It’s Time To Untangle the SaaS Ball of Yarn https://firewall.firm.in/wp-content/uploads/2024/08/main.png It’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities ...

Data of nearly all AT&T customers downloaded to a third-party platform in security breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-111696831,imgsize-320540,width-1200,height=765,overlay-etciso/data-breaches/data-of-nearly-all-att-customers-downloaded-to-a-third-party-platform-in-security-breach.jpg The AT&T logo is positioned above one of its retail stores in New York, Oct. 24, 2016. A security breach in 2022 compromised the data of nearly all of AT&T’s cellular customers, customers of mobile virtual network operators using AT&T’s wireless network, ...

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk https://firewall.firm.in/wp-content/uploads/2024/08/wordpress.png Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, ...

Indonesia tightens cybersecurity after ransomware attack – ET CISO https://etimg.etb2bimg.com/thumb/msid-111696894,imgsize-8188,width-1200,height=765,overlay-etciso/data-breaches/indonesia-tightens-cybersecurity-after-ransomware-attack.jpg The recent cyberattack in Indonesia that massively disrupted its national data system has urged the country to strengthen its cyber resilience and evaluate its digital technology policy. The recent cyberattack in Indonesia that massively disrupted its national data system has urged the country to strengthen its cyber resilience and evaluate ...

CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait https://firewall.firm.in/wp-content/uploads/2024/08/card.png Aug 21, 2024Ravie LakshmananCyber Warfare / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The ...

Italy’s antitrust takes aim at Google over personal data usage – ET CISO https://etimg.etb2bimg.com/thumb/msid-111841665,imgsize-124092,width-1200,height=765,overlay-etciso/data-breaches/italys-antitrust-takes-aim-at-google-over-personal-data-usage.jpg Representative image Italy’s antitrust agency said on Thursday it had launched an investigation into online search giant Google and its parent company Alphabet over alleged unfair commercial practices involving users’ personal data. The request for consent that Google sends to its users to connect its multiple ...

Czech Mobile Users Targeted in New Banking Credential Theft Scheme https://firewall.firm.in/wp-content/uploads/2024/08/hacker.png Aug 20, 2024Ravie LakshmananMobile Security / Banking Fraud Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as ...

Japan’s MUFG cuts CEO, five other executives’ pay after ‘firewall’ breaches – ET CISO https://etimg.etb2bimg.com/thumb/msid-111868479,imgsize-101214,width-1200,height=765,overlay-etciso/data-breaches/japans-mufg-cuts-ceo-five-other-executives-pay-after-firewall-breaches.jpg Representative image Japan’s largest banking group Mitsubishi UFJ Financial Group (MUFG) will cut the pay of its CEO and five other executives following the breaching of “firewall” regulations at its banking and securities arms, it said on Friday. In June, the Financial Services Agency (FSA) ...

Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys https://firewall.firm.in/wp-content/uploads/2024/08/sans-3.jpg Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to ...

WazirX announces $23 mn bounty to recover $234 mn lost in cyber breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-111915636,imgsize-5464,width-1200,height=765,overlay-etciso/data-breaches/wazirx-announces-23-mn-bounty-to-recover-234-mn-lost-in-cyber-breach.jpg Crypto platform WazirX, which lost a staggering $234 million worth of digital assets in a cyber breach, on Sunday announced $23 million in bounty to recover the stolen funds. The company invited white hat hackers, blockchain forensics experts, and cybersecurity professionals from around ...