A naukri.com initiative
Cyber Crime News
Guardian
2w
231
Image Credit: Guardian
Co-op apologises after hackers extract ‘significant’ amount of customer data
- The Co-op apologised after hackers accessed and extracted data of a 'significant number' of customers, including names and contact details.
- The hackers did not access passwords or financial information such as bank or credit card details; the National Cyber Security Centre and the National Crime Agency are assisting in the investigation.
- Co-op reassured members that their accounts are unaffected, but advised them to keep passwords safe; data leaked did not include sensitive financial information.
- The Information Commissioner’s Office is making inquiries, advising customers to use strong passwords and not reuse them across multiple accounts.
Read Full Article
13 Likes
Siliconangle
2w
459
Image Credit: Siliconangle
Partnership between Google and PwC addresses enterprise hesitancy to adopt AI security tools
- PwC and Google are addressing enterprise hesitancy towards adopting AI security tools, citing concerns around controls and governance.
- The collaboration between PwC and Google focuses on leveraging AI security tools, especially in the security operations center.
- AI agents are being trained to make decisions based on historical data, aiming to enhance human efforts in protecting organizations.
- Real-time insight into the threat landscape through AI tools is crucial in a rapidly shifting cybersecurity environment where quick responses are essential.
Read Full Article
26 Likes
Siliconangle
2w
161
Image Credit: Siliconangle
Doppel raises $35M for its social engineering detection platform
- Cybersecurity startup Doppel Inc. raises $35 million in funding led by Bessemer Venture Partners, Series B raise closed at $205 million valuation.
- Doppel plans to double down on core products, serve growing enterprise demand, and build first social engineering defense platform.
- Doppel's platform detects phishing emails, fake apps, counterfeit goods, and online ads impersonating established brands, using honeypots and customer reporting tools.
- The company analyzes about 100 million security data points per day, uses OpenAI language models, and helps customers take down social engineering campaigns in approximately ten hours.
Read Full Article
9 Likes
Siliconangle
2w
327
Image Credit: Siliconangle
Fortinet outlines new cyber threats and AI-powered defenses to match
- Cybersecurity threats are evolving with the use of AI tools like FraudGPT and WormGPT, leading to a surge in cybercrime-as-a-service.
- Attackers now employ AI for automated reconnaissance, targeted phishing, and complex multilayered attacks, driving the need for advanced defense strategies.
- Defenders are responding with agentic automation, intelligent orchestration, and the merging of security and network operations, as highlighted by Fortinet’s Derek Manky.
- Cybercrime has transformed into a profitable enterprise supported by AI-driven tools, enabling attackers to conduct targeted attacks with a focus on disrupting operations and extracting revenue.
- The shift towards more targeted attacks has led to a rise in stolen credentials, with info stealers like RedLine Stealer dominating dark web activities.
- AI acts as a catalyst for cybercrime by facilitating the scraping and selling of stolen credentials, leading to increased credential stuffing.
- In response, cybersecurity teams are incorporating generative and discriminative AI models to enhance threat detection and response times, improving coordination between SOC and NOC.
- Deception techniques like interactive honeypots are being used to lure and trap intruders, providing valuable threat intelligence and blurring the line between passive defense and active disruption.
- This shift in cybersecurity dynamics emphasizes the need for innovative defense strategies and AI-powered solutions to combat the growing cyber threats.
- Fortinet's Derek Manky shared insights on utilizing AI in cybersecurity defense, highlighting the importance of staying ahead of the evolving threat landscape.
Read Full Article
19 Likes
Siliconangle
2w
110
Image Credit: Siliconangle
KnowBe4’s Roger Grimes warns agentic AI could supercharge malware threats
- Agentic AI could supercharge malware threats, causing concern in the cybersecurity community.
- Roger Grimes from KnowBe4 Inc. warns about the potential risks associated with the use of agentic AI in malware attacks.
- AI's ability to create deepfakes could lead to more sophisticated attacks with realistic content tailored to specific industries.
- Agentic AI can also be used for defensive purposes in cybersecurity, such as improving patching capabilities and automating tasks.
Read Full Article
6 Likes
Siliconangle
2w
166
Image Credit: Siliconangle
How data security companies Varonis and CNA aim to protect “crown jewels” from shadow AI
- Data security is crucial in the age of artificial intelligence as enterprise AI adoption increases.
- Varonis and CNA emphasize the importance of protecting data assets from AI-powered attacks.
- Understanding the location of valuable data is vital to prevent costly security breaches and reputational damage.
- Varonis addresses the risks of shadow AI by enabling employees to use generative AI tools while minimizing data exposure.
Read Full Article
9 Likes
Securityaffairs
2w
192
Image Credit: Securityaffairs
Luxury department store Harrods suffered a cyberattack
- Luxury department store Harrods confirmed a cyberattack, making it the third major UK retailer targeted in one week.
- The cyberattack involved attempted unauthorized access to some of Harrods' systems, prompting immediate proactive steps from the IT security team.
- Harrods restricted internet access at its sites but maintained operations, including its Knightsbridge store and online platform.
- Technical details of the attacks on Harrods were not disclosed, and it remains uncertain if a data breach occurred. The attacks on Marks and Spencer and the Co-op were also mentioned in the context of recent retail cyberattacks.
Read Full Article
11 Likes
Guardian
2w
4
Image Credit: Guardian
M&S boss urges shoppers to visit stores in person as it battles cyber-attack
- Marks & Spencer is urging customers to shop in stores as it deals with a cyber-attack that has disrupted its online operations.
- The retailer's IT systems were hit by a ransomware attack, causing online order disruptions and affecting product availability in stores.
- The Metropolitan police are investigating the cyber-attack, with a group named Scattered Spider linked to the incident.
