Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Tech Radar

Image Credit: Tech Radar

Thousands of healthcare records exposed online, including private patient information

An unprotected database belonging to ESHYFT, a technology platform for nurses, was found online and exposed thousands of sensitive records.
The database contained personally identifiable information (PII) and medical data, such as names, IDs, medical reports, and more.
The exact duration of exposure and whether unauthorized access occurred is not known at this time.
After being informed by security researcher Jeremiah Fowler, ESHYFT secured the database and is actively working on a solution.

Read Full Article

2 Likes

VentureBeat

Image Credit: VentureBeat

OpenAI’s strategic gambit: The Agents SDK and why it changes everything for enterprise AI

OpenAI released a comprehensive agent-building platform, reshaping enterprise AI with its Agents SDK.
The platform consolidates a complex API ecosystem into a unified, production-ready framework for enterprise AI teams.
OpenAI acknowledges the need for outside expertise to address AI agent reliability issues, reflecting a strategic shift.
The announcement brings key capabilities into a unified framework, simplifying AI agent development for enterprises.
Enterprise AI adoption can benefit from OpenAI's API format and SDK, offering streamlined agent development.
OpenAI's SDK supports integration with models from other providers, providing enterprises with flexibility.
The release challenges database companies with built-in retrieval-augmented generation tools and citation capabilities.
OpenAI's comprehensive stack with tools and orchestration features aims to capture enterprise value and drive agent development.
Enterprise decision-makers must consider the advantages of OpenAI's platform while being mindful of potential vendor lock-in.
By offering pricing based on usage and enabling multi-agent workflows, OpenAI positions itself at the forefront of enterprise AI agent development.

Read Full Article

4 Likes

Medium

395

Image Credit: Medium

Suit Up, It’s Time to Put Your Cyber Superhero Identity to Use

The article emphasizes the importance of protecting personal and business accounts from cyber criminals.
It narrates a story of The Imposter targeting Dr. Civilian and attempting to steal his assets and personal information.
The cyber villain was thwarted thanks to a phone call made by Dr. Civilian and the credit card company's notification system.
The article encourages readers to become cyber heroes, assemble their cyber utility belts, and spread awareness about online security.

Read Full Article

23 Likes

TechCrunch

306

Image Credit: TechCrunch

AT&T technician Mark Klein, who exposed secret NSA spying, dies

Mark Klein, a former AT&T technician turned whistleblower, has died at age 79.
Klein exposed the secret NSA surveillance by revealing the use of a secret room in an AT&T hub in San Francisco in 2006.
His disclosure confirmed the U.S. government's access to internet data on millions of Americans.
The death of Mark Klein was confirmed by the Electronic Frontier Foundation, a digital rights group.

Read Full Article

18 Likes

Discover more

Medium

390

Image Credit: Medium

The Privacy and Security Risks of Agentic AI:

Agentic AI systems, capable of autonomous decision-making, are revolutionizing enterprise applications.
However, their autonomy raises concerns about privacy, security, and regulatory compliance.
Enterprises must address these challenges to fully integrate AI-driven agents.
The key question is how to harness the power of agentic AI while ensuring data security and compliance.

Read Full Article

23 Likes

Tech Radar

246

Image Credit: Tech Radar

AI agents can be hijacked to write and send phishing attacks

AI agents can be hijacked to write and send phishing attacks.
Cybercriminals are utilizing AI agents, such as OpenAI's Operator, to automate and streamline phishing attacks.
Symantec researchers were able to prompt Operator to send a convincing lure email, demonstrating the potential risks for security teams.
It is predicted that AI agents could become even more powerful, reducing barriers to entry for attackers and increasing the sophistication of cyberattacks.

Read Full Article

14 Likes

Siliconangle

143

Image Credit: Siliconangle

Intel gets a new CEO, and investors start doubting when AI will pay off

Intel has appointed a new CEO, Lip-Bu Tan, signaling change in the company's leadership amidst challenges in turning around the business.
Interest in AI is on the rise with the emergence of new AI services, although the practical impact is currently limited.
Companies are introducing more lightweight language models, expanding the possibilities in AI, despite high compute costs.
Investors are growing impatient with the perceived slow progress of AI in driving enterprise value, as indicated by the performance of companies like UiPath and Adobe.
Quantum computing is gaining investor interest, with D-Wave claiming to achieve quantum supremacy, though opinions on this vary.
Upcoming events like Nvidia GTC are expected to shed light on new technology developments including AI models and quantum computing.
In the AI and data sector, a range of new models and services have been introduced, highlighting advancements such as AI APIs, robotics models, and AI planning systems.
Significant financial transactions have taken place in the AI industry, with acquisitions and funding rounds boosting companies like ServiceNow, Qualcomm, and several AI startups.
In the enterprise realm, Intel's new CEO faces the challenge of steering the company, while various tech companies announce partnerships and new products aimed at enhancing AI performance and infrastructure.
Earnings reports reveal mixed outcomes, with companies like Oracle and Asana experiencing disappointments, while others such as Rubrik and PagerDuty outperform market expectations.

Read Full Article

8 Likes

Dev

390

Image Credit: Dev

Understanding Antimalware Service Executable: Is It Safe to Disable?

Antimalware Service Executable (MsMpEng.exe) is a core component of Windows Defender, designed to protect your system from malware.
The process might use significant CPU or memory resources due to scheduled scans, real-time protection, scanning large files, or outdated hardware.
Disabling Antimalware Service Executable leaves your system vulnerable to malware and other threats.
To manage resource usage, you can adjust scan schedules, exclude files or folders, or consider upgrading your hardware.

Read Full Article

23 Likes

Siliconangle

170

Image Credit: Siliconangle

Why Oasis Security urges companies to secure non-human identities

Oasis Security aims to secure non-human identities within organizations, as attacks continue to increase due to the rise of generative AI models.
The company employs Safe Secret Rotation to automate changing passwords and catalog protected information, helping organizations manage the growing number of human and non-human identities.
By automating machine-to-machine governance, Oasis enables security and development velocity to move at the same pace, reducing vulnerabilities and enhancing protection against breaches.
For its innovations in cybersecurity, Oasis received a CUBEd 'Rocketship' award.

Read Full Article

10 Likes

Tech Radar

395

Image Credit: Tech Radar

Juniper patches security flaws which could have let hackers take over your router

Juniper Networks has released a patch to address a vulnerability in its routers.
The vulnerability was being exploited by Chinese threat actors.
Multiple Juniper router models were found to be vulnerable.
The bug allows local attackers to run arbitrary code on the routers.

Read Full Article

23 Likes

Siliconangle

278

Image Credit: Siliconangle

Deep Instinct’s approach to cybersecurity: A prevention-first model

Deep Instinct Inc. is pioneering a prevention-first model in cybersecurity.
Unlike traditional systems, Deep Instinct's DSX platform uses deep neural networks to preemptively detect and block threats.
The company's AI-driven prevention model effectively neutralizes AI-generated malware in real-time.
Deep Instinct's flexible deployment model allows the application of deep learning core in various use cases.

Read Full Article

16 Likes

Hackernoon

225

Image Credit: Hackernoon

Crafting Multi-Cloud Systems: How Tech Experts Are Solving Connectivity

Multi-cloud strategies offer a solution to optimize performance across regions, but they come with challenges of inconsistent architecture, security models, and service offerings.
Arun Pandiyan Perumal, an expert in multi-cloud strategies and complexities, emphasizes integrating automation, security, and reliability checks to design comprehensive and scalable systems.
Site Reliability Engineering principles standardize automation workflows, reduce downtime, and ensure application availability across multiple cloud providers.
Perumal believes that AI-driven cloud infrastructure management can lead to self-healing systems, resulting in enhanced performance, security, and cost efficiency.

Read Full Article

13 Likes

VentureBeat

220

Image Credit: VentureBeat

51 seconds to breach: How CISOs are countering AI-driven, lightning-fast deepfake, vishing and social engineering attacks

Attackers can breach a network and move laterally in just 51 seconds, using stolen credentials to evade detection.
AI enables attackers to create vishing, deepfake, and social engineering attacks quickly and efficiently.
Vishing attacks have grown significantly, with a 442% increase in 2024, becoming a prominent method for gaining sensitive information over the phone.
Phishing remains a threat, with AI-generated content having a higher click-through rate compared to human-generated content.
Identity-based attacks are on the rise, with 79% of attacks in 2024 being malware-free and leveraging stolen credentials and AI-driven methods.
AI technology is being used by adversarial groups like Chinese Green Cicada and North Korea’s FAMOUS CHOLLIMA for creating fake accounts and profiles to infiltrate systems.
To combat AI-driven attacks, organizations like National Oilwell Varco are implementing solutions for revoking access quickly and emphasizing authentication of every identity and session.
Lessons for countering fast breaches include cutting off attacks at the authentication layer, using AI-driven threat detection, and unifying endpoint, cloud, and identity security.
Zero trust principles, such as segmentation and verifying identities, are crucial in defending against lightning-fast AI attacks.
Employing AI for threat detection, revoking tokens promptly, and implementing zero trust strategies are effective measures in combating AI-driven attacks.
Security leaders emphasize least privileged access, network segmentation, and continuous identity verification to defend against fast-moving cyber threats.

Read Full Article

13 Likes

Tech Radar

323

Image Credit: Tech Radar

GitLab has patched a host of worrying security issues

GitLab has patched nine vulnerabilities affecting its Community Edition (CE) and Enterprise Edition (EE) solutions, and urged users to apply the patch immediately.
Among the nine flaws, two are critical severity vulnerabilities that allow threat actors to bypass authentication.
Users are advised to update their GitLab CE/EE to versions 17.7.7, 17.8.5, and 17.9.2 to mitigate the risks.
The critical flaws were discovered in the ruby-saml library and could lead to data exfiltration, privilege escalation, and more.

Read Full Article

19 Likes