A SaaS Security Challenge: Getting Permissions All in One Place  https://firewall.firm.in/wp-content/uploads/2024/05/as.png Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions may be granted based on tasks ...

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data https://firewall.firm.in/wp-content/uploads/2024/05/ad.png The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report ...

Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering https://firewall.firm.in/wp-content/uploads/2024/05/btc.png May 07, 2024NewsroomCryptocurrency / Cybercrime A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the ...

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices https://firewall.firm.in/wp-content/uploads/2024/05/chinese.jpg May 06, 2024NewsroomNetwork Security / Malware The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced around July ...

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution https://firewall.firm.in/wp-content/uploads/2024/05/hack.jpg May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that’s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out ...

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities https://firewall.firm.in/wp-content/uploads/2024/05/russia.png Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic’s ...

Over 22 billion records exposed in data breaches in 2020: Report – ET CISO https://etimg.etb2bimg.com/thumb/msid-80297145,imgsize-277360,width-1200,height=765,overlay-etciso/news/over-22-billion-records-exposed-in-data-breaches-in-2020-report.jpg New Delhi: Over 22 billion records were exposed worldwide amid 730 publicly disclosed data breaches in 2020, a new report revealed on Friday. Thirty five percent of breaches were linked to ransomware attacks, resulting in tremendous financial cost, while 14 per cent of breaches were ...

A checklist for strengthening your cloud security posture – ET CISO https://etimg.etb2bimg.com/thumb/msid-81404212,imgsize-226474,width-1200,height=765,overlay-etciso/news/a-checklist-for-strengthening-your-cloud-security-posture.jpg By Ravi MaguluriAccording to IDC’s IT spending Survey, May 2020, as a result of the spread of the pandemic, 64% of the organizations in India are expected to increase demand for cloud computing while 56% for cloud software to support the new normal. Cost savings, scalability, and flexibility ...

NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources https://firewall.firm.in/wp-content/uploads/2024/05/rmails.png May 03, 2024NewsroomEmail Security / Malware The U.S. government on Thursday published a new cybersecurity advisory warning of North Korean threat actors’ attempts to send emails in a manner that makes them appear like they are from legitimate and trusted parties. The joint bulletin was published by ...

FLoC and data privacy in the world of targeted ads – ET CISO https://etimg.etb2bimg.com/thumb/msid-82208111,imgsize-379570,width-1200,height=765,overlay-etciso/news/floc-and-data-privacy-in-the-world-of-targeted-ads.jpg By Anupam shuklaA 70s adage about television advertising goes something like “if you are not paying for the product, then you ARE the product!”. Pithy as the quote may be, it contains a world of meaning and relevance, especially for today. We cannot deny that today ...