Amazon confirms employee data hacked in the biggest cyberattack of 2023 – ET CISO https://etimg.etb2bimg.com/thumb/msid-115209365,imgsize-39952,width-1200,height=765,overlay-etciso/data-breaches/amazon-confirms-employee-data-hacked-in-the-biggest-cyberattack-of-2023.jpg Amazon has acknowledged a hacking incident involving a third-party vendor that compromised employee data. The breach exposed work email addresses, phone numbers, and building locations of affected employees. While Amazon’s core systems remain secure, the company emphasized that the incident occurred at a vendor responsible ...

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns https://firewall.firm.in/wp-content/uploads/2024/11/palo.png Nov 09, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. “Palo Alto Networks is aware of a claim of a remote ...

New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus https://firewall.firm.in/wp-content/uploads/2024/11/windows-malware.png Nov 08, 2024Ravie LakshmananMalware / Virtualization Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The “intriguing” campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut ...

Big crackdown on unauthorised use of PAN card details! Here’s what the government is doing – ET CISO https://etimg.etb2bimg.com/thumb/msid-115004174,imgsize-64924,width-1200,height=765,overlay-etciso/data-breaches/big-crackdown-on-unauthorised-use-of-pan-card-details-heres-what-the-government-is-doing.jpg Big crackdown on PAN details unauthorised use! The Indian Cybercrime Coordination Centre (I4C), operating under the Union home ministry, has directed the cessation of unauthorized usage of Indian citizens’ Permanent Account Numbers (PAN) by financial technology companies and other consumer tech ...

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions https://firewall.firm.in/wp-content/uploads/2024/11/fbi.png The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. “An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of ...

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups https://firewall.firm.in/wp-content/uploads/2024/11/wing.png Nov 01, 2024The Hacker NewsSaaS Security / Insider Threat With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many ...

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned https://firewall.firm.in/wp-content/uploads/2024/11/git.png Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and ...

Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare https://firewall.firm.in/wp-content/uploads/2024/11/iran-hackers.png U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event. The activity has been pinned on an entity that’s known ...

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar https://firewall.firm.in/wp-content/uploads/2024/11/webinar.png Nov 02, 2024The Hacker NewsSaaS Security / Identity Security Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in ...

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack https://firewall.firm.in/wp-content/uploads/2024/10/paynow.png Oct 30, 2024Ravie LakshmananRansomware / Threat Intelligence Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as ...