Tracking whatever you do: IIT study finds Android apps are gathering far more information than users think https://etimg.etb2bimg.com/thumb/msid-125046682,imgsize-67480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tracking-whatever-you-do-iit-study-finds-android-apps-are-gathering-far-more-information-than-users-think.jpg A new study by IIT Delhi has found that Android apps with precise location access can gather far more information than users expect by analysing low-level GPS signals. The research shows that apps can infer whether a person is indoors or outdoors, ...

Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data https://firewalls.firm.in/wp-content/uploads/2025/11/travel-sites.jpg A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel ...

Gen-AI, data growth and insider risk fuel new data security threats https://etimg.etb2bimg.com/thumb/msid-125149351,imgsize-9434,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/gen-ai-data-growth-and-insider-risk-fuel-new-data-security-threats.jpg Proofpoint, Inc. released its second annual Data Security Landscape report, finding that organizations continue to face widespread data loss as they struggle to protect sensitive information amid rapid data growth, AI adoption, and the rise of AI agents in the workplace. The report, based on insights from 1,000 ...

 Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform https://firewalls.firm.in/wp-content/uploads/2025/11/google-phishing.jpg Nov 12, 2025Ravie LakshmananCybercrime / Malware Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The ...

Finextra & Cloudera: 91% say hybrid AI is the new finance standard https://etimg.etb2bimg.com/thumb/msid-125264509,imgsize-10438,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/finextra-cloudera-91-say-hybrid-ai-is-the-new-finance-standard.jpg Cloudera, in partnership with Finextra Research, published a global report based on a survey of 155 executives and leaders worldwide. The findings indicate hybrid AI deployment is an important strategy in the financial services industry, with 91% of organizations rating a hybrid approach as highly valuable. The ...

WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks https://firewalls.firm.in/wp-content/uploads/2025/11/whatsapp-web.jpg Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to ...

Britain’s JLR says ‘some data’ affected by cybersecurity incident https://etimg.etb2bimg.com/thumb/msid-123821271,imgsize-5312,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/britains-jlr-says-some-data-affected-by-cybersecurity-incident.jpg Jaguar Land Rover on Wednesday said that “some data” was affected in a cybersecurity incident disclosed last week, which has disrupted production and sales at the British luxury carmaker. JLR did not provide details on what kind of data was affected but said it was informing relevant authorities. “Our forensic ...

⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens https://firewalls.firm.in/wp-content/uploads/2025/10/recap-hacker.jpg Oct 27, 2025Ravie LakshmananCybersecurity / Hacking News Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and ...

Seqrite reveals critical insights into Google salesforce breach by UNC6040 threat group https://etimg.etb2bimg.com/thumb/msid-123842589,imgsize-4194,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/exploring-the-disruptive-unc6040-cyberattack-insights-from-seqrite-on-the-google-salesforce-breach.jpg Seqrite, the enterprise arm of Quick Heal Technologies Limited, a global provider of cybersecurity solutions, has unveiled comprehensive insights into the sophisticated vishing-extortion campaign that compromised Google’s corporate Salesforce instance in June 2025, exposing small and medium-sized business client data to cybercriminals. The attack was orchestrated by ...

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign https://firewalls.firm.in/wp-content/uploads/2025/10/indian-cyberattack.jpg Oct 24, 2025Ravie LakshmananCyber Espionage / Malware A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), ...