Expert take: The DPDP act arrives: Are companies ready for what comes next? https://etimg.etb2bimg.com/thumb/msid-126749794,imgsize-6460770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/understanding-indias-digital-personal-data-protection-act-are-companies-prepared.jpg Rupinder Malik, Partner at JSA India stands at a pivotal crossroad today as it navigates its fastest-growing digital economy and the operationalisation of the Digital Personal Data Protection (DPDP) Act. With over one billion internet subscribers, the nation has emerged as one of the world’s three ...

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool https://firewalls.firm.in/wp-content/uploads/2026/01/mexc.jpg Jan 13, 2026Ravie LakshmananWeb Security / Online Fraud Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on ...

Sebi alleges Bank of America breached rules in 2024 stock deal, document shows https://etimg.etb2bimg.com/thumb/msid-126406161,imgsize-46564,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/sebi-alleges-bank-of-america-breached-rules-in-2024-stock-deal-document-shows.jpg India’s markets regulator has accused a ⁠Bank of America (BofA) unit of violating its insider trading rules and breaking internal “Chinese walls” in connection with a 2024 share sale, a notice showed. The notice followed a Securities and Exchange Board of India (SEBI) investigation into the ...

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia https://firewalls.firm.in/wp-content/uploads/2026/01/india.jpg The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts. “The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut ...

Microsoft, Meta, Google and Apple warned over AI outputs by US attorneys general https://etimg.etb2bimg.com/thumb/msid-125902911,imgsize-24128,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/us-attorneys-general-warn-tech-giants-like-microsoft-and-apple-over-ai-risks.jpg Microsoft, Meta, Google and Apple were among the 13 companies that received a warning from a bipartisan group of state attorneys general, according to a letter from the state leaders, who said their chatbots’ “delusional outputs” could be violating state laws. The letter was made public ...

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign https://firewalls.firm.in/wp-content/uploads/2026/01/phishing-email.jpg Jan 02, 2026Ravie LakshmananCloud Security / Email Security Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate Google-generated messages by abusing Google Cloud’s Application Integration service to distribute emails. The activity, Check Point said, takes advantage of the trust associated with Google Cloud ...

Global cyberattacks rise as GenAI introduces new data exposure risks: CPR November 2025 findings https://etimg.etb2bimg.com/thumb/msid-125909289,imgsize-149288,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/surge-in-global-cyberattacks-genai-data-exposure-risks-highlighted-by-cpr-november-2025-report.jpg Check Point Research, the threat intelligence arm of Check Point Software Technologies, released its Global Threat Intelligence insights for November 2025, reporting that organizations worldwide faced an average of 2,003 cyberattacks per week. This reflects a 3% increase from October and a 4% rise year-over-year, ...

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory https://firewalls.firm.in/wp-content/uploads/2025/12/mongodb.jpg Dec 27, 2025Ravie LakshmananDatabase Security / Vulnerability A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), has been described as a case of improper handling of length parameter inconsistency, which arises when ...

BFSI leaders decode how privacy is becoming a competitive edge https://etimg.etb2bimg.com/thumb/msid-125931099,imgsize-88480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/bfsi-leaders-reveal-privacy-as-new-competitive-advantage-in-data-protection.jpg At the ETCISO Data Protection & Privacy Summit 2025, senior leaders from Bandhan Bank and Star Health & Allied Insurance unpacked how India’s new data protection regime is triggering a decisive shift — from viewing privacy as a compliance formality to positioning it as a strategic asset. The discussion ...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper https://firewalls.firm.in/wp-content/uploads/2025/12/apple-macos.jpg Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple’s Gatekeeper checks. “Unlike earlier MacSync Stealer variants ...