A naukri.com initiative
Cyber Crime News
Siliconangle
3w
113
Image Credit: Siliconangle
How SailPoint is taming the “wild west” of agentic AI in identity security
- SailPoint Technologies Holding Inc. is focused on addressing the challenges posed by generative artificial intelligence and artificial intelligence agents in identity security by ensuring secure governance of organizations.
- Chandra Gnanasambandam, CTO and EVP of Product at SailPoint, highlighted the need to manage AI agents similar to human workforces to control access to applications and data, emphasizing the importance of mapping agent permissions.
- Companies are struggling with AI adoption due to flawed data management, with only around 15% of the largest corporations adept at managing human identity, leading to a crisis in identity security.
- SailPoint's unified platform, SailPoint Atlas, leverages AI to address complex security challenges, especially for large corporations with diverse platforms, and is developing the world's largest identity graph to enhance identity management.
Read Full Article
6 Likes
Securityaffairs
3w
244
Image Credit: Securityaffairs
FBI shared a list of phishing domains associated with the LabHost PhaaS platform
- The FBI shared a list of 42,000 phishing domains associated with the LabHost PhaaS platform, shut down in April 2024, to raise awareness and aid in identifying compromises.
- LabHost was one of the largest phishing-as-a-service platforms, offering various illicit services for about 10,000 users, allowing cybercriminals to impersonate over 200 organizations to gather personal and banking information.
- An international law enforcement operation coordinated by Europol, called Nebulae, led to the shutdown of LabHost in April 2024, resulting in the arrest of 37 individuals involved in the platform.
- LabHost provided phishing kits, hosting infrastructure, and campaign management tools, with around 40,000 phishing domains linked to the platform, reaching users globally who paid a monthly fee for its services.
Read Full Article
14 Likes
TechDigest
3w
433
Image Credit: TechDigest
Harrods becomes latest retail victim of cyber attack, report claims
- Luxury department store Harrods has become the latest retailer to be targeted by cyber attackers, restricting internet access after an attempt to compromise its systems.
- Similar attacks have been reported on other major retailers like Marks & Spencer and the Co-op Group.
- Details of the Harrods cyberattack are unclear, but a customer reported issues with payment.
- Harrods assured customers that its physical stores and website remain operational, and they are working with specialists to investigate and resolve the issue.
Read Full Article
26 Likes
Guardian
3w
227
Image Credit: Guardian
Harrods is latest retailer to be hit by cyber-attack
- Harrods, the luxury department store, is the latest retailer to be hit by a cyber-attack following incidents at Marks & Spencer and the Co-op.
- Harrods had to shut down some systems due to attempts to gain unauthorized access, but its website and stores are still operational. The retailer's IT security team took proactive measures to safeguard the systems.
- Harrods reassured customers that no action is needed as they do not suspect any data breach. M&S is facing similar issues after an incident linked to the hacking group Scattered Spider caused disruptions in online orders and automated stock systems.
- The Co-op also had to close some internal systems and instructed employees to activate cameras during online conferences following an attempted hack.
Read Full Article
13 Likes
Siliconangle
3w
206
Image Credit: Siliconangle
The rise of agentic AI: CrowdStrike CEO George Kurtz on defending against faster, smarter digital superusers
- Artificial intelligence, particularly in the form of agentic AI, is accelerating a shift toward autonomous threat response and real-time decision-making in cybersecurity.
- Agentic AI systems are capable of scanning vast datasets and triggering automated workflows, forcing organizations to rethink data governance and platform strategy.
- Adversaries adopting agentic AI tools are blurring the lines between cybercriminals and nation-states, increasing the urgency for organizations to stay ahead in cybersecurity.
- CrowdStrike's approach focuses on high-fidelity data and partner integrations to evolve platforms and stay ahead of sophisticated attackers.
Read Full Article
12 Likes
Siliconangle
3w
96
Image Credit: Siliconangle
The rise of agentic AI: CrowdStrike CEO George Kurtz on defending against faster, smarter, AI-powered adversaries
- Artificial intelligence, particularly agentic AI, is accelerating a shift toward autonomous threat response and real-time decision-making in cybersecurity.
- Agentic AI systems are capable of scanning vast datasets, triggering automated workflows, and uncovering vulnerabilities in seconds, challenging organizations to rethink data governance and platform strategies.
- CrowdStrike CEO George Kurtz highlighted the transformative impact of agentic AI on cybersecurity, enabling autonomous threat detection and response while introducing new risks that demand adaptive strategies.
- As attackers leverage generative AI and large language models to rapidly identify and exploit vulnerabilities, defenders must adapt quickly, emphasizing the importance of high-fidelity data and partner integrations to stay ahead.
Read Full Article
5 Likes
Siliconangle
3w
295
Image Credit: Siliconangle
Managing cyber risk in real time: How SecurityScorecard strengthens supply chain security
- Managing cyber risk in the supply chain has become a strategic imperative, with SecurityScorecard Inc. offering a transparent, continuous, and data-driven approach to third-party security.
- Jason Thompson, COO of SecurityScorecard, highlighted the importance of managing cyber risk innovatively to facilitate smooth operations for organizations.
- SecurityScorecard's MAX solution helps assess breach likelihood, prioritize remediation efforts, and provides real-time ratings on cybersecurity posture to enhance risk management.
- The company's approach involves identifying supply chain issues, applying detection and response actions, and offering a managed service through the MAX product.
Read Full Article
17 Likes
Securityaffairs
3w
363
Image Credit: Securityaffairs
Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack
- Canadian electric utility Nova Scotia Power and parent company Emera are facing a cyberattack that disrupted their IT systems and networks.
- The cyberattack on Nova Scotia Power Inc., a subsidiary of Emera Inc., did not cause any power outages affecting over 500,000 customers in Nova Scotia.
