India’s breach brief: 5 structural security failures CISOs can no longer ignore https://etimg.etb2bimg.com/thumb/msid-126920644,imgsize-333856,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/indias-data-breach-crisis-5-critical-security-missteps-every-ciso-must-address.jpg India’s wave of high-profile data breaches isn’t the work of a new breed of hackers, it’s a failure of technology management. The same mistakes were made over and over: misconfigurations, poor oversight, and misplaced trust. These breaches didn’t stem from sophisticated attacks but from fundamental flaws in ...

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects https://firewall.firm.in/wp-content/uploads/2026/01/vscode.png The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December ...

American billionaire Mark Cuban has a warning on AI chatbots for CEOs https://etimg.etb2bimg.com/thumb/msid-126496122,imgsize-209851,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/mark-cuban-warns-ceos-the-risks-and-opportunities-of-ai-chatbots.jpg American billionaire investor Mark Cuban has now issued a stark warning for business leaders about the risks and opportunities of artificial intelligence. Along with this, Cuban has also cautioned that while AI can transform companies, its careless use could expose valuable intellectual property. Speaking during a call ...

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations https://firewall.firm.in/wp-content/uploads/2026/01/cyberattack.jpg Jan 09, 2026Ravie LakshmananEmail Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia ...

European Space Agency confirms cyberattack on some its systems https://etimg.etb2bimg.com/thumb/msid-126298138,imgsize-105962,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/european-space-agency-confirms-cyberattack-on-some-its-systems.jpg The European Space Agency (ESA) has confirmed a cyberattack on some of its systems after a hacker offered to sell data allegedly stolen from the organisation. The agency’s forensic investigation has revealed that servers located outside the ESA corporate network have been compromised. According to ESA, only a very small ...

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia https://firewall.firm.in/wp-content/uploads/2026/01/india.jpg The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts. “The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut ...

Trust will be the new competitive edge in the digital economy: Axis Bank’s Damini Marwah https://etimg.etb2bimg.com/thumb/msid-125931349,imgsize-76338,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/trust-as-the-competitive-edge-in-indias-digital-economy-insights-from-axis-banks-damini-marwah.jpg Delivering the special address at the ETCISO Data Protection & Privacy Summit 2025, Damini Marwah, President and Group Head – Legal, Axis Bank, highlighted how India’s accelerating digital transformation has elevated data privacy from a regulatory obligation to a strategic business imperative. Acknowledging the ...

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide https://firewall.firm.in/wp-content/uploads/2025/12/mongodb-exploit.jpg Dec 29, 2026Ravie LakshmananDatabase Security / Vulnerability A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from ...

‘Data is the soil of the enterprise’: Insurance leaders unpack readiness, ownership and the rising enterprise risk of privacy at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125931517,imgsize-65770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-is-the-soil-of-the-enterprise-insights-from-leading-insurance-executives-on-privacy-and-risk-management.jpg At the ET CISO Data Protection & Privacy Summit 2025, top technology, risk and privacy leaders from India’s largest life insurers examined how enterprises must redesign their operating models to meet the Digital Personal Data ...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper https://firewall.firm.in/wp-content/uploads/2025/12/apple-macos.jpg Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple’s Gatekeeper checks. “Unlike earlier MacSync Stealer variants ...