OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation https://firewall.firm.in/wp-content/uploads/2024/10/ai-content.png Oct 10, 2024Ravie LakshmananCybercrime / Disinformation OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, ...
Read More »Vulnerabilities & Exploits
Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms https://firewall.firm.in/wp-content/uploads/2024/10/shopping.png Oct 10, 2024Ravie LakshmananCybercrime / Malware Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. “At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all ...
Read More »N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware https://firewall.firm.in/wp-content/uploads/2024/10/attack.png Oct 09, 2024Ravie LakshmananPhishing Attack / Malware Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a ...
Read More »Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale https://firewall.firm.in/wp-content/uploads/2024/10/online-scam.png Oct 09, 2024Ravie LakshmananCybercrime / Threat Detection Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create ...
Read More »Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries https://firewall.firm.in/wp-content/uploads/2024/10/hackers.png Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities could allow an attacker to crash an industrial device or in ...
Read More »Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools
Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools https://firewall.firm.in/wp-content/uploads/2024/10/russia.png Oct 08, 2024Ravie LakshmananCyber Threat / APT Attack Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. “The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain ...
Read More »How to Get Going with CTEM When You Don’t Know Where to Start
How to Get Going with CTEM When You Don’t Know Where to Start https://firewall.firm.in/wp-content/uploads/2024/10/xm.jpg Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role ...
Read More »Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability https://firewall.firm.in/wp-content/uploads/2024/10/apple.png Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described ...
Read More »U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown https://firewall.firm.in/wp-content/uploads/2024/10/hacker.png Oct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. “The Russian government ran this ...
Read More »New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking https://firewall.firm.in/wp-content/uploads/2024/10/linux.png Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf ...
Read More »