PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps https://firewall.firm.in/wp-content/uploads/2025/01/PLAYFULGHOST.gif Jan 04, 2025Ravie LakshmananMalware / VPN Security Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with ...

PNB launches first cybersecurity hackathon `Code against Malware’ – ET CISO https://etimg.etb2bimg.com/thumb/msid-116932480,imgsize-10588,width-1200,height=765,overlay-etciso/cybercrime-fraud/pnb-launches-first-cybersecurity-hackathon-code-against-malware.jpg Punjab National Bank (PNB) has launched its first Cybersecurity Hackathon 2024-25, themed “Code Against Malware,” to combat rising cybercrime. The initiative aims to foster collaboration among innovators, researchers, and academicians to tackle malware threats. The hackathon will be conducted online, welcoming participation from students, researchers, and academicians individually ...

social media users under 18 years to require parental consent, ET CISO Children will require verifiable parental consent to access social media in India, as per the draft rules of the Digital Personal Data Protection Act of 2023 (DPDP). Any user below the age of 18 has been defined as a child under the Act, which was passed by Parliament ...

Chinese hackers targeted US treasury office that handles economic sanctions: report – ET CISO https://etimg.etb2bimg.com/thumb/msid-116932200,imgsize-5842,width-1200,height=765,overlay-etciso/data-breaches/chinese-hackers-targeted-us-treasury-office-that-handles-economic-sanctions-report.jpg Chinese govt hackers breached the US treasury office that administers economic sanctions, the Washington Post reported on Wednesday, identifying targets of a cyberattack treasury disclosed earlier this week. Citing unnamed US officials, the Washington Post said hackers compromised the office of foreign assets control and ...

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers https://firewall.firm.in/wp-content/uploads/2025/01/exploit-poc.png Jan 03, 2025Ravie LakshmananWindows Server / Threat Mitigation A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by ...

What is pig butchering scam that is targeting users on whatsApp, facebook and other social media platforms – ET CISO https://etimg.etb2bimg.com/thumb/msid-116903031,imgsize-1296916,width-1200,height=765,overlay-etciso/cybercrime-fraud/what-is-pig-butchering-scam-that-is-targeting-users-on-whatsapp-facebook-and-other-social-media-platforms.jpg A new cyber fraud scheme, commonly referred to as the “pig butchering scam” or “investment scam,” is targeting vulnerable groups such as unemployed youths, housewives, students, and financially distressed individuals. According to the Union Home Ministry’s latest annual report, ...

New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60% https://firewall.firm.in/wp-content/uploads/2025/01/ai-jailbreak.png Jan 03, 2025Ravie LakshmananMachine Learning / Vulnerability Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has ...

How new RTGS, NEFT verification facility would help prevent cyber frauds – ET CISO https://etimg.etb2bimg.com/thumb/msid-116903118,imgsize-2204011,width-1200,height=765,overlay-etciso/cybercrime-fraud/how-new-rtgs-neft-verification-facility-would-help-prevent-cyber-frauds.jpg The Reserve Bank of India (RBI) has introduced a new beneficiary bank account name look-up facility for the Real Time Gross Settlement (RTGS) and National Electronic Funds Transfer (NEFT) systems, aimed at enhancing the security and accuracy of digital transactions. This move is designed to ...

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption https://firewall.firm.in/wp-content/uploads/2025/01/NET.png Jan 03, 2025Ravie LakshmananDevOps / Software Development Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. “We expect that most users will not be directly affected, however, ...

New national AI regulation in India: What can tech companies expect? – ET CISO https://etimg.etb2bimg.com/thumb/msid-116884639,imgsize-163218,width-1200,height=765,overlay-etciso/corporate/new-national-ai-regulation-in-india-what-can-tech-companies-expect.jpg It is estimated that by 2030, AI could contribute USD 15.7 trillion to the global economy. In India and other developing Asian countries, Africa, and Oceania, AI is expected to add as much as USD 1.2 trillion to the GDP of these nations. AI is ...