‘Data is the soil of the enterprise’: Insurance leaders unpack readiness, ownership and the rising enterprise risk of privacy at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125931517,imgsize-65770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-is-the-soil-of-the-enterprise-insights-from-leading-insurance-executives-on-privacy-and-risk-management.jpg At the ET CISO Data Protection & Privacy Summit 2025, top technology, risk and privacy leaders from India’s largest life insurers examined how enterprises must redesign their operating models to meet the Digital Personal Data ...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper https://firewall.firm.in/wp-content/uploads/2025/12/apple-macos.jpg Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple’s Gatekeeper checks. “Unlike earlier MacSync Stealer variants ...

DPDP rules are here: What technology leaders must do now to build data-safe, AI-ready enterprises https://etimg.etb2bimg.com/thumb/msid-126055911,imgsize-23452,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/navigating-indias-digital-personal-data-protection-act-strategies-for-technology-leaders.jpg India’s Digital Personal Data Protection (DPDP) Act and newly released Rules signal one of the most consequential shifts in the country’s digital landscape. For technology leaders—CIOs, CDOs, CISOs, CTOs, and GCC heads—the act is far more than a compliance milestone. It demands a fundamental ...

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites https://firewall.firm.in/wp-content/uploads/2025/12/chrome-passwords.jpg Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a “multi-location network speed test plug-in” for developers and foreign trade personnel. Both ...

No breach in Aadhaar database till date, govt tells Parliament https://etimg.etb2bimg.com/thumb/msid-126049947,imgsize-37458,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/no-breach-in-aadhaar-database-till-date-govt-tells-parliament.jpg There has been no breach of Aadhaar cardholders’ data from the UIDAI database to date, the government said on Wednesday. A multi-layered security infrastructure and Aadhar’s status as a nationally protected system shield it from threats, minister of state for electronics and information technology Jitin Prasada told Parliament. Aadhaar ...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign https://firewall.firm.in/wp-content/uploads/2025/12/aws.jpg Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on ...

Enterprises move from securing data to proving trust: Leaders unpack the new competitive advantage at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125930618,imgsize-88480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/enterprises-move-from-securing-data-to-proving-trust-leaders-unpack-the-new-competitive-advantage-at-etciso-dpp-summit-2025.jpg At the ET CISO Data Protection & Privacy Summit 2025, senior leaders from fintech, insurance, banking, market infrastructure and digital identity platforms examined how trust is shifting from a moral position to a measurable business strategy. Moderated by Sneha Jha, ...

New React RSC Vulnerabilities Enable DoS and Source Code Exposure https://firewall.firm.in/wp-content/uploads/2025/12/react-flaws.jpg Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team said the issues were found by the security community while ...

Digital battlefield: Data dominance, codebreaking and the roots of information warfare https://etimg.etb2bimg.com/thumb/msid-125684785,imgsize-255746,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/digital-battlefield-data-dominance-codebreaking-and-the-roots-of-information-warfare.jpg Negligence in data handling leads to large scale data exposure, enabling malicious actors to exploit leaked data for committing fraud, blackmail or identity theft triggering penal statutes. Data is often described as the ‘new oil’ – a strategic asset central to the survival of individuals, corporations or even ...

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages https://firewall.firm.in/wp-content/uploads/2025/11/setuptools.jpg Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Software supply chain security company ReversingLabs said it found the ...