U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown https://firewall.firm.in/wp-content/uploads/2024/10/hacker.png Oct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. “The Russian government ran this ...
Read More »Vulnerabilities & Exploits
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking https://firewall.firm.in/wp-content/uploads/2024/10/linux.png Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf ...
Read More »The Secret Weakness Execs Are Overlooking: Non-Human Identities
The Secret Weakness Execs Are Overlooking: Non-Human Identities https://firewall.firm.in/wp-content/uploads/2024/10/git.png For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we ...
Read More »Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks https://firewall.firm.in/wp-content/uploads/2024/10/android.png Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that’s ...
Read More »Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals https://firewall.firm.in/wp-content/uploads/2024/10/jobs.png A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applications. “A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, ...
Read More »China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration https://firewall.firm.in/wp-content/uploads/2024/10/chinese-hackers.png Oct 02, 2024Ravie LakshmananCyber Espionage / Cloud Security A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, ...
Read More »Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play https://firewall.firm.in/wp-content/uploads/2024/10/trading.png A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that’s also widely known as pig ...
Read More »Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials https://firewall.firm.in/wp-content/uploads/2024/10/hacker.png More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential theft. “For prospective phishers, Sniper Dz offers an online admin panel with ...
Read More »5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage https://firewall.firm.in/wp-content/uploads/2024/10/layerx.png Oct 01, 2024The Hacker NewsGenerative AI / Data Protection Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for ...
Read More »U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails
U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails https://firewall.firm.in/wp-content/uploads/2024/10/haced.png Oct 01, 2024Ravie LakshmananCorporate Security / Financial Fraud The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected ...
Read More »