A naukri.com initiative
Cyber Security News
Dev
1M
380
Image Credit: Dev
Web3 Operational Security: Lessons from the Bybit $1.4B Wallet Safe Hack
- On February 21, 2025, Bybit experienced a $1.4 billion wallet safe breach due to flaws in operational security procedures, affecting key management and privileged access.
- Web3 Operational Security (OpSec) focuses on protecting decentralized systems using strategies different from traditional cybersecurity.
- Web3 systems lack defined perimeters, shifting user responsibility for key security to self-custody and demanding new authentication methods.
- Unique security challenges in Web3 include self-custody of keys, smart contract immutability, permissionless architecture, and DAO governance vulnerabilities.
- The Bybit Wallet Safe hack exploited vulnerabilities in the Safe{Wallet} UI, impacting Bybit's cold wallet infrastructure.
- Bybit's post-incident response involved moving funds, securing emergency funding, and collaborating with cybersecurity firms and law enforcement.
- Designing secure Web3 infrastructure involves using hot and cold wallets, multi-signature and MPC wallets, role-based wallet segregation, and security tools like HSMs and threshold cryptography.
- Security tools for Web3 teams in 2025 include secure wallet orchestration platforms, SIEM tools tailored for Web3, smart contract scanners, dApp behavior anomaly detectors, and on-chain monitoring solutions.
- Operational processes for Web3 resilience include role-based access control, least privilege principle, mitigation of insider threats, incident response playbooks, and on-chain analytics for real-time monitoring.
- Governance considerations for Web3 projects involve adopting DAO or corporate structures, transparent and enforceable security policies, and understanding and adapting to regulatory pressures.
Read Full Article
22 Likes
Tech Radar
1M
90
Image Credit: Tech Radar
This worrying Apple Safari security bug could leave users wide open to cyberattacks
- Security researchers have uncovered a vulnerability in the Fullscreen API of Apple Safari browser, which is being exploited by hackers for convincing password theft attacks.
- Hackers use a browser-in-the-middle technique to trick users into interacting with a remote browser controlled by attackers, leading to the theft of login credentials and authentication cookies.
- The specific limitation in Safari browsers makes Fullscreen BitM attacks particularly convincing, as the browser doesn't provide proper alerts when a window enters fullscreen mode.
- Despite being informed about this vulnerability, Apple has decided not to address it further, as they believe the swipe animation in Safari is a sufficient signal for users.
Read Full Article
5 Likes
TechCrunch
1M
117
Image Credit: TechCrunch
Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
- A jury ordered NSO Group to pay over $167 million in damages to WhatsApp after a legal battle that started in 2019.
- The WhatsApp vs. NSO Group trial unveiled key revelations about the spyware attack on WhatsApp users.
- The zero-click attack on WhatsApp involved triggering the phone to download Pegasus spyware without user interaction.
- NSO Group kept targeting WhatsApp users even after the lawsuit was filed in November 2019.
- It was confirmed that NSO targeted a U.S. phone number as a test for the FBI.
- NSO's Pegasus system selects hacking methods for government customers based on targets.
- NSO Group employs around 350-380 people, with its headquarters located in the same building as Apple.
- European customers paid millions for access to Pegasus spyware, with prices varying based on features and targets.
- NSO revealed financial struggles during the trial, citing losses and expenses related to Pegasus development.
- The spyware maker expressed difficulty in paying damages, stating financial constraints during the proceedings.
Read Full Article
7 Likes
TechCrunch
1M
13
Image Credit: TechCrunch
White House investigating how Trump’s chief of staff’s phone was hacked
- The White House is investigating the hacking of chief of staff Susie Wiles' phone, where attackers accessed contacts and impersonated her.
- Hackers used AI to imitate Wiles' voice in phone calls and sent text messages from a different number.
- Authorities are determining if the cloud account associated with Wiles' device was compromised or if a more advanced cyberattack was involved.
- This is the second time Wiles has been targeted by hackers, with a previous incident involving Iranian hackers obtaining Vice President JD Vance's dossier.
Read Full Article
Like
Tech Radar
1M
253
Image Credit: Tech Radar
Google Apps Script abused to launch dangerous phishing attacks
- Hackers are using Google Apps Script to host fake invoices and launch phishing attacks targeting Microsoft 365 login details.
