VMware Patches Severe Security Flaws in Workstation and Fusion Products [og_img] Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances. The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and

India Inc hunts for new cyber warriors – ET CISO https://etimg.etb2bimg.com/thumb/msid-110071265,imgsize-173768,width-1200,height=765,overlay-etciso/corporate/india-inc-hunts-for-new-cyber-warriors.jpg Corporate India is on the hunt for cybersecurity talent. Amid data breaches, progressive regulatory expectations and introduction of generative artificial intelligence platforms making security controls and processes vulnerable, companies are beefing up their cybersecurity teams across levels. They are hiring experts in threat intelligence, security operations, incident response, cloud ...

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT https://firewall.firm.in/wp-content/uploads/2024/05/browser.png The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, ...

CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar) https://firewall.firm.in/wp-content/uploads/2024/05/webinar.jpg May 10, 2024The Hacker NewsArtificial Intelligence / Threat Hunting Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools ...

A SaaS Security Challenge: Getting Permissions All in One Place  https://firewall.firm.in/wp-content/uploads/2024/05/as.png Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions may be granted based on tasks ...

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data https://firewall.firm.in/wp-content/uploads/2024/05/ad.png The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report ...

Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering https://firewall.firm.in/wp-content/uploads/2024/05/btc.png May 07, 2024NewsroomCryptocurrency / Cybercrime A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the ...

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices https://firewall.firm.in/wp-content/uploads/2024/05/chinese.jpg May 06, 2024NewsroomNetwork Security / Malware The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced around July ...

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution https://firewall.firm.in/wp-content/uploads/2024/05/hack.jpg May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that’s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out ...

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities https://firewall.firm.in/wp-content/uploads/2024/05/russia.png Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic’s ...