59% of Indian organizations expect cyber breach in 2025: Zscaler study – ET CISO https://etimg.etb2bimg.com/thumb/msid-118927471,imgsize-9494,width-1200,height=765,overlay-etciso/data-breaches/59-of-indian-organizations-expect-cyber-breach-in-2025-zscaler-study.jpg 97% of Indian IT leaders ‘believe’ their current cyber resilience measures are effective, yet ransomware attacks continue to rise and cost organizations billions of dollars per year. But only 53% of Indian IT leaders say their cyber resilience strategy is up-to-date in preparation for modern ...

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits https://firewall.firm.in/wp-content/uploads/2025/03/chinese-hackers.png Mar 12, 2025Ravie LakshmananCyber Espionage / Vulnerability The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. “The backdoors had varying ...

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack https://firewall.firm.in/wp-content/uploads/2025/03/code.png Mar 12, 2025Ravie LakshmananCloud Security / Vulnerability Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” ...

Kaspersky: Stealer malware leaked over 2 million bank cards – ET CISO https://etimg.etb2bimg.com/thumb/msid-118774806,imgsize-3834,width-1200,height=765,overlay-etciso/data-breaches/kaspersky-stealer-malware-leaked-over-2-million-bank-cards.jpg Kaspersky Digital Footprint Intelligence estimates that 2.3 million bank cards were leaked on the dark web, based on an analysis of data-stealing malware log files from 2023-2024. On average, every 14th infostealer infection results in stolen credit card information, with nearly 26 million devices compromised by infostealers, ...

Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates https://firewall.firm.in/wp-content/uploads/2025/03/malware-ransomware.png Mar 04, 2025Ravie LakshmananCybercrime / Threat Intelligence Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. ...

Government has a google chrome warning for Windows and Mac users – ET CISO https://etimg.etb2bimg.com/thumb/msid-117592387,imgsize-57114,width-1200,height=765,overlay-etciso/data-breaches/government-has-a-google-chrome-warning-for-windows-and-mac-users.jpg India’s cybersecurity watchdog, CERT-In, has warned about two vulnerabilities in the popular Google Chrome browser that hackers can exploit. These new warnings are for Chrome users mostly across Mac, PC and laptop platforms and not that much for smartphone users. These vulnerabilities can allow attackers ...

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation https://firewall.firm.in/wp-content/uploads/2025/02/cisa.png Feb 26, 2025Ravie LakshmananEnterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in ...

DeepSeek removed from app stores in South Korea amid data privacy concerns – ET CISO https://etimg.etb2bimg.com/thumb/msid-118319182,imgsize-22150,width-1200,height=765,overlay-etciso/data-breaches/deepseek-removed-from-app-stores-in-south-korea-amid-data-privacy-concerns.jpg Chinese AI app, DeepSeek, has been removed from South Korean app stores pending a review of how it handles user data. According to news agency AFP, Choi Jang-hyuk, vice chairperson of Seoul’s Personal Information Protection Commission, told a press conference that DeepSeek has been ...

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile https://firewall.firm.in/wp-content/uploads/2025/02/spyware.png Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that’s capable of infecting ...

California students take legal action against US education department over massive data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-118162922,imgsize-119596,width-1200,height=765,overlay-etciso/data-breaches/california-students-take-legal-action-against-us-education-department-over-massive-data-breach.jpg A coalition of California college students has filed a lawsuit against the US Department of Education accusing an oversight task force associated with tech magnate Elon Musk of unlawfully accessing confidential student financial records. The legal petition spearheaded by the University of California ...