- Victims receive phishing emails with links to fake invoices hosted on script[.]google[.]com, creating a false sense of legitimacy.
- Clicking on the invoice link leads to a landing page mimicking a Microsoft 365 login page, where victims unknowingly provide their login credentials to attackers.
- Criminals set up the phishing page to redirect back to the actual Microsoft 365 site after collecting the login credentials to hide their tracks.
Read Full Article
15 Likes
Medium
1M
316
Image Credit: Medium
5 Common Cybersecurity Mistakes Even Smart People Make
- Reusing passwords across multiple accounts can make all your accounts vulnerable if one password gets leaked.
- Trusting 'secure' websites blindly based on padlock or 'https://' can be risky as it doesn't guarantee trustworthiness.
- Ignoring software updates increases the risk of hackers exploiting known vulnerabilities; enabling automatic updates is recommended.
- Oversharing personal information on social media can make you vulnerable to targeted attacks; adjust privacy settings accordingly.
- Assuming you won't be targeted by cyber attacks is a common mistake; implementing basic protections like strong passwords and two-factor authentication is crucial.
Read Full Article
19 Likes
Pymnts
1M
321
Image Credit: Pymnts
EU to Launch Age Verification App for Online Use in July
- The European Union is set to introduce an age verification app in July to protect minors online.
- The app will allow users to verify their age without sharing personal information with online platforms.
- The EU aims for tech companies to voluntarily adopt practices to safeguard minors without the need for laws.
- In addition, the European Commission is investigating adult content websites for not implementing sufficient age verification measures.
Read Full Article
19 Likes
Medium
1M
430
Image Credit: Medium
Cybersecurity Is a Boardroom Issue, Not Just an IT Task
- Cybersecurity is no longer just a technical issue, but a leadership and boardroom concern.
- Risks like cyber attacks, ransomware, data leaks, phishing, and insider threats require serious attention at the business level.
- Boards and CEOs need to prioritize cybersecurity as a competitive advantage and part of business strategy.
- Understanding cyber threats, planning for cyber resilience, and making cybersecurity a shared responsibility are crucial for business security in today's world.
Read Full Article
25 Likes
Medium
1M
67
How Artificial Intelligence is Transforming Digital Marketing in 2025
- AI is reshaping digital marketing by analyzing browsing patterns, offering personalized marketing, and optimizing ad campaigns across platforms.
- Tools like ChatGPT and Jasper enable marketers to generate content quickly, while AI-powered chatbots provide 24/7 support and improve customer satisfaction.
- AI predicts user actions, personalizes content, and enhances email marketing with better open rates and revenue per email.
- While AI boosts efficiency, balancing automation with authenticity and ensuring compliance with data privacy regulations like GDPR is crucial for marketers.
Read Full Article
4 Likes
TechBullion
1M
248
Image Credit: TechBullion
Why MSSPs Need 360° Cybersecurity Platforms in 2025 (Not Just Tools)
- MSSPs are facing increasing pressure to provide fast, scalable, and effective security solutions to clients due to evolving cyber threats.
- The shift is towards 360-degree cybersecurity platforms offering visibility, control, and integration across all layers of infrastructure from a centralized hub.
- Rotate is a cloud-native, modular cybersecurity platform designed for MSSPs to offer full-spectrum protection through seamlessly integrated modules.
- Successful MSSPs in 2025 will focus on scalable, outcome-driven security solutions from unified platforms like Rotate.
Read Full Article
14 Likes
Wired
1M
253
Image Credit: Wired
Cops in Germany Claim They've ID'd the Mysterious Trickbot Ransomware Kingpin
- Germany's federal police agency, the BKA, claims to have identified the mysterious Trickbot ransomware kingpin as Vitaly Nikolaevich Kovalev, a 36-year-old Russian man known online as 'Stern.'
- Kovalev is wanted by Germany for allegedly being the 'ringleader' of a criminal organization, with the Interpol issuing a red notice for him.
- The identification of 'Stern' as Kovalev is a significant development in understanding Trickbot, one of the notorious cybercriminal groups.
- Global law enforcement may have strategically withheld Stern's identity as part of ongoing investigations, with information obtained through various investigations aiding in his attribution.
