FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions https://firewall.firm.in/wp-content/uploads/2024/11/fbi.png The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. “An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of ...

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups https://firewall.firm.in/wp-content/uploads/2024/11/wing.png Nov 01, 2024The Hacker NewsSaaS Security / Insider Threat With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many ...

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned https://firewall.firm.in/wp-content/uploads/2024/11/git.png Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and ...

Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare https://firewall.firm.in/wp-content/uploads/2024/11/iran-hackers.png U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event. The activity has been pinned on an entity that’s known ...

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar https://firewall.firm.in/wp-content/uploads/2024/11/webinar.png Nov 02, 2024The Hacker NewsSaaS Security / Identity Security Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in ...

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack https://firewall.firm.in/wp-content/uploads/2024/10/paynow.png Oct 30, 2024Ravie LakshmananRansomware / Threat Intelligence Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as ...

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information https://firewall.firm.in/wp-content/uploads/2024/10/attack.png Oct 30, 2024Ravie Lakshmanan Browser Security / Vulnerability A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs. The attack, codenamed CrossBarking, could have made it possible to conduct actions such as capturing screenshots, ...

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation https://firewall.firm.in/wp-content/uploads/2024/10/main.png Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every ...

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27) https://firewall.firm.in/wp-content/uploads/2024/10/recap.png Oct 28, 2024Ravie LakshmananCyber Security / Hacking News Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, ...

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors https://firewall.firm.in/wp-content/uploads/2024/10/intel.png Oct 29, 2024Ravie LakshmananHardware Security / Vulnerability More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich ...