Millions of infected devices fueled massive cyberattacks https://etimg.etb2bimg.com/thumb/msid-129691490,imgsize-11922,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/us-says-it-disrupted-botnets-that-infected-over-3-million-devices-worldwide.jpg The U.S. Justice Department on Thursday said it took part in an operation with Germany and Canada to take down infrastructure used by four major botnets that infected more than 3 million devices worldwide, including hundreds of thousands ‌in the ⁠U.S. The ⁠malicious networks – Aisuru, KimWolf, JackSkid and Mossad – were ...

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems https://firewalls.firm.in/wp-content/uploads/2026/03/kace.jpg Ravie LakshmananMar 23, 2026Vulnerability / Endpoint Security Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments ...

Tech giants join hands to fight online scams https://etimg.etb2bimg.com/thumb/msid-129712610,imgsize-63588,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tech-giants-join-hands-to-fight-online-scams.jpg Google, Meta, Amazon, Microsoft along with nine other tech and retail giants have now come together to launch the Tech Industry Accord to Combat Scams. This initiative from the companies is designed to tackle the increasing problem of online fraud. Announced this week, the Accord is one of the largest industry ...

The Hidden Crisis Threatening D2C Brand Loyalty, ETCISO The most expensive phone call in D2C doesn’t come from a telemarketer; it comes from a scammer who knows too much. When a customer picks up the phone to hear a stranger recite their exact order history, product descriptions, and invoice values, they lose trust in your brand completely. They don’t always ...

TRU identifies mobile spyware campaign using fake Red Alert app in Israel https://etimg.etb2bimg.com/thumb/msid-129603786,imgsize-5482,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tru-identifies-mobile-spyware-campaign-using-fake-red-alert-app-in-israel.jpg A targeted smishing campaign has been identified in which Israeli users received SMS messages impersonating official Home Front Command alerts and distributing a trojanized version of Israel’s Red Alert rocket warning Android app. The malicious app preserves the legitimate rocket alert functionality, making it harder for users ...

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE https://firewalls.firm.in/wp-content/uploads/2026/03/lang-ai.jpg Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter’s sandbox mode permits outbound DNS queries that ...

Most India GCCs still in early stages of DPDP compliance despite ticking 14-month deadline https://etimg.etb2bimg.com/thumb/msid-129599929,imgsize-224444,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/most-india-gccs-still-in-early-stages-of-dpdp-compliance-despite-ticking-14-month-deadline.jpg Four months after the rules under the Digital Personal Data Protection Act, 2023 were notified, most global capability centres (GCCs) in India remain in the early phases of compliance planning, with only a small fraction having moved into structured implementation even as the 14-month compliance ...

Why a partner-driven ecosystem is the new strategic imperative, ETCISO In today’s digital economy, cybersecurity has evolved far beyond a technical function. It has become a strategic pillar for business continuity, digital trust, and organizational resilience. As enterprises accelerate digital transformation—embracing cloud technologies, hybrid work environments, artificial intelligence, and interconnected platforms—the cyber threat landscape is becoming increasingly complex. In this ...

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations https://firewalls.firm.in/wp-content/uploads/2026/03/outlook.jpg Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner organizations, involved the ...

Proofpoint integrates with AWS Security Hub extended plan https://etimg.etb2bimg.com/thumb/msid-128942815,imgsize-7836,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/proofpoint-integrates-with-aws-security-hub-extended-plan.jpg Proofpoint said its Collaboration Protection product is now integrated with the Extended plan in AWS Security Hub. The integration is intended to let customers procure and manage Proofpoint’s protection for email, messaging, and collaboration tools through AWS Security Hub’s Extended plan, using a consolidated purchasing and support model. Proofpoint Collaboration Protection ...