- The German announcement marks the first public allegation of an identity for the suspect behind the moniker 'Stern.'
- Kovalev, previously sanctioned by the US and UK for his involvement in Trickbot, was linked to online handles 'ben' and 'Bentley.'
- Trickbot, a prominent ransomware group, overlapping with Conti gang, has been linked to cybercrimes orchestrated by 'Stern' acted like a CEO running operations like a legitimate company.
- Stern's eminence in Russian cybercrime is notable, with reports indicating connections to Russia's intelligence apparatus, indicating professionalism and strong operational security.
- The effectiveness of Trickbot and Conti was attributed to Stern's leadership and ability to maintain operational security, as indicated by cybersecurity experts.
- The identification of Kovalev as 'Stern' by the BKA in a multinational law enforcement context marks a significant milestone in the understanding of Trickbot's organization and leadership.
Read Full Article
15 Likes
Socprime
1M
316
Image Credit: Socprime
APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies
- APT41, a Chinese state-backed hacking group, is utilizing Google Calendar as a C2 operation for delivering TOUGHPROGRESS malware, targeting government agencies and multiple other governmental entities.
- The heightened threat from APTs, like APT41, using zero-day exploits and advanced malware, poses risks to critical infrastructure, financial systems, and government networks.
- China remains a dominant force in the APT landscape, with APT40 and Mustang Panda being active, while APT41 operations surged by 113% in Q1.
- Security professionals can access detection rules on the SOC Prime Platform to combat the latest APT41 campaign and explore threat detection strategies against nation-state actors.
- The APT41 attack involves spearphishing emails containing malware hidden in a ZIP file, with three modules of the ToughProgress malware using Google Calendar for C2 operations.
- ToughProgress executes malicious activities on infected Windows machines, communicates with attackers through Google Calendar, and encrypts data within dated calendar events for data exchange.
- Google Calendar is utilized innovatively by ToughProgress, enabling encrypted commands to be embedded in events, decrypted, executed on infected machines, and results uploaded for remote retrieval.
- Google and Mandiant collaborated to develop mitigation measures against TOUGHPROGRESS intrusions, including custom fingerprints for detection, removal of malicious instances, and blocking harmful domains and files.
- In response to the escalating cyber-espionage attacks by groups like APT41, organizations seek advanced security solutions combining AI, automation, and actionable threat intel to combat evolving threats effectively.
- SOC Prime offers a comprehensive security product suite to empower organizations in defending against sophisticated cyber threats at an increasingly complex scale.
Read Full Article
19 Likes
Ubuntu
1M
280
Image Credit: Ubuntu
Apport local information disclosure vulnerability fixes available
- Qualys discovered two vulnerabilities in Linux distributions, affecting apport and systemd-coredump handlers.
- These vulnerabilities have a medium CVSS score, require local access, and can leak core dumps for privileged processes.
- Canonical has released updates for apport in affected Ubuntu releases to remediate the vulnerabilities.
- Users are advised to update their packages to address the security issues and mitigate potential exploits.
Read Full Article
16 Likes
Tech Radar
1M
212
Image Credit: Tech Radar
World’s largest healthcare cooperative leaks millions of patient-doctor messages
- Cybernews discovered a major database containing chat logs, belonging to Unimed, one of the largest healthcare cooperatives.
- The exposed database included millions of patient-doctor messages, sensitive healthcare information, images, and more.
- The leaked information consisted of uploaded pictures, documents, messages, full names, phone numbers, email addresses, and Unimed card numbers.
- After being notified, Unimed secured the database but stated that no evidence of prior data abuse was found, and an investigation is ongoing.
Read Full Article
12 Likes
Dev
1M
439
Image Credit: Dev
Why Hackers Want Your Personal Data (And How They Use It)
- Personal data has real monetary value on the black market, collected and sold by data brokers and cybercriminals.
- Your phone number and address can be weaponized for identity theft, making regulations like GDPR, CCPA, and NDPR important.
- Hackers use stolen data for phishing, social engineering, credential stuffing, medical fraud, and synthetic identity theft.
- To protect your data, check for leaks, enable 2FA, use password managers, limit personal info online, and stay informed about privacy laws.
Read Full Article
26 Likes
For uninterrupted reading, download the app