Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Medium

143

Image Credit: Medium

Understanding Computer Viruses: How They Spread & How to Stay Safe

Computer viruses are a major threat to data and privacy, capable of stealing personal information, corrupting files, and disrupting system operations.
Viruses spread through methods such as phishing emails, malicious downloads, infected USB drives, fake ads and pop-ups, and exploiting unpatched software.
Signs of a virus infection include slow performance, frequent crashes, unknown programs, unusual account activity, and disappearing or corrupted files.
To stay safe, use a reliable antivirus, avoid clicking suspicious links, keep software updated, download from trusted sources, enable a firewall, and exercise caution with USB drives.

Read Full Article

8 Likes

Siliconangle

314

Image Credit: Siliconangle

Blackwall reels in €45M for its AI-powered reverse proxy

Estonia-based startup Blackwall secures €45 million in funding for its AI-powered reverse proxy, GateKeeper.
GateKeeper acts as a reverse proxy for website hosting providers, protecting over 2.3 million online services from cyberattacks.
The AI Advisor tool helps administrators determine the appropriate traffic filtering rules for a website, while deep packet inspection is used to identify malicious requests.
Blackwall plans to use the funding to expand its team, enhance product development, and grow its international presence.

Read Full Article

18 Likes

TronWeekly

Image Credit: TronWeekly

Lazarus Group Transfers 400 ETH and Launches New Cyber Attacks

The Lazarus Group, linked to North Korea, transferred 400 ETH ($750,000) to Tornado Cash and laundered $2.91 billion through THORChain within the last five days.
The group infected the NPM ecosystem with harmful packages, including 'BeaverTail', to steal credentials and access crypto wallets.
Lazarus Group, known for crypto breaches, has been involved in various cyber attacks, such as the $1.4 billion Bybit attack in February.
The group has scammed crypto founders with fake Zoom calls, posing as investors and infecting devices with malware to target crypto wallets.

Read Full Article

3 Likes

Dev

386

Image Credit: Dev

5 Tricks to Secure your Docker Images

Regularly scan Docker images for vulnerabilities using tools like Docker Scout to catch issues early.
Improve security by using minimal images, reducing unnecessary components and limiting potential vulnerabilities.
Avoid hardcoding credentials in Dockerfiles, use environment variables or secret management tools instead.
Run Docker containers as non-root users to limit the impact of a compromise.

Read Full Article

23 Likes

Discover more

TechCrunch

Image Credit: TechCrunch

Amazon is still hosting stalkerware victims’ data weeks after breach alert

Amazon has not disclosed whether it will take action against three phone surveillance apps, Cocospy, Spyic, and Spyzie, despite being informed by TechCrunch that it was hosting stolen phone data.
A security researcher identified a security bug shared by the three near-identical Android apps, exposing phone data of 3.1 million individuals, many of whom are unaware of the compromise.
TechCrunch notified Amazon of hosting data exfiltrated by the apps, with the storage buckets still active on Amazon Web Services.
Amazon's spokesperson indicated they act swiftly on reports of violations but did not comment on the status of the servers used by the apps.
Despite the notification from TechCrunch, Amazon has not taken action against the storage buckets containing stolen phone data.
TechCrunch found that images uploaded by the stalkerware apps were hosted on Amazon Web Services, demonstrating a breach of privacy.
Amazon's acceptable use policy prohibits spyware and stalkerware operations, yet the company has not addressed the issue with the apps.
Companies like Amazon possess the resources to enforce their policies and prevent malicious use of their services.
TechCrunch investigations into surveillance-related breaches aim to identify victims, expose surveillance operators, and identify platforms used in the operations.
In a recent investigation, TechCrunch discovered Cocospy, Spyic, and Spyzie apps breaching privacy by uploading victims' data to Amazon's cloud servers.

Read Full Article

2 Likes

Tech Radar

373

Image Credit: Tech Radar

The FCC is creating a security council to bolster US defenses against cyberattacks

The Federal Communications Commission (FCC) will establish a security council to protect against cyberattacks, with a focus on combating threats from foreign adversaries, especially the Chinese Communist party.
These attacks aim to disrupt the US infrastructure and weaken critical services.
The council will work towards ensuring the US wins the strategic competition with China in critical technologies like AI, satellites, 5G, and quantum computing, as well as reducing foreign supply chain dependence.
The FCC's move to address cyber threats is part of the US government's effort to consolidate resources from various agencies to tackle growing cybersecurity risks.

Read Full Article

22 Likes

Dataprivacyandsecurityinsider