WhatsApp finds new hacking campaign targeting fewer than 200 people https://etimg.etb2bimg.com/thumb/msid-123595448,imgsize-159018,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/whatsapp-finds-new-hacking-campaign-targeting-fewer-than-200-people.jpg By Raphael Satter WASHINGTON: WhatsApp said Friday it discovered an advanced cyberespionage effort that took advantage of a chain of security vulnerabilities in the app and Apple devices to hack them. A researcher with Amnesty International said unidentified members of civic groups appeared to be among those impacted. In ...

Kaspersky advises how to keep your online fitness journey secure, ETCISO Health and fitness goals remain a top priority for many people, especially during peak sports seasons and moments of renewed motivation. Reflecting this trends, online personal training has become increasingly popular, boosted by the influence of social media platforms like Instagram and TikTok. However, as more users turn to ...

Cisco’s vishing breach rings alarm bells: 6 cybersecurity lessons for enterprises https://etimg.etb2bimg.com/thumb/msid-123583966,imgsize-12892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/ciscos-vishing-breach-rings-alarm-bells-6-cybersecurity-lessons-for-enterprises.jpg Cisco recently disclosed a data breach in which a hacker, posing convincingly over a phone call, tricked a company representative into granting access to a third-party database. Classified as a vishing (voice phishing) attack, the breach exposed basic profile information of users registered on Cisco.com. While the company ...

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication https://firewall.firm.in/wp-content/uploads/2025/08/ms-code.jpg Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure ...

Google warns of China-linked hackers targeting diplomats, says senior security engineer https://etimg.etb2bimg.com/thumb/msid-123515407,imgsize-23016,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/google-warns-of-china-linked-hackers-targeting-diplomats-says-senior-security-engineer.jpg Google has issued a warning against a China-backed cyber-espionage campaign that targeted diplomats in Southeast Asia earlier this year. The tech giant’s Threat Intelligence Group, which attributed the attacks to the hacking group UNC6384, said the campaign likely supports China’s strategic interests. The attacks involved social engineering and ...

Barracuda uncovers ‘Quishing’ attacks using split & nested QR codes, ETCISO Barracuda threat analysts have uncovered two innovative techniques being used by cyber attackers to help malicious QR codes evade detection in phishing attacks. The techniques, detailed in a new threat report, involve splitting a malicious QR code in two to confuse traditional scanning systems, or nesting the malicious QR ...

Orange SA hacked, user data leaked on dark web https://etimg.etb2bimg.com/thumb/msid-123493684,imgsize-2604,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/orange-sa-hacked-user-data-released-on-dark-web-what-one-of-worlds-leading-telecom-companies-has-to-say.jpg Orange SA, one of the world’s leading telecom companies, has been hacked. According to a report, hackers have stolen and published about 4GB of sensitive business user data on the dark web. Orange first became aware of the breach in late July and reported it to national authorities. The data ...

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks https://firewall.firm.in/wp-content/uploads/2025/08/flaws.jpg Aug 21, 2025Ravie LakshmananVulnerability / Software Security Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6.9) – ...

Zscaler and CrowdStrike expand partnership to strengthen AI-driven security operations https://etimg.etb2bimg.com/thumb/msid-123424656,imgsize-9610,width-1200,height=627,overlay-etciso,resizemode-75/corporate/zscaler-and-crowdstrike-expand-partnership-to-strengthen-ai-driven-security-operations.jpg Zscaler, Inc., the leader in cloud security, today announced an expanded partnership between Red Canary, a Zscaler company, and strategic partner CrowdStrike to deliver enhanced protection across endpoints, users, and workloads. Together, Zscaler and Red Canary are delivering a seamless path forward for customers migrating from legacy endpoint products ...

Insights from Aviva India’s CRO, ETCISO In an era where AI is redefining efficiency and disruption, insurers face a paradox: the same technology promising exponential gains also carries opaque “black box” risks. Gartner predicts that by 2026, more than 80% of enterprises will adopt generative AI in production, yet fewer than half will implement effective risk controls. For Gaurav Banka, ...