DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals https://firewall.firm.in/wp-content/uploads/2024/08/ddos.png Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a ...

Risk of data breaches, cyber frauds up due to digitization: RBI report – ET CISO https://etimg.etb2bimg.com/thumb/msid-112124677,imgsize-59604,width-1200,height=765,overlay-etciso/data-breaches/risk-of-data-breaches-cyber-frauds-up-due-to-digitization-rbi-report.jpg The average cost of data breaches in India stand at $2.18 million in 2023, up 28% since 2020 though less than the global average cost of $4.5 million, RBI’s annual report on currency and finance which was themed around digitalisation said. The report citing ...

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks https://firewall.firm.in/wp-content/uploads/2024/08/chip.jpg Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The ...

Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems https://firewall.firm.in/wp-content/uploads/2024/08/solar.png Aug 12, 2024Ravie LakshmananCritical Infrastructure / Vulnerability Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. “If exploited, these vulnerabilities could allow an attacker to control inverter ...

How Phishing Attacks Adapt Quickly to Capitalize on Current Events https://firewall.firm.in/wp-content/uploads/2024/08/cyber-main.png In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier ...

Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers https://firewall.firm.in/wp-content/uploads/2024/08/cloud.png Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might ...

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure https://firewall.firm.in/wp-content/uploads/2024/08/ms.png Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following ...

Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys https://firewall.firm.in/wp-content/uploads/2024/08/python.jpg Aug 11, 2024Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims’ secrets. “The legitimate Solana Python API project is known as ...

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions https://firewall.firm.in/wp-content/uploads/2024/08/chrome.png Aug 10, 2024Ravie LakshmananBrowser Security / Online Fraud An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack ...

Researchers Uncover 10 Flaws in Google’s File Transfer Tool Quick Share https://firewall.firm.in/wp-content/uploads/2024/08/hack.png Aug 10, 2024Ravie LakshmananVulnerability / Mobile Security As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. “The Quick Share ...