Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale https://firewall.firm.in/wp-content/uploads/2024/10/online-scam.png Oct 09, 2024Ravie LakshmananCybercrime / Threat Detection Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create ...

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries https://firewall.firm.in/wp-content/uploads/2024/10/hackers.png Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities could allow an attacker to crash an industrial device or in ...

Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools https://firewall.firm.in/wp-content/uploads/2024/10/russia.png Oct 08, 2024Ravie LakshmananCyber Threat / APT Attack Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. “The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain ...

How to Get Going with CTEM When You Don’t Know Where to Start https://firewall.firm.in/wp-content/uploads/2024/10/xm.jpg Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role ...

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability https://firewall.firm.in/wp-content/uploads/2024/10/apple.png Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described ...

U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown https://firewall.firm.in/wp-content/uploads/2024/10/hacker.png Oct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. “The Russian government ran this ...

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking https://firewall.firm.in/wp-content/uploads/2024/10/linux.png Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf ...

The Secret Weakness Execs Are Overlooking: Non-Human Identities https://firewall.firm.in/wp-content/uploads/2024/10/git.png For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we ...

Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks https://firewall.firm.in/wp-content/uploads/2024/10/android.png Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that’s ...

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals https://firewall.firm.in/wp-content/uploads/2024/10/jobs.png A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applications. “A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, ...