Equinox discloses data breach involving health info of clients, staff – ET CISO https://etimg.etb2bimg.com/thumb/msid-115355746,imgsize-114899,width-1200,height=765,overlay-etciso/data-breaches/equinox-discloses-data-breach-involving-health-info-of-clients-staff.jpg Counseling and health services firm Equinox on Friday disclosed a data breach involving the personal health information of some current and former clients, as well as staff and has notified the individuals likely to have been affected. The company had on April 29 discovered an unusual ...

Live Webinar: Dive Deep into Crypto Agility and Certificate Management https://firewall.firm.in/wp-content/uploads/2024/11/ssl.png Nov 15, 2024The Hacker NewsWebinar / Cyber Security In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected ...

German stats body says suffered possible data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-115356146,imgsize-137878,width-1200,height=765,overlay-etciso/data-breaches/german-stats-body-says-suffered-possible-data-breach.jpg Berlin, Nov 15, 2024 -Germany’s national statistics agency Destatis said Friday it had been the victim of a suspected data leak, following a media report that the organisation had been attacked by pro-Russian hackers. Destatis said in a statement it had “received indications of a possible data breach ...

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials https://firewall.firm.in/wp-content/uploads/2024/11/lock.png A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July ...

German stats body says suffered possible data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-115356401,imgsize-137878,width-1200,height=765,overlay-etciso/data-breaches/german-stats-body-says-suffered-possible-data-breach.jpg Berlin, Nov 15, 2024 -Germany’s national statistics agency Destatis said Friday it had been the victim of a suspected data leak, following a media report that the organisation had been attacked by pro-Russian hackers. Destatis said in a statement it had “received indications of a possible data breach ...

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released https://firewall.firm.in/wp-content/uploads/2024/11/paloaltonetworks-exploit.png Nov 16, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it ...

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform https://firewall.firm.in/wp-content/uploads/2024/11/ai.png Nov 15, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. “By exploiting custom job permissions, we were able to ...

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations https://firewall.firm.in/wp-content/uploads/2024/11/iranian-hackers.png Nov 15, 2024Ravie LakshmananCyber Espionage / Malware Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been ...

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia https://firewall.firm.in/wp-content/uploads/2024/11/hacking.png Nov 15, 2024Ravie LakshmananMalware / Credential Theft A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN ...

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables https://firewall.firm.in/wp-content/uploads/2024/11/pistgresql.png Nov 15, 2024Ravie LakshmananVulnerability / Database Security Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure. The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of ...