- Other retailers like the Co-op and Harrods have also faced cyber incidents, prompting the National Cyber Security Centre to issue a warning to all UK businesses.
Read Full Article
Like
Semiengineering
3w
176
Image Credit: Semiengineering
Automotive Security Risks Associated With Wireless Communication
- A new technical paper titled 'Revisiting Wireless Cyberattacks on Vehicles' was published by researchers at Comillas Pontifical University and MIT.
- The paper focuses on the security risks associated with wireless communication technologies in modern vehicles due to the extensive attack surface created by interconnected electronic components.
- It provides a comprehensive analysis of each technology, discussing existing research, known vulnerabilities, and potential countermeasures to address cybersecurity concerns in smart, autonomous, and connected vehicles.
- The paper aims to guide future research efforts to enhance vehicle cybersecurity in response to the evolving landscape of automotive technologies.
Read Full Article
10 Likes
Siliconangle
3w
30
Image Credit: Siliconangle
Security analysis: As critical infrastructure becomes a target, platformization takes hold
- Platformization is transforming the cybersecurity industry as infrastructure faces increased security threats.
- Security leaders are moving towards unified platforms to combat complex threats across various environments.
- Jackie McGuire highlights the critical gap between cybersecurity strategy and execution.
- Critical infrastructure is now highly targeted by nation-state actors due to reliance on cybersecurity.
- Platformization is becoming crucial in cybersecurity to manage growing threats and infrastructure complexity.
- Vendors are consolidating and reshaping the cybersecurity landscape with integrated platforms.
- The industry's push towards platformization often presents challenges in practical implementation.
- Legacy players struggle with technical debt and integration issues, creating opportunities for newer vendors.
- The importance of truly integrated platforms rises as security threats reach into physical infrastructure.
- Platformization involves not only technical unification but also aligning solutions with modern buyer expectations.
Read Full Article
1 Like
Arstechnica
3w
424
Image Credit: Arstechnica
Phishing attacks that defeat MFA are easier than ever. So what are we to do?
- Phishing attacks are becoming increasingly sophisticated and can now bypass some common forms of multifactor authentication (MFA), making it easier for attackers to gain unauthorized access to accounts.
- MFA typically requires an additional authentication factor beyond a password, such as a fingerprint scan or a one-time passcode sent via text or email. However, tools like Tycoon 2FA and Rockstar 2FA are being used by criminals to defeat these MFA protections.
- The adversary in the middle attack technique is being employed to bypass MFA. This has led to the creation of phishing-as-a-service toolkits like Evilproxy and Greatness, making it easier for non-technical users to create sites that can defeat account protections.
- The growing ecosystem of tools designed to circumvent MFA highlights the importance of continuously evolving security measures to stay ahead of cyber threats in an increasingly digital world.
Read Full Article
25 Likes
Siliconangle
3w
253
Image Credit: Siliconangle
Veeam Threat Hunter ushers in a new era of proactive cybersecurity and resilience
- Veeam Threat Hunter ushers in a new era of proactive cybersecurity and resilience, shifting from reactive to proactive security strategies.
- The solution offers real-time threat intelligence by continuously monitoring backup data and connected systems, enhancing cyber resilience through data protection.
- Veeam Threat Hunter uses a signature-based scan engine to detect malware, ransomware, and anomalies in backup data, supporting risk management and threat detection.
- Veeam emphasizes the importance of a robust partner ecosystem to strengthen organizations' ability to prepare for and respond to cyber threats, with over 65 security vendors partnering with Veeam.
Read Full Article
15 Likes
Siliconangle
3w
349
Image Credit: Siliconangle
Cribl and Palo Alto Networks partner to secure agentic AI across multicloud environments
- Cribl Inc. has partnered with Palo Alto Networks Inc. to enhance security intelligence and automation management for agentic AI in response to increasing data cybersecurity challenges.
- XSIAM is making a comeback in relevance due to real-world applications and growing AI ecosystem, prompting Cribl to align with Palo Alto for data ownership management and security infrastructure flexibility.
- As security data grows at a 28% compound annual growth rate, organizations are focusing on faster, smarter, and scalable pipelines to efficiently filter, route, and manage data without overwhelming platforms or budgets.
- AI is transforming the workforce for modern chief information security officers, offering defense, executive function, and communication support, augmenting roles rather than replacing jobs.
Read Full Article
21 Likes
Siliconangle
3w
365
Image Credit: Siliconangle
Google and HCL Tech launch SecOps Labs to advance AI-driven security
- Google and HCL Tech have launched SecOps Labs, a new space that offers customers AI pilots as part of a collaboration to provide previews of security offerings for Google Cloud.
- This initiative involves about 75% of Google Labs being fueled by partners like HCL to determine the direction of products and Google Security enhancements.
- SecOps Labs aims to advance operational maturity with agentic AI solutions, following the joint launch of AI products by HCL Tech and Google Cloud in April.
- The partnership leverages Google's advantage in data availability to develop new AI products and services strategically, focusing on thorough testing and user benefits.
Read Full Article
21 Likes
Siliconangle
3w
412
Image Credit: Siliconangle
Zscaler champions AI-powered threat detection in the context of fighting fire with fire
- AI-powered threat detection is crucial as cyberattacks evolve, utilizing advancements like generative artificial intelligence.
- Fighting AI-driven threats with AI is necessary as intelligent, automated defenses are needed to match the complexity and speed of modern attacks.
- Zscaler's Deepen Desai highlighted the importance of leveraging AI to combat AI-driven attacks, emphasizing the need for AI-powered threat detection in today's sophisticated attack landscape.
- Phishing attacks are becoming more targeted and context-driven due to AI advancements, indicating the growing need for AI-powered threat detection to address evolving tactics.
Read Full Article
24 Likes
For uninterrupted reading, download the app