’s Important https://firewall.firm.in/wp-content/uploads/2024/08/code.png What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization’s digital assets to identify and mitigate security vulnerabilities. CASPT is designed for ...

Google to help build cyber protection for Australian infrastructure – ET CISO https://etimg.etb2bimg.com/thumb/msid-112699531,imgsize-12526,width-1200,height=765,overlay-etciso/corporate/google-to-help-build-cyber-protection-for-australian-infrastructure.jpg Google and Australia’s national science agency will join hands to develop digital tools that automatically detect and fix software vulnerabilities for operators of critical infrastructure, seeking to combat a surge in cyberattacks. The software for organizations such as hospitals, defence bodies and energy suppliers will be customized ...

Ola founder on India’s data being sold back to country – ET CISO https://etimg.etb2bimg.com/thumb/msid-111557069,imgsize-22000,width-1200,height=765,overlay-etciso/data-breaches/ola-founder-on-indias-data-being-sold-back-to-country.jpg Ola founder coins term ‘techno-colonialism’ to describe phenomenon where India’s data is exported abroad, processed, sold back to India Ola founder and CEO Bhavish Aggarwal has coined the term “techno-colonialism” to describe a modern phenomenon where India’s data is exported to global data centers, processed, and ...

New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer https://firewall.firm.in/wp-content/uploads/2024/08/aws.gif Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications. That’s according to findings from Israeli cybersecurity ...

Fortinet, CSC e-Governance Services India ink pact to improve cyber security in rural regions – ET CISO https://etimg.etb2bimg.com/thumb/msid-112699851,imgsize-52778,width-1200,height=765,overlay-etciso/grc/fortinet-csc-e-governance-services-india-ink-pact-to-improve-cyber-security-in-rural-regions.jpg FILE PHOTO: Figurines with computers and smartphones are seen in front of the words “Cyber Security” in this illustration taken, February 19, 2024. REUTERS/Dado Ruvic/Illustration/File Photo Global cybersecurity company Fortinet and the Ministry of Electronics and IT’s (MeitY) special purpose vehicle (SPV) ...

‘Obamacare’: Why and how this may be the biggest password leak ever – ET CISO https://etimg.etb2bimg.com/thumb/msid-111592680,imgsize-117696,width-1200,height=765,overlay-etciso/data-breaches/obamacare-why-and-how-this-may-be-the-biggest-password-leak-ever.jpg Security researchers from Cybernews have reportedly discovered the RockYou2024 database on BreachForums containing an astounding 9,948,575,739 unique passwords. It is claimed to be the biggest collection of stolen and leaked credentials ever seen on the BreachForums criminal underground forum, reports Forbes. Hacker named ObamaCare ...

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control https://firewall.firm.in/wp-content/uploads/2024/08/cisco.png Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this ...

Top US oilfield firm Halliburton hit by cyberattack – ET CISO https://etimg.etb2bimg.com/thumb/msid-112699921,imgsize-28516,width-1200,height=765,overlay-etciso/cybercrime-fraud/top-us-oilfield-firm-halliburton-hit-by-cyberattack.jpg Top US oilfield services firm Halliburton on Wednesday was hit by a cyberattack, according to a person familiar with the matter. The attack appeared to impact business operations at the company’s north Houston campus, as well as some global connectivity networks, the person said, who declined to be ...

HealthEquity data breach exposes protected health information – ET CISO https://etimg.etb2bimg.com/thumb/msid-111594116,imgsize-41420,width-1200,height=765,overlay-etciso/data-breaches/healthequity-data-breach-exposes-protected-health-information.jpg Healthcare fintech firm HealthEquity has disclosed a data breach following the compromise of a partner’s account, which was used to infiltrate the company’s systems and steal protected health information. The breach was identified after the company detected “anomalous behavior” from a partner’s personal device, prompting an investigation. The investigation ...

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk https://firewall.firm.in/wp-content/uploads/2024/08/solarwinds.png Aug 22, 2024Ravie LakshmananVulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. “The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential ...