Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Securityaffairs

391

Image Credit: Securityaffairs

How threat actors can use generative artificial intelligence?

Generative Artificial Intelligence (GAI) presents significant risks when weaponized by malicious actors, revolutionizing the cyber-threat landscape with the new era of attacks ranging from deepfakes and large-scale phishing campaigns.
GAI automates creating personalized and convincing messages, providing a highly effective tool for attackers engaging in disinformation campaigns, fraud, or privacy violations.
Hackers can use GAI to develop malicious code and refine attack tools specifically designed for offensive purposes, such as malware or scripts designed to exploit vulnerabilities.
The increasing accessibility of GAI through “as-a-service” models will only accelerate its adoption, allowing even those with minimal technical expertise to execute advanced attacks, democratizing cybercrime.
Major GAI providers are actively working on solutions to mitigate emerging threats such as developing robust detection for deepfakes, enhancing anti-phishing tools and creating safeguards to prevent the misuse of GAI platforms.
As GAI becomes more sophisticated and accessible, the challenges for defenders will increase exponentially. It is imperative to recognize potential dangers of GAI and take proactive measures to address them.
Leading security companies are also trying to mitigate the threats of GAI such as enhancing anti-phishing tools and creating safeguards to prevent GAI Misuse.
The use of GAI in disinformation campaigns is no longer hypothetical. According to a report by the Microsoft Threat Analysis Center (MTAC), Chinese threat actors are using GAI to conduct influence operations targeting foreign countries.
Platforms like FraudGPT and WormGPT provide tools specifically designed for Phishing and Business Email Compromise (BEC) attacks.
Generative Artificial Intelligence is a double-edged sword where the benefit of innovation and progress cannot be ignored, and measures must be taken to mitigate risks that GAI poses to Cybersecurity.

Read Full Article

23 Likes

Dev

216

Image Credit: Dev

Mastering SSH Tunneling: A Guide to Securing Your Network Traffic

SSH Tunneling is a method of sending non-SSH traffic securely between two computers by encrypting it through an SSH connection.
In an SSH Tunnel, the application on the local computer sends traffic to a specified port.
One of the most common use cases for SSH Tunneling is accessing remote systems securely.
To make SSH tunneling easier and more convenient, you can configure it in your ~/.ssh/config file.
SSH Tunneling is most beneficial when you need to establish a secure connection between your local system and a remote machine.
Encrypting unencrypted traffic: SSH Tunnels are useful when you need to secure traffic that is typically unencrypted, such as FTP.
Protecting network traffic: If you are concerned about eavesdropping or man-in-the-middle attacks, SSH Tunneling provides an encrypted channel to secure your data.
In summary, SSH Tunneling is a powerful tool for securing traffic between local and remote systems, even when the traffic itself isn’t encrypted.
Whether you're accessing remote desktops, databases, or other services, SSH Tunneling provides a simple and effective way to secure your communications.
SSH Tunneling provides a robust solution to ensure your data is transmitted safely.

Read Full Article

12 Likes

Tech Radar

315

Image Credit: Tech Radar

Pro-Russian hackers hit Japan with DDoS attacks over military ties to the US

Pro-Russian hackers launch DDoS attacks against Japan over military ties with the US.
Attacks target critical infrastructure and government bodies.
Russia expresses concerns over Japan's militarization.
Hacktivist groups NoName057 and Russian Cyber Army Team coordinate the cyberattacks.

Read Full Article

18 Likes

Dbi-Services

189

Image Credit: Dbi-Services

Offloading PostgreSQL Backups to Azure Blob Storage Using PGBackRest, Managed Identity, and SAS Tokens

This article discusses how to offload PostgreSQL backups to Azure cloud's blob storage securely to reduce infrastructure costs and provide cloud-based disaster recovery capabilities.
The setup involves creating an Azure-managed identity and a SAS (shared access signature) token, which gives a time-limited, secure connection to the offsite backup location.
Next, the article covers setting up the PostgreSQL application and configuring local and remote backup repositories to accomplish the backup plan.
PGBackRest script is adapted to renew the SAS token periodically and update the pgBackRest configuration file in the PostgreSQL server.
The SAS token, which is used to access the blob storage, and the managed identity can be audited and monitored in Azure's cloud app hosting environment for added security and compliance.
The article provides examples of how to automate the renewals of the SAS token and how to test the solution to ensure it works as expected.
The SNMP protocol enables a manager to monitor the operations of remote software on its network for greater efficiency in network management and reduced downtime. SNMP has its own challenges and benefits. This article provides an overview of SNMP's functionality, how it works, its benefits, and the challenges it presents.
This article explores how to use AWS EC2 instances for GPU-accelerated computing, which offers several benefits like high-performance computing, better task parallelization, and lower infrastructure costs.
The article discusses the process of creating an EC2 instance, launching the instance, and installing the necessary tools and libraries on it for GPU-accelerated computing.
Lastly, the article provides multiple examples of how to get started with specific tools, libraries, and code examples that can help in running the model more efficiently on EC2 instances.
In conclusion, this article provides a step-by-step guide to implementing GPU-accelerated computing on Amazon's AWS platform and helps readers to get started with specific tools, libraries, and code examples.

Read Full Article

11 Likes

Discover more

Medium

126

Image Credit: Medium

The Rise in Ransomware Attacks: Trends, Impacts, and Mitigation Strategies

Ransomware attacks have become more accessible due to RaaS platforms.
Critical infrastructure, such as healthcare systems, is at risk from ransomware attacks.
Governments are implementing stricter cybersecurity regulations.
Employee training programs are crucial for mitigating ransomware attacks.

Read Full Article

7 Likes

Mcafee

207

2024 Data Breaches Wrapped

Billions of records on millions of people have been exposed in data breaches, costing nearly $10 trillion dollars to people and businesses worldwide. Here are five noteworthy data breaches that occurred in 2024: National Public Data (NPD) breach, Ticketmaster breach, breach at Infosys McCamish Systems (IMS), breach at U.S. debt collector (FBCS), and the AT&T breach.
The National Public Data (NPD) data breach involved nearly three billion records. Sensitive information stolen included names, current and past addresses, social security numbers, and personal information. No notices were immediately sent to potential victims.
The Ticketmaster data breach compromised the personal information of over half a billion people. Information stolen included names, addresses, email addresses, phone numbers, order information, and partial payment card details. Notifications went out to potential victims via physical mail.
The breach at Infosys McCamish Systems (IMS) compromised sensitive information such as social security numbers, dates of birth, medical records, biometric data, email address and passwords, usernames and passwords, driver’s license and state ID numbers, financial account info, payment card info, passport numbers, tribal ID numbers, and US military ID numbers. Notifications went out to potential victims in several ways from Bank of America, Fidelity Investments Life Insurance, and IMS eight months after the initial attack.
The breach at a U.S. debt collector, Financial Business and Consumer Solutions (FBCS), compromised the personal information of more than four million people. Information stolen included consumer names, addresses, date of birth, Social Security numbers, driver’s license numbers, other state identification numbers, health insurance information, and medical claims information. FBCS went on to say that the compromised info varied from person to person.
Mobile carrier AT&T learned that hackers had stolen the call and text logs of nearly all its estimated 100 million customers. The compromised data covered a period between May 1, 2022, and October 31, 2022. The stolen data revealed the phone numbers customers communicated with, along with the frequency and total duration of calls and texts for specific periods.
Preventive measures offer the strongest protection from data breaches. To fully cover yourself, it's recommended to check your credit, consider a security freeze and get ID theft protection. Further, it's advisable to monitor your identity and transactions, keep an eye out for phishing attacks, update passwords, and use two-factor authentication.
To help protect against data breaches, McAfee offers McAfee+ Advanced or Ultimate plans that offer features like credit monitoring, security freeze, ID theft and restoration coverage, identity monitoring, and various types of transaction monitoring for banks, loans, and investments. Plus, the Text Scam Detector scans links in texts.
Breaches often take months before we receive any kind of notification, giving hackers plenty of time to do their damage. Therefore, it's advisable to take the necessary steps to protect ourselves from the fallout of such data breaches.
The Ticketmaster and the AT&T data breaches affected a half-billion people and nearly 100 million people, respectively. The breaches at National Public Data, Infosys McCamish Systems, and U.S. debt collector, Financial Business and Consumer Solutions, each compromised millions of personal information.

Read Full Article

12 Likes

Neuways

Image Credit: Neuways

Prioritising IT and Cyber Security in 2025: Putting Your Business First

The year 2025 presents an opportunity for businesses to reassess IT and cyber security budgets and strategies.
Key recommendations for IT budgeting include prioritizing cloud computing, automation and AI, and customer-centric systems.
In terms of cyber security, businesses should focus on transitioning to phish-resistant MFA, addressing the cyber skills gap, strengthening identity and access management, and providing tailored cyber security training.
To future-proof technology, it is important to upgrade critical infrastructure and implement long-term IT roadmaps.

Read Full Article

Securityaffairs

Image Credit: Securityaffairs

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

15 SpyLoan Android apps found on Google Play had over 8 million installs
Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia
Phishing-as-a-Service Rockstar 2FA continues to be prevalent
Zello urges users to reset passwords following a cyber attack

Read Full Article

2 Likes

Identityiq

229

Image Credit: Identityiq

Fortnite Scams: What Parents Need to Know

Fortnite Battle Royale is a popular online video game developed by Epic Games.
Players can make purchases within the game to upgrade their player profile and gain new weapons.
Unfortunately, offering financial information exposes players to scams, potentially leading to identity theft.
Poison PDFs, V-bucks scams, phishing, account hacking, fake Fortnite apps, and trading and item scams are some of the most common Fortnite scams.
Parents need to be aware if their child plays Fortnite and how to help keep them safe.
Sit down with your kids and explain to them how scams work and that they need to be aware of them.
Don’t allow your child to make online purchases within the game unless you are with them.
Help them understand that it’s never wise to enter their personal information on a third-party website or app.
Enable two-factor authentication for added online security and safety.
Invest in IdentityIQ identity theft insurance and identity protection in the event your child makes a mistake leading to identity fraud, leaked bank accounts, or data breaches.

Read Full Article

13 Likes

Medium

Image Credit: Medium

Australia's New Nightmare: Surveillance

Surveillance technology has improved, leading to an expectation of increased security in Australia.
CCTV cameras have replaced security guards, leading to an over-estimated sense of site security.
Having no physical presence on a site results in increased wrongdoing, as cameras cannot monitor everything.
Retail theft is easy to get away with, as cameras can only observe but cannot catch offenders.

Read Full Article

4 Likes

TechBullion

409

Image Credit: TechBullion

Unlocking Potential: Top Investment Opportunities in Asset-Backed Securities

Asset-backed securities (ABS) offer the opportunity to invest in real-world assets while diversifying portfolios and potentially reaping attractive returns.
Investing in ABS offers diversification and the potential for high yields.
Most ABS are actively traded in the market, making it easier for investors to buy or sell as needed without significant price fluctuations.
Mortgage-backed securities (MBS) pool home loans into tradable bonds, providing a steady income stream. Auto loan-backed securities bundle car loans and offer a steady stream of income.
Credit card receivables-backed securities pool credit card debt and provide a steady cash flow.
Small business loans-backed securities offer exposure to the growth potential of small enterprises.
Evaluating the right ABS investment requires understanding the underlying assets, analyzing credit ratings, considering interest rates and historical performance, and assessing financial goals and risk tolerance.
Credit risk, market fluctuations, interest rate risk, and liquidity risks are the significant concern investors should be aware of.
ABS often offer higher yields compared to traditional fixed-income investments, which can enhance overall returns.
In today’s dynamic market landscape, including asset-backed securities could be instrumental in achieving long-term financial success.

Read Full Article

24 Likes

Gizchina

184

Image Credit: Gizchina

Protect Your Privacy: Simple Steps to Remove Spyware from Your Phone

Spyware can infect smartphones and be disguised as legitimate software or hijack existing apps to steal your data, track your location, and record conversations.
There are different types of mobile spyware such as Nuisanceware, Standard Mobile Spyware, Advanced Spyware or Stalkerware.
Nuisanceware often comes bundled with genuine software and irritates users with annoying pop-up ads.
Standard Mobile Spyware can steal information such as passwords, credit card numbers, and personal messages.
Advanced Spyware or Stalkerware is the most dangerous form of spyware as it can monitor a person's activities in great detail, including their location, calls, messages, and even their keystrokes.
Signs of spyware infection include unusual battery drain, overheating, strange behavior, increased data usage, unusual noises during calls, difficulty in turning off the phone, unexplained charges, and suspicious app behavior.
Removing spyware from a device can be challenging, and software-based solutions like antivirus apps and dedicated spyware removal tools are effective. One can also delete suspicious apps, check device administration settings, and reboot in safe mode, and perform a factory reset as a last resort.
To stay protected against spyware, users should avoid downloading apps from unofficial sources, keep software updated, use strong passwords, enable two-factor authentication, be careful while using public Wi-Fi and use antivirus software.
If one suspects stalkerware or other advanced forms of spyware, consulting a cybersecurity expert or law enforcement for tailored advice and assistance is crucial.

Read Full Article

11 Likes

TechJuice

Image Credit: TechJuice

PTA Provides Additional Time for VPN Registration

The Pakistan Telecommunication Authority (PTA) has decided not to proceed with blocking unregistered VPNs.
The government has approved a new registration period for virtual private networks (VPNs).
PTA Chairman confirmed that the authority would not ban VPNs and the deadline has been extended.
Over 27,000 VPNs have been registered so far.

Read Full Article

3 Likes

Tech Radar

405

Image Credit: Tech Radar

Report shows the threat of supply chain vulnerabilities from third-party products

CyCognito report highlights the risks of supply chain vulnerabilities.
Third-party products pose security risks due to undetected vulnerabilities.
Web servers, cryptographic protocols, and web interfaces are the most vulnerable areas.
Insufficient Web Application Firewall (WAF) protection for web interfaces handling personally identifiable information (PII) exposes sensitive data.

Read Full Article

24 Likes

Dev

406

Image Credit: Dev

How to Detect and Defend Against SQL Injection Attacks – Part 4: Real-World Scenarios Deep Dive

This article examines four real-world SQL injection attack scenarios and the methods attackers used to gain access to sensitive data.
Heartland Payment Systems' 2008 SQL injection attack originated from a poorly secured web application and resulted in the theft of 130 million credit card numbers.
Sony Pictures' 2011 SQL injection attack exposed 47,000 employee records and led to financial losses and reputational damage.
Content Management Systems (CMS) like WordPress, Joomla, and Drupal are common targets for SQL injection. In 2018, attackers exploited a SQL injection vulnerability in a popular WordPress plugin to inject malicious payloads.
In a more recent example, attackers targeted an API endpoint of a financial institution to gain unauthorized access to sensitive financial records.
Blind SQL Injection, Error-Based SQL Injection, and Time-Based Blind SQL Injection are common methods used by attackers in SQL injection attacks.
Lack of input validation or sanitization, use of dynamic SQL queries, and insufficient database access controls are risk factors for SQL injection.
Developers prioritizing functionality over security, legacy systems, and outdated software introduce vulnerabilities, and misconfigurations expose applications to unnecessary risks.
Defensive strategies include regular code audits, advanced monitoring, security training, and adopting secure frameworks.
Organizations can proactively implement strategies to detect, prevent, and mitigate SQL injection threats.

Read Full Article

24 Likes

For uninterrupted reading, download the app