menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Infoblox

3d

read

281

img
dot

Image Credit: Infoblox

2024 DNS Threat Landscape

  • DNS-sourced threats are evolving with new evasion and stealth techniques that bypass security controls.
  • In 2024, Infoblox added 20 million new indicators and provided an average of 63 days of protection before a malicious domain was actively used.
  • Registered Domain Generation Algorithm (RDGA) is used by adversaries to create numerous domain names, which was the top technique seen in 2024.
  • Lookalike domain names were discovered during key events like the Olympics and elections in 2024.
  • Traffic Distribution Systems (TDSs) allow actors to target specific audiences making them the second most important technique seen.
  • Actors are exploiting the effectiveness of sitting duck attacks, which involve hijacking domains for their positive reputation.
  • DNS tunneling is being used by malicious actors to bypass firewalls and exfiltrate data most of whom remain undetected.
  • The Muddling Meerkat actor may be linked to a nation-state nexus that probes DNS networks through open resolvers.
  • Malicious usage of DNS remains underreported in the security industry, and organizations should include protection against the malicious usage of domains as part of the enterprise defense-in-depth strategy.
  • Infoblox enables security teams to block over 75% of malicious domains before victim interaction.

Read Full Article

like

16 Likes

source image

Macdailynews

3d

read

273

img
dot

Image Credit: Macdailynews

Why Apple’s approach to alerting victims of spyware attacks is the right one

  • Apple's approach to alerting victims of spyware attacks involves notifying individuals targeted by government spyware and directing them to seek assistance.
  • Apple recommends contacting Access Now, a nonprofit operating a digital helpline for civil society members, rather than contacting Apple's own security engineers.
  • Cybersecurity experts support Apple's approach, as these notifications have been crucial for spyware accountability research and have provided victims with the necessary information and support.
  • Apple's alert system helps individuals know they are being targeted, that something potentially anomalous is happening with their device, and directs them to the appropriate helpline for help and triage.

Read Full Article

like

16 Likes

source image

Tech Radar

4d

read

274

img
dot

Image Credit: Tech Radar

BeyondTrust says hackers hit its remote support products

  • BeyondTrust confirms cyberattack after detecting anomalous behavior and compromised Remote Support SaaS instances.
  • Attackers accessed a Remote Support SaaS API key and reset local app account passwords.
  • BeyondTrust patched two vulnerabilities, including a critical command injection flaw.
  • The company proactively updated its Secure Remote Access Cloud customers' defenses.

Read Full Article

like

16 Likes

source image

Tech Radar

4d

read

210

img
dot

Image Credit: Tech Radar

It's been a huge year for criminals stealing cryptocurrency - and North Korea was largely to blame

  • $2.2 billion worth of cryptocurrency was stolen in 2024, up 21% year-on-year
  • More than 300 separate incidents of cryptocurrency theft were tracked in 2024, 10 times more than in 2018 and 2019
  • North Korea was blamed for stealing $1.34 billion in cryptocurrency, doubling the amount linked to the country in 2023
  • Chainalysis calls for collaboration between public and private sectors to enhance security measures and establish data-sharing initiatives

Read Full Article

like

12 Likes

source image

TechCrunch

4d

read

193

img
dot

Image Credit: TechCrunch

Ransomware attack on health giant Ascension hits 5.6 million patients

  • A ransomware attack on Ascension, a U.S. healthcare giant, has impacted 5.6 million patients.
  • Hackers were able to steal personal and sensitive health information during the cyberattack.
  • The attack caused disruptions in the hospital system, leading to delayed or lost lab results and medication errors.
  • The Black Basta gang is responsible for the attack, making it the third-largest healthcare-related breach of 2024.

