ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor https://firewall.firm.in/wp-content/uploads/2024/06/russia.png Jun 22, 2024NewsroomCyber Espionage / Threat Intelligence Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. “ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt ...

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration https://firewall.firm.in/wp-content/uploads/2024/06/malware.png Jun 20, 2024NewsroomThreat Intelligence / Cybercrime A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it’s aware of four different distribution methods — namely ...

Cybercrooks use AI, launch bot-based attacks – ET CISO https://etimg.etb2bimg.com/thumb/msid-111049538,imgsize-561945,width-1200,height=765,overlay-etciso/cybercrime-fraud/cybercrooks-use-ai-launch-bot-based-attacks.jpg A Pune-based real estate firm was recently duped out of ₹4 crore when cybercriminals, masquerading as its chairman, tricked an accounts officer into transferring company funds into fraudulent bank accounts. At the local unit of a multinational company, the finance controller fell prey to a similar scam running into crores ...

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw https://firewall.firm.in/wp-content/uploads/2024/06/crypto.png Jun 19, 2024NewsroomCybercrime / Crypto Security Crypto exchange Kraken revealed that an unnamed security researcher exploited an “extremely critical” zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken’s Chief Security Officer, Nick ...

Vipin Surelia, VISA on mitigating cyber frauds this tax filing season – ET CISO https://etimg.etb2bimg.com/thumb/msid-111000270,imgsize-68548,width-1200,height=765,overlay-etciso/cybercrime-fraud/vipin-surelia-visa-on-mitigating-cyber-frauds-this-tax-filing-season.jpg Vipin Surelia, Head, Risk Services, Visa The Reserve Bank of India’s annual report last year highlighted the severity of digital fraud. With 6,659 reported cases amounting to Rs 276 crore, it’s evident that such frauds pose a substantial threat. Tactics used by cybercriminals have evolved, ...

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain https://firewall.firm.in/wp-content/uploads/2024/06/arrest.png Jun 16, 2024NewsroomCybercrime / SIM Swapping Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to ...

New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models https://firewall.firm.in/wp-content/uploads/2024/06/ms.png Jun 13, 2024NewsroomVulnerability / Software Security The security risks posed by the Pickle format have once again come to the fore with the discovery of a new “hybrid machine learning (ML) model exploitation technique” dubbed Sleepy Pickle. The attack method, per Trail of Bits, weaponizes the ubiquitous format used to ...

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters https://firewall.firm.in/wp-content/uploads/2024/06/crypto.png Jun 12, 2024NewsroomKubernetes / Endpoint Security Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it’s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023. “In ...

Lessons from the Ticketmaster-Snowflake Breach https://firewall.firm.in/wp-content/uploads/2024/06/one.png Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company’s clientele, igniting a firestorm of concern and ...

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability https://firewall.firm.in/wp-content/uploads/2024/06/ms.png Jun 12, 2024NewsroomPatch Tuesday / Vulnerability Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based ...