Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw https://firewall.firm.in/wp-content/uploads/2024/06/crypto.png Jun 19, 2024NewsroomCybercrime / Crypto Security Crypto exchange Kraken revealed that an unnamed security researcher exploited an “extremely critical” zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken’s Chief Security Officer, Nick ...

Vipin Surelia, VISA on mitigating cyber frauds this tax filing season – ET CISO https://etimg.etb2bimg.com/thumb/msid-111000270,imgsize-68548,width-1200,height=765,overlay-etciso/cybercrime-fraud/vipin-surelia-visa-on-mitigating-cyber-frauds-this-tax-filing-season.jpg Vipin Surelia, Head, Risk Services, Visa The Reserve Bank of India’s annual report last year highlighted the severity of digital fraud. With 6,659 reported cases amounting to Rs 276 crore, it’s evident that such frauds pose a substantial threat. Tactics used by cybercriminals have evolved, ...

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain https://firewall.firm.in/wp-content/uploads/2024/06/arrest.png Jun 16, 2024NewsroomCybercrime / SIM Swapping Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to ...

New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models https://firewall.firm.in/wp-content/uploads/2024/06/ms.png Jun 13, 2024NewsroomVulnerability / Software Security The security risks posed by the Pickle format have once again come to the fore with the discovery of a new “hybrid machine learning (ML) model exploitation technique” dubbed Sleepy Pickle. The attack method, per Trail of Bits, weaponizes the ubiquitous format used to ...

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters https://firewall.firm.in/wp-content/uploads/2024/06/crypto.png Jun 12, 2024NewsroomKubernetes / Endpoint Security Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it’s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023. “In ...

Lessons from the Ticketmaster-Snowflake Breach https://firewall.firm.in/wp-content/uploads/2024/06/one.png Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company’s clientele, igniting a firestorm of concern and ...

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability https://firewall.firm.in/wp-content/uploads/2024/06/ms.png Jun 12, 2024NewsroomPatch Tuesday / Vulnerability Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based ...

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale https://firewall.firm.in/wp-content/uploads/2024/06/lcok.png Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023. The adversary, according to Infoblox security researchers Dr. Renée Burton and Dave Mitchell, operates from the China Education and ...

How Cynet Makes MSPs Rich & Their Clients Secure [og_img] Managed service providers (MSPs) are on the front lines of soaring demand for cybersecurity services as cyberattacks increase in volume and sophistication. Cynet has emerged as the security vendor of choice for MSPs to capitalize on existing relationships with SMB clients and profitably expand their client base. By unifying a ...

Top 10 Critical Pentest Findings 2024: What You Need to Know https://firewall.firm.in/wp-content/uploads/2024/06/pentest.png One of the most effective ways for information technology (IT) professionals to uncover a company’s weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization’s security posture, revealing weaknesses that could potentially lead to ...