Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them https://firewall.firm.in/wp-content/uploads/2025/01/cs.png Jan 02, 2025The Hacker NewsCloud Security / Threat Intelligence In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate ...

Kaspersky discovers new scam scheme targeting businesses on social media – ET CISO https://etimg.etb2bimg.com/thumb/msid-116786381,imgsize-10679,width-1200,height=765,overlay-etciso/corporate/kaspersky-discovers-new-scam-scheme-targeting-businesses-on-social-media.jpg Experts have uncovered a new phishing scam targeting businesses that promote their pages on Facebook. Scammers send emails allegedly on behalf of Meta for Business – Facebook’s platform for businesses – claiming the recipient’s page contains prohibited content. The email suggests users provide explanations in order ...

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation https://firewall.firm.in/wp-content/uploads/2024/12/main.png Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment. “Exploiting these flaws could allow attackers to gain ...

Companies grapple with costs, complexity of overlapping cybersecurity laws – ET CISO https://etimg.etb2bimg.com/thumb/msid-116817674,imgsize-81800,width-1200,height=765,overlay-etciso/cybercrime-fraud/companies-grapple-with-costs-complexity-of-overlapping-cybersecurity-laws.jpg The compliance burden of overlapping cybersecurity laws, experts believe, is becoming increasingly onerous for companies as pertinent legal frameworks multiply to reflect the challenges facing India’s galloping digital economy. Currently, there are six cybersecurity guidelines and frameworks with reporting requirements to six different governing bodies – SEBI, ...

7 things you should never-ever tell or ask from ChatGPT and other AI chatbots – ET CISO https://etimg.etb2bimg.com/thumb/msid-116784851,imgsize-754550,width-1200,height=765,overlay-etciso/data-breaches/7-things-you-should-never-ever-tell-or-ask-from-chatgpt-and-other-ai-chatbots.jpg While chatbots may appear to be helpful and reliable assistants, experts caution against becoming too reliant on them, particularly for sensitive information like health advice. Recent surveys highlight a growing trend of people turning to AI for such guidance. According to a ...

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents https://firewall.firm.in/wp-content/uploads/2024/12/chinesehackers.png Dec 31, 2024Ravie LakshmananVulnerability / Incident Response The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. “On December 8, 2024, Treasury was notified by a third-party software service provider, ...

Year ender 2024: Biggest cyberattacks in India – ET CISO https://etimg.etb2bimg.com/thumb/msid-116817678,imgsize-48156,width-1200,height=765,overlay-etciso/cybercrime-fraud/year-ender-2024-biggest-cyberattacks-in-india.jpg The growing digitisation of data has led to a rise in cyberattacks, digital fraud, data breaches and operational failures. Cyberattacks globally rose by 76% within the first quarter of 2024, with India being one of the most impacted countries. Here are some of India’s biggest cyberattacks in 2024: BSNL ...

How much further will AI disrupt lives?, IT Security News, ET CISO Cyber threats are set to escalate with AI intensifying the sophistication of every scam-phishing, pig butchering, OTP fraud, digital arrest-and new ones likely emerging. Easy access to deepfake tools will make it easy to impersonate anyone in a virtual meeting. Voice cloning will become even harder to detect. ...

Chinese hackers breach US treasury; third-party alert triggers cybersecurity probe – ET CISO https://etimg.etb2bimg.com/thumb/msid-116817644,imgsize-886682,width-1200,height=765,overlay-etciso/data-breaches/chinese-hackers-breach-us-treasury-third-party-alert-triggers-cybersecurity-probe.jpg The US treasury department revealed on Monday that Chinese hackers managed to access several workstations and unclassified documents by breaching a third-party software service provider. The attack occurred earlier this month and is now being investigated as a major cybersecurity incident. The Treasury did not reveal ...

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy https://firewall.firm.in/wp-content/uploads/2024/12/data.png Dec 31, 2024Ravie LakshmananData Security / Privacy The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, ...