Read Full Article

like

11 Likes

source image

Tech Radar

4d

read

282

img
dot

Image Credit: Tech Radar

Juniper Networks warns Mirai botnet is back and targeting new devices

  • Juniper Networks warns Mirai botnet is scanning for vulnerable routers
  • Operators of the Mirai botnet are back, targeting easy-to-compromise Session Smart routers
  • The campaign started in mid-December 2024 and includes DDoS attacks
  • Users advised to tighten security and avoid default login credentials

Read Full Article

like

16 Likes

source image

Arstechnica

4d

read

326

img
dot

Image Credit: Arstechnica

VPN used for VR game cheat sells access to your home network

  • Teenagers have found a way to cheat in the virtual reality game Gorilla Tag by using a VPN to change their location and gain an advantage.
  • The VPN app, Big Mama VPN, is not only used for in-game cheating but also sells access to users' home internet connections.
  • Buyers of Big Mama VPN can hide their online activity by piggybacking on the VR headset's IP address.
  • While the cheating itself may be relatively harmless, the selling of users' home internet connections raises privacy concerns.

Read Full Article

like

19 Likes

source image

Dev

4d

read

234

img
dot

Image Credit: Dev

Waymap: The Ultimate Web Vulnerability Scanner for Penetration Testers

  • Waymap, developed by Trix Cyrus, is a cutting-edge web vulnerability scanner for penetration testers.
  • It offers high-speed scanning, customizable profiles, and the ability to detect a diverse range of vulnerabilities.
  • Key features include flexible scanning options, supported scan types, threaded scanning, comprehensive profiles, and automated update checks.
  • Waymap is an intuitive and user-friendly tool that requires proper authorization and welcomes contributions from the cybersecurity community.

Read Full Article

like

14 Likes

source image

Medium

4d

read

395

img
dot

AES Encryption Keys (password hashing)

  • AES Encryption Keys (password hashing) relies on a password of sufficient length and the non deterministic factor of indistinguishable random data. However, passwords as user inputs do not make for good encryption keys. To use passwords for encryption, a key derivation function must be applied which generates derived keys. Key derivation functions work by utilizing unique random salt to make pre-calculated rainbow tables infeasible. Furthermore, the salt should be stored with the password to ensure it is public, thus rendering the hash with the same password looking different. Weak keys refer to cryptographically secure generated keys, which makes an encryption algorithm vulnerable to an exploit.
  • For good encryption keys, a minimum length, determined by the AES encryption algorithm, is required. AES+CBC encryption necessitates a minimum length of 16 bytes, while AES+GCM can work with 12 bytes, although 16 bytes is suggested. To use passwords for encryption, a Key Derivation Function (KDF) is required to generate derived keys like argon2, bcrypt, and scrypt. Key derivation functions must be slow and some like argon2 are designed to take up a substantial amount of memory such that calculations on GPUs are not possible, to deter brute force attacks against offline stolen data.
  • Argon2 is considered the best KDF to use for password key derivation, with Argon2id being its most secure mode. Unfortunately, allot of encryption starts with user-supplied passwords, which are not random inputs of sufficient length making them 'easily' guessed by a bruteforce attack. To protect passwords from such attacks, the password's hash must not be stored and must be encrypted with the hash itself. Although offline bruteforce attacks on remote login systems are improbable, offline attacks on stolen data can be quite effective.
  • Weak keys, although generally not a concern in AES encryption, can pose a problem in the AES+GCM mode, which has several published papers on weak keys and can make the encryption algorithm vulnerable to an exploit. Ultimately, the GCM mode would best be used for anything with short-lived keys and not for disk encryption where keys and ciphers live longer. Another noteworthy point is that although salts are not secret and are public, they make pre-calculated rainbow tables infeasible and as such the salt should be stored with the password.
  • In conclusion, the use of derived keys in KDFs is a more secure way to encrypt data since passwords as user inputs do not make for good keys. However, even with a decent hashing algorithm and a random unique salt, it is still a possibility that your hash and salt may be exposed. As such, unique and strong passwords are recommended to prevent such password cracking attempts.

