How to detect AI-generated images, understand privacy risks, and keep your data safe https://etimg.etb2bimg.com/thumb/msid-123987698,imgsize-31144,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/how-to-detect-ai-generated-images-understand-privacy-risks-and-keep-your-data-safe.jpg India has rapidly become the leading market for Google’s latest AI innovation, Nano Banana, powered by the Gemini engine. This advanced platform enables users to generate hyper-realistic 3D figurines, transform selfies into vintage or imaginative outfits, and explore limitless creative possibilities. Nano Banana’s viral appeal on ...

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams https://firewall.firm.in/wp-content/uploads/2025/09/crypto-phishing.jpg Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail ...

Proofpoint 2025 CISO report: Rising data loss & AI risks strain India’s security leaders https://etimg.etb2bimg.com/thumb/msid-123537920,imgsize-5158,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/proofpoint-2025-ciso-report-rising-data-loss-ai-risks-strain-indias-security-leaders.jpg Proofpoint, Inc., a leading cybersecurity and compliance company today released its fifth annual Voice of the CISO report, exploring key challenges, expectations and priorities of chief information security officers (CISOs) worldwide. The 2025 report, which surveyed 1,600 global CISOs across 16 countries, spotlights two critical ...

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys https://firewall.firm.in/wp-content/uploads/2025/09/1000013746.jpg Sep 06, 2025Ravie LakshmananSoftware Security / Cryptocurrency A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. “The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic ...

South Korea agency fines SK Telecom $97 million over major data leak https://etimg.etb2bimg.com/thumb/msid-123576053,imgsize-117274,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/south-korea-agency-fines-sk-telecom-97-million-over-major-data-leak.jpg A logo of SK Telecom is seen at the SK Telecom headquarters, in Seoul, South Korea, July 4, 2025. REUTERS/Kim Soo-hyeon/ File Photo SEOUL: South Korea’s SK Telecom was fined on Thursday about 134 billion won ($96.53 million) after the country’s largest mobile carrier suffered a cyberattack ...

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign https://firewall.firm.in/wp-content/uploads/2025/09/phish-malware.jpg A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at ...

Google-owned Waymo’s CEO on allowing authorities access to self-driving car data: We will make that publicly known https://etimg.etb2bimg.com/thumb/msid-123625745,imgsize-250908,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/waymos-ceo-discusses-law-enforcement-data-access-for-self-driving-cars.jpg Waymo’s privacy policy states that it may share data with law enforcement for legal reasons. Waymo has shared an update regarding the sharing of its self-driving vehicle data with government authorities. The cars of the Google-owned company, which offers autonomous ride-hailing services ...

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE https://firewall.firm.in/wp-content/uploads/2025/09/Lazarus-malware.jpg Sep 02, 2025Ravie LakshmananMalware / Threat Intelligence The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group’s Fox-IT in 2024, targeted an ...

Cisco’s vishing breach rings alarm bells: 6 cybersecurity lessons for enterprises https://etimg.etb2bimg.com/thumb/msid-123583966,imgsize-12892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/ciscos-vishing-breach-rings-alarm-bells-6-cybersecurity-lessons-for-enterprises.jpg Cisco recently disclosed a data breach in which a hacker, posing convincingly over a phone call, tricked a company representative into granting access to a third-party database. Classified as a vishing (voice phishing) attack, the breach exposed basic profile information of users registered on Cisco.com. While the company ...

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication https://firewall.firm.in/wp-content/uploads/2025/08/ms-code.jpg Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure ...