Trust will be the new competitive edge in the digital economy: Axis Bank’s Damini Marwah https://etimg.etb2bimg.com/thumb/msid-125931349,imgsize-76338,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/trust-as-the-competitive-edge-in-indias-digital-economy-insights-from-axis-banks-damini-marwah.jpg Delivering the special address at the ETCISO Data Protection & Privacy Summit 2025, Damini Marwah, President and Group Head – Legal, Axis Bank, highlighted how India’s accelerating digital transformation has elevated data privacy from a regulatory obligation to a strategic business imperative. Acknowledging the ...

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide https://firewall.firm.in/wp-content/uploads/2025/12/mongodb-exploit.jpg Dec 29, 2026Ravie LakshmananDatabase Security / Vulnerability A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from ...

‘Data is the soil of the enterprise’: Insurance leaders unpack readiness, ownership and the rising enterprise risk of privacy at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125931517,imgsize-65770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-is-the-soil-of-the-enterprise-insights-from-leading-insurance-executives-on-privacy-and-risk-management.jpg At the ET CISO Data Protection & Privacy Summit 2025, top technology, risk and privacy leaders from India’s largest life insurers examined how enterprises must redesign their operating models to meet the Digital Personal Data ...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper https://firewall.firm.in/wp-content/uploads/2025/12/apple-macos.jpg Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple’s Gatekeeper checks. “Unlike earlier MacSync Stealer variants ...

DPDP rules are here: What technology leaders must do now to build data-safe, AI-ready enterprises https://etimg.etb2bimg.com/thumb/msid-126055911,imgsize-23452,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/navigating-indias-digital-personal-data-protection-act-strategies-for-technology-leaders.jpg India’s Digital Personal Data Protection (DPDP) Act and newly released Rules signal one of the most consequential shifts in the country’s digital landscape. For technology leaders—CIOs, CDOs, CISOs, CTOs, and GCC heads—the act is far more than a compliance milestone. It demands a fundamental ...

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites https://firewall.firm.in/wp-content/uploads/2025/12/chrome-passwords.jpg Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a “multi-location network speed test plug-in” for developers and foreign trade personnel. Both ...

No breach in Aadhaar database till date, govt tells Parliament https://etimg.etb2bimg.com/thumb/msid-126049947,imgsize-37458,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/no-breach-in-aadhaar-database-till-date-govt-tells-parliament.jpg There has been no breach of Aadhaar cardholders’ data from the UIDAI database to date, the government said on Wednesday. A multi-layered security infrastructure and Aadhar’s status as a nationally protected system shield it from threats, minister of state for electronics and information technology Jitin Prasada told Parliament. Aadhaar ...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign https://firewall.firm.in/wp-content/uploads/2025/12/aws.jpg Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on ...

Enterprises move from securing data to proving trust: Leaders unpack the new competitive advantage at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125930618,imgsize-88480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/enterprises-move-from-securing-data-to-proving-trust-leaders-unpack-the-new-competitive-advantage-at-etciso-dpp-summit-2025.jpg At the ET CISO Data Protection & Privacy Summit 2025, senior leaders from fintech, insurance, banking, market infrastructure and digital identity platforms examined how trust is shifting from a moral position to a measurable business strategy. Moderated by Sneha Jha, ...

New React RSC Vulnerabilities Enable DoS and Source Code Exposure https://firewall.firm.in/wp-content/uploads/2025/12/react-flaws.jpg Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team said the issues were found by the security community while ...