Read Full Article

like

23 Likes

source image

Medium

4d

read

246

img
dot

Image Credit: Medium

Why I Believe in MVO Over MVP: Delivering Value, Not Just Features

  • MVO (Minimum Viable Offering) prioritizes delivering immediate, meaningful value to customers.
  • MVO is about delivering on a promise and creating solutions that matter to the audience right away.
  • In cybersecurity, MVO focuses on solving problems and providing real solutions, not just showcasing technology.
  • MVO approach in cybersecurity builds trust, solves problems, and delivers value right from the start.

Read Full Article

like

14 Likes

source image

Digitaltrends

4d

read

254

img
dot

Image Credit: Digitaltrends

Tips to keep your smartphone just as safe as a government official’s

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued a set of guidelines to protect smartphones. Here are some tips from CISA to keep your smartphone just as safe as a government official.
  • CISA’s first general advice for communications is to use end-to-end encrypted services. iPhone’s default iMessage pipeline and the RCS protocol championed by Google for its Messages app on Android are both end-to-end encrypted.
  • Enabling hardware-based or on-device authentication for identity verification is the next line of defense. Go ahead and enable them if carrying a physical FIDO hardware key, like one from Yubico, sounds like too much of a hassle.
  • Another crucial suggestion by CISA is that you should ditch SMS-based multi-factor authentication, as they are prone to various kinds of attacks. Instead, switch to authenticator apps.
  • If an authenticator app is not an option for your work or productivity flow, rely on a password management app instead of the inconvenient (and hack-prone) route of remembering a dozen passwords.
  • Moreover, if you live in a country where carrier accounts form the backbone of your cellular usage, set up a strong password for that SIM account.
  • Use a VPN for your internet surfing activities.If possible, pay for one instead of going the free VPN route. We have detailed the steps to keep your app permissions in check for both Android and iOS.
  • If you sense malware activity on your iPhone, enable Lockdown Mode and reach a law enforcement authority.
  • Google offers a Security Checkup dashboard for all connected devices. I suggest that you spend a few minutes flicking some toggles and clearing the security alerts in there.
  • Taking the time to follow a few tips can drastically reduce your risks.

Read Full Article

like

15 Likes

source image

Tech Radar

4d

read

274

img
dot

Image Credit: Tech Radar

Fortinet flags some worrying security bugs coming back from the dead

  • Fortinet has released a security bulletin flagging a critical severity flaw in its Fortinet Wireless Manager (FortiWLM) product.
  • The flaw, which was first discovered in May 2023, allows attackers to take over vulnerable endpoints remotely.
  • Users are advised to update their FortiWLM version immediately to mitigate the vulnerability.
  • The bug remained undisclosed for several months, making it a zero-day vulnerability for a significant period of time.

Read Full Article

like

16 Likes

source image

Tech Radar

4d

read

44

img
dot

Image Credit: Tech Radar

Safety policies are needed for safe AI adoption, security leaders say

  • Security leaders prefer Generative AI (GenAI) delivered through cybersecurity platforms.
  • Top concerns include sensitive data exposure, adversarial attacks, and hallucinations in GenAI tools.
  • Security leaders are implementing new policies for responsible AI adoption.
  • Opinions are divided on whether the benefits of AI outweigh the risks.

Read Full Article

like

2 Likes

source image

Medium

4d

read

8

img
dot

Image Credit: Medium

INTMAX Partners with Predicate to Enable Safe Decentralization

  • INTMAX is partnering with Predicate to enable safe decentralization.
  • INTMAX aims to balance privacy and background checks on the blockchain.
  • Predicate Network is used to set pre-transaction rules to prevent high-risk activities.
  • INTMAX focuses on scalability, privacy, and accessibility for Ethereum.

Read Full Article

like

Like

source image

Tech Radar

4d

read

323

img
dot

Image Credit: Tech Radar

This top security camera streaming app may have been putting thousands of users at risk

  • Home security solutions provider Virtavo exposed sensitive data on hundreds of thousands of users.
  • A data server with 3GB of personal information and telemetry from iPhones was found exposed.
  • The data included phone numbers, device identifiers, IP addresses, and firmware versions.
  • The researchers reported the issue, and the server has been shut down.

Read Full Article

like

19 Likes

For uninterrupted reading, download the app