FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT https://firewall.firm.in/wp-content/uploads/2024/05/browser.png The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, ...

CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar) https://firewall.firm.in/wp-content/uploads/2024/05/webinar.jpg May 10, 2024The Hacker NewsArtificial Intelligence / Threat Hunting Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools ...

A SaaS Security Challenge: Getting Permissions All in One Place  https://firewall.firm.in/wp-content/uploads/2024/05/as.png Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions may be granted based on tasks ...

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data https://firewall.firm.in/wp-content/uploads/2024/05/ad.png The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report ...

Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering https://firewall.firm.in/wp-content/uploads/2024/05/btc.png May 07, 2024NewsroomCryptocurrency / Cybercrime A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the ...

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices https://firewall.firm.in/wp-content/uploads/2024/05/chinese.jpg May 06, 2024NewsroomNetwork Security / Malware The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced around July ...

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution https://firewall.firm.in/wp-content/uploads/2024/05/hack.jpg May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that’s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out ...

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities https://firewall.firm.in/wp-content/uploads/2024/05/russia.png Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic’s ...

Over 22 billion records exposed in data breaches in 2020: Report – ET CISO https://etimg.etb2bimg.com/thumb/msid-80297145,imgsize-277360,width-1200,height=765,overlay-etciso/news/over-22-billion-records-exposed-in-data-breaches-in-2020-report.jpg New Delhi: Over 22 billion records were exposed worldwide amid 730 publicly disclosed data breaches in 2020, a new report revealed on Friday. Thirty five percent of breaches were linked to ransomware attacks, resulting in tremendous financial cost, while 14 per cent of breaches were ...

A checklist for strengthening your cloud security posture – ET CISO https://etimg.etb2bimg.com/thumb/msid-81404212,imgsize-226474,width-1200,height=765,overlay-etciso/news/a-checklist-for-strengthening-your-cloud-security-posture.jpg By Ravi MaguluriAccording to IDC’s IT spending Survey, May 2020, as a result of the spread of the pandemic, 64% of the organizations in India are expected to increase demand for cloud computing while 56% for cloud software to support the new normal. Cost savings, scalability, and flexibility ...