New Ransomware Group Exploiting Veeam Backup Software Vulnerability https://firewall.firm.in/wp-content/uploads/2024/07/gib.png Jul 10, 2024NewsroomData Breach / Malware A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to ...

Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories https://firewall.firm.in/wp-content/uploads/2024/07/jquery.png Jul 09, 2024NewsroomSupply Chain Attack / Web Security Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a “complex and persistent” supply chain attack. “This attack stands out due to the high variability ...

OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers https://firewall.firm.in/wp-content/uploads/2024/07/ddos-attack.png Jul 05, 2024NewsroomNetwork Security / DDoS Attack French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps ...

Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks https://firewall.firm.in/wp-content/uploads/2024/07/silver.png Jul 05, 2024The Hacker NewsCybersecurity / Identity Protection Identity theft isn’t just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high: ransomware attacks, lateral movement, and devastating data breaches. Don’t be caught off ...

The Emerging Role of AI in Open-Source Intelligence https://firewall.firm.in/wp-content/uploads/2024/07/sasns.png Jul 03, 2024The Hacker NewsOSINT / Artificial Intelligence Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but ...

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others https://firewall.firm.in/wp-content/uploads/2024/07/gitlab.jpg Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), ...

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data https://firewall.firm.in/wp-content/uploads/2024/06/north.png Jun 28, 2024NewsroomCyber Espionage / Cyber Attack The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early ...

Banks told to stay vigilant amid intel on cyberattack threat – ET CISO https://etimg.etb2bimg.com/thumb/msid-111356132,imgsize-28516,width-1200,height=765,overlay-etciso/cybercrime-fraud/banks-told-to-stay-vigilant-amid-intel-on-cyberattack-threat.jpg Banks across the country have been put on alert amid tip-offs received by the regulator on possible cyberattacks. They have been told to proactively monitor their systems for threat detection on a 24/7 basis. “In the light of credible threat intelligence received regarding potential cyberattacks, regulated ...

Google to Block Entrust Certificates in Chrome Starting November 2024 https://firewall.firm.in/wp-content/uploads/2024/06/dv.png Jun 29, 2024NewsroomCybersecurity / Website Security Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner. “Over the past ...

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads https://firewall.firm.in/wp-content/uploads/2024/06/botnet.png The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat’s transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation. “With its latest updates to the crypto miner, ransomware ...