- Both companies activated incident response and business continuity protocols, engaged cybersecurity experts, and isolated affected servers to contain the cyber threat.
- Emera confirmed no disruption to its Canadian or international operations despite the cyber incident, and the financial impact is not expected with Q1 results set for May 8, 2025 release.
Read Full Article
21 Likes
Siliconangle
3w
266
Image Credit: Siliconangle
How Chainguard advances open-source software security with an innovation-first approach
- Chainguard Inc. is focusing on securing open-source software without impeding development teams in a rapidly innovating digital landscape.
- Their president, Ryan Carlson, highlights the company's role in enhancing open-source software security for a wide range of clients, from startups to Fortune 500 companies.
- Chainguard offers solutions that provide visibility and actionable remediation for software supply chains, utilizing distroless container architecture to reduce vulnerabilities.
- The company is expanding its product suite to include virtual machine host images and language-specific libraries while maintaining its audience among DevSecOps teams.
Read Full Article
16 Likes
TechDigest
3w
39
Image Credit: TechDigest
M&S cyber attack sparks 7 critical cybersecurity lessons, says expert
- M&S faced a severe cyber incident leading to the shutdown of key internal systems, online sales pause, customer refunds, and significant financial losses.
- The cyber attack on M&S serves as a wake-up call for businesses to prioritize cybersecurity readiness and learn critical lessons to strengthen their defenses.
- Seven essential lessons include making cybersecurity a board-level priority, adapting security for hybrid working, emphasizing employee training, ensuring supply chain security, testing incident response plans, investing in cybersecurity technologies, and considering cyber insurance.
- Experts stress the importance of treating cybersecurity as an integral part of business infrastructure and having a clear plan to limit damage in case of AI-driven threats.
Read Full Article
2 Likes
Guardian
3w
336
Image Credit: Guardian
M&S unable to take on new workers as disruptions continue after cyber-attack
- Marks & Spencer is facing disruptions due to a cyber-attack, leading to the inability to hire new workers and pulling down all online job postings.
- The retailer's IT systems were hit by a ransomware attack over a week ago, causing issues with online orders and product availability in stores.
- The Metropolitan police is investigating the cyber-attack on M&S while Co-op also faced an attempted hack, prompting parts of its IT systems to be shut off.
- M&S staff are now required to keep cameras on and verify identities in all remote work meetings following the cyber incident.
Read Full Article
20 Likes
TechDigest
3w
214
Image Credit: TechDigest
Tech expert reveals 4 key hacker warning signs as Co-op and M&S systems shutdown over cyber attack
- Co-op and M&S faced cyber attacks leading to system shutdowns and disruptions, prompting concerns for businesses' cybersecurity.
- Identifying hacker warning signs is crucial to prevent potential security breaches and protect business operations.
- Key signs of hackers include unusual account activity like failed login attempts and unauthorized access, prompting password resets and MFA implementation.
- Malware indicators such as unexpected file changes and ransomware messages necessitate regular data backups and security software usage.
- Sluggish system performance and network irregularities can signal cyber attacks, requiring managed cybersecurity services and intrusion detection.
- Phishing attempts, identifiable through spam emails, emphasize the importance of employee awareness and email filtering.
- Proper cyber protection and awareness are vital in preventing hacking attempts, with staying updated on security measures being crucial.
- Business owners and employees should prioritize cyber safety, regularly update protection software, and remain alert to potential threats.
- Consumers can protect their data by avoiding linking cards to online accounts, changing passwords regularly, and using unique passwords for different accounts.
- Co-op's IT system shutdown and M&S cyber attack highlight the ongoing threats faced by businesses in the digital landscape.
- The impact of cyber attacks extends to business reputation and financial losses, emphasizing the need for robust cybersecurity measures.
Read Full Article
12 Likes
Cybersecurity-Insiders
3w
315
Cyber Attack on British Co-Operative Group
- The Co-Operative Group, known as Co-Op, confirmed a recent cyber attack on its systems, which was contained to a limited number of servers.
- Marks & Spencer also fell victim to a ransomware attack by a sophisticated cybercrime group, raising concerns about the growing threat of ransomware attacks.
- Ransomware attacks, like the recent incidents, highlight the importance of businesses reassessing their cybersecurity strategies and adopting proactive measures.
- To combat ransomware threats, businesses should implement comprehensive business continuity plans, update systems regularly, educate employees on identifying phishing scams, and invest in cybersecurity technologies.
Read Full Article
18 Likes
Guardian
3w
40
Image Credit: Guardian
How ‘native English’ Scattered Spider group linked to M&S attack operate
- Scattered Spider, linked to cyber-attack on UK retailer Marks & Spencer, is distinctive for comprising native English speakers.
- They employ social engineering tactics, such as impersonating employees or IT help desks, due to their perceived trustworthiness.
- US DoJ charged five individuals, mostly in their 20s, including a 23-year-old Scottish man, for phishing attacks and stealing sensitive data.
- Scattered Spider operates as an umbrella term for a loosely connected online community engaging in various criminal activities.
Read Full Article
2 Likes
Siliconangle
3w
342
Image Credit: Siliconangle
Security DataANGLE: ETR data shows posture management rising in strategic importance
- Posture management is gaining importance in cybersecurity as organizations seek unified risk visibility across digital environments.
- Security teams are using posture management to assess exposure and coordinate defenses in real-time, moving away from siloed monitoring.
- Vendors are integrating posture management into broader platforms to enhance visibility and control for improved cyber resilience.
- Data fragmentation remains a challenge, as full integration across systems is needed for effective posture management in the cybersecurity landscape.
Read Full Article
20 Likes
For uninterrupted reading, download the app