U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network https://firewall.firm.in/wp-content/uploads/2025/02/fbi.png Feb 01, 2025Ravie LakshmananCybercrime / Fraud Prevention U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, ...

Need for healthcare-specific privacy laws to curb menace of patient data breaches – ET CISO https://etimg.etb2bimg.com/thumb/msid-117669726,imgsize-63852,width-1200,height=765,overlay-etciso/data-breaches/need-for-healthcare-specific-privacy-laws-to-curb-menace-of-patient-data-breaches.jpg Healthcare data, due to its inherently sensitive nature, demands unparalleled levels of security. Healthtech solutions have revolutionized care delivery by bridging critical gaps in accessibility, efficiency, and patient outcomes. By integrating data-driven solutions and digital tools, they improve operational efficiency and also empower patients ...

GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs https://firewall.firm.in/wp-content/uploads/2025/01/git.png Jan 27, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user’s Git credentials. “Git implements a protocol called Git Credential Protocol to retrieve ...

RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations https://firewall.firm.in/wp-content/uploads/2025/01/telecom.png Jan 24, 2025Ravie LakshmananTelecom Security / Vulnerability A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network. The ...

US treasury breach – Chinese hackers breach Janet Yellen’s computer, accessed about 50 files – ET CISO https://etimg.etb2bimg.com/thumb/msid-117320088,imgsize-87808,width-1200,height=765,overlay-etciso/data-breaches/us-treasury-breach-chinese-hackers-breach-janet-yellens-computer-accessed-about-50-files.jpg Hackers backed by the Chinese government accessed US Treasury Secretary Janet Yellen’s computer and files, Bloomberg News has reported . The breach, discovered in December, also impacted the computers of Deputy Secretary Wally Adeyemo and Acting Under Secretary Brad Smith. The hackers ...

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation https://firewall.firm.in/wp-content/uploads/2025/01/root.png Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking ...

Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action https://firewall.firm.in/wp-content/uploads/2025/01/digi.png Jan 16, 2025The Hacker NewsCertificate Management / Compliance The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying ...

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 https://firewall.firm.in/wp-content/uploads/2025/01/push.png You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost ...

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool https://firewall.firm.in/wp-content/uploads/2025/01/rsync.png Jan 15, 2025Ravie LakshmananVulnerability / Software Update As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. “Attackers can take control of a malicious server and read/write arbitrary ...

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99 https://firewall.firm.in/wp-content/uploads/2025/01/web3.png Jan 15, 2025Ravie LakshmananCryptocurrency / Malware The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. “The campaign begins with fake recruiters, posing on platforms like ...