Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action https://firewall.firm.in/wp-content/uploads/2025/01/digi.png Jan 16, 2025The Hacker NewsCertificate Management / Compliance The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying ...

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 https://firewall.firm.in/wp-content/uploads/2025/01/push.png You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost ...

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool https://firewall.firm.in/wp-content/uploads/2025/01/rsync.png Jan 15, 2025Ravie LakshmananVulnerability / Software Update As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. “Attackers can take control of a malicious server and read/write arbitrary ...

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99 https://firewall.firm.in/wp-content/uploads/2025/01/web3.png Jan 15, 2025Ravie LakshmananCryptocurrency / Malware The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. “The campaign begins with fake recruiters, posing on platforms like ...

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes https://firewall.firm.in/wp-content/uploads/2025/01/google-ads.png Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible ...

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains https://firewall.firm.in/wp-content/uploads/2025/01/korea.png Jan 15, 2025Ravie LakshmananBlockchain / Cryptocurrency Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate ...

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation https://firewall.firm.in/wp-content/uploads/2025/01/fbi.png Jan 15, 2025Ravie LakshmananMalware / Threat Intelligence The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.” PlugX, also known as ...

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation https://firewall.firm.in/wp-content/uploads/2025/01/apple.png Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The ...

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] https://firewall.firm.in/wp-content/uploads/2025/01/recap.png Jan 13, 2025Ravie Lakshmanan The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down ...

Hacker claims breach of US location tracking company gravy analytics – ET CISO https://etimg.etb2bimg.com/thumb/msid-117073953,imgsize-5538,width-1200,height=765,overlay-etciso/data-breaches/hacker-claims-breach-of-us-location-tracking-company-gravy-analytics.jpg An unknown hacker is claiming to have pulled off a heist at U.S. location tracking firm Gravy Analytics, according to screenshots of the boast circulating online. It is not clear exactly how and under what circumstances the breach occurred. A Russian-language post and screenshots uploaded early ...