FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Friday, January 31, 2025

Netflix’s “Zero Day” TV Series: Is a Devastating Global Cyberattack Really Possible?

The upcoming Netflix show Zero Day paints a dramatic picture of a disastrous cyberattack on the United States, with severe infrastructural damage and thousands of casualties. Although the show has not been released yet, it has already raised an important question: Could such a catastrophic event happen in real life?  Ilia Sotnikov, Security Strategist at Netwrix, explains why we can all enjoy the series, while those in charge of national critical infrastructure must continue their work to keep such a prolonged nationwide cybersecurity disaster...

Is data minimization the new data ethics in subscription management?

Data could be your biggest asset but it could also be your weakest link. The more you collect, the more there is to be guarded, the more to be held accountable for, the more to sift through to find something of value. With increasing customer awareness and a growing need for greater control over personal data, it’s never been more critical for SaaS providers to reassess how much of what’s collected can even be meaningfully analyzed? Data minimization is not a trend, it’s a strategic priority that translates into a distinct business advantage, More...

5 cybersecurity practices for custom software development

Whether you are going to build a custom CRM system, custom ERP tool, or any other bespoke solution, you need to ensure that this software is properly secured. Otherwise, it can be exposed to a wide range of cyber threats, which puts your corporate and customer data at risk. Even a single data breach could be devastating for a business, which is highlighted by examples of NVIDIA, CNA Financial, and hundreds other companies. As a software development firm with 25+ years of experience, we use a mix of practices to prevent vulnerabilities in the solutions...

Thursday, January 30, 2025

Ransomware attack makes Tata Technologies suspend whole of its IT services

Tata Technologies, a multinational business that is into the sector of Technology engineering from India has released a press statement that whole of its IT services were suspended as a precautionary measure to mitigate cyber risks associated with the attack. However, the good news is that all the services that were facing suspension were restored to the fullest, within a time frame of just 3 hours, thus reducing the downtime scare to a large extent.   A ransomware attack is a kind of malware attack, where a hacking group targets the computer...

Doppler announces integration with Datadog to streamline security and monitoring

San Francisco, United States / California, January 30th, 2025, CyberNewsWire Doppler, the leading provider of secrets management solutions, announced a new integration with Datadog, a cloud application monitoring and security platform. This collaboration provides engineering and operations teams with an integrated solution for securely managing sensitive credentials and gaining insights into cloud environments through real-time monitoring. In an era of rapid cloud adoption, DevOps and security teams face mounting challenges in safeguarding sensitive...

Ransomware news trending on Google

Smith Engineering Group Hit by Ransomware Attack Smith Group Plc, a multinational engineering giant based in Britain, has issued a public statement confirming that it was recently targeted by a ransomware attack. The breach was detected and contained in time by the company’s IT team, preventing any further damage. However, the company is still in the process of investigating the full extent of the attack, including which systems were affected and, crucially, identifying the cybercriminals behind it. Although the company has yet to formally label...

SquareX Discloses “Browser Syncjacking” , a New Attack Technique that Provides Full Browser and Device Control, Putting Millions at Risk

Palo Alto, USA, January 30th, 2025, CyberNewsWire SquareX discloses a new attack technique that shows how malicious extensions can be used to completely hijack the browser, and eventually, the whole device. PALO ALTO, Calif., Jan. 30, 2025 — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. However, until now, due to the limitations browser vendors place on the extension subsystem and extensions, it was thought to be...

Wednesday, January 29, 2025

DeepSeek AI data under scrutiny as Microsoft investigates OpenAI data steal

DeepSeek AI, a Chinese chatbot service that recently gained traction on the Apple App Store, is now in the spotlight due to allegations of unauthorized data access from Microsoft-backed OpenAI. According to sources familiar with the situation, DeepSeek AI’s founder, Liang Wenfeng, has strongly denied these accusations, dismissing them as baseless and labeling them as a coordinated attempt by Western media to undermine the company’s advancements. Despite these denials, industry analysts suspect that DeepSeek AI may have leveraged OpenAI’s proprietary...

Taking a Threat Adapted Approach to Vulnerability Management

As cyber threats continue to grow in complexity and frequency, vulnerability management requires more than just patching systems; it demands  a dynamic, threat-adapted approach. As part of Cyber Rhino Threat Week (December 9-13, 2024) which aimed to inform, sharing threat intelligence insights and best practices with our customers, partners and industry ecosystem, we held a session that explored  how integrating Threat Intelligence into Vulnerability Management can transform the way organizations prioritize and respond to risks.  Vulnerability...

Cybersecurity in Banking: Strengthening Security Amid Rising AI Threats

As technology continues to evolve in today’s digital landscape, cybersecurity threats are becoming increasingly sophisticated. Financial institutions are one of the most vulnerable industries for cyberattacks due to their increasing reliance on technology and open banking for consumers to share their financial data with third-party service providers. While institutions embrace AI and open banking, the complexity and volume of cyberthreats are also growing, making it more challenging for institutions to protect themselves.  To address these...

Tuesday, January 28, 2025

Whitehall vulnerable to Cyber Attacks and malware threats

Whitehall, a term that refers both to the British government administration and a specific geographic location in central London, has recently garnered attention for its vulnerability to cyberattacks. This issue stems primarily from the reliance on outdated IT infrastructure, a problem that has left critical government departments exposed to potential breaches. The findings were outlined in a report by the National Audit Office (NAO), which highlighted the serious risks posed by outdated systems and a lack of skilled personnel within Whitehall...

Ransomware Insurance: Rising Premiums, Uncertain Returns, and Alternative Strategies

You probably think of ransomware insurance as a safeguard against ransomware attacks and data loss – and it is, to a certain extent. But what if we told you cyber or ransomware insurance may not end up covering against financial losses you experience due to ransomware? Or that ransomware insurance is actually making the scourge of ransomware worse? If those statements sound surprising, keep reading for details on why cyber insurance not only fails to offer the protections that companies often think they’re obtaining when they purchase cybersecurity...

Monday, January 27, 2025

InvisibleFerret: Everything About Lazarus APT’s New Backdoor

During October and November 2024, researchers observed a surge in North Korean cyber activity leveraging a well-documented tactic: staging fake job interviews.  This approach, employed by the notorious Lazarus Group, targets employees in the technological, financial, and cryptocurrency sectors.  Disguised as coding challenges or video conferencing software, these...

Cyber Attack on China AI startup DeepSeek halts registrations on iPhones

DeepSeek, a rising AI startup from China, has recently issued a warning that it is temporarily halting user registrations after its servers were hit by a large-scale cyber attack. Preliminary investigations suggest that the attack was a Distributed Denial of Service (DDoS) attack, a method in which fake web traffic is generated to overwhelm a server, preventing it from functioning properly and blocking legitimate users from accessing the service. DeepSeek is known for offering an AI-powered chatbot service for free to Apple Inc. users, which appears...

Google launches new Identity Check feature for data security

Google, the web search giant owned by Alphabet Inc., has introduced a new security feature designed to protect your data in case your phone is stolen. At the moment, this feature is available on select Android devices, specifically Google Pixel models running Android 15 and certain Samsung Galaxy smartphones running One UI 7 and above. The feature, called “Identity Check,” is aimed at enhancing your phone’s security by locking sensitive settings when the device is taken outside of trusted locations. However, it’s important to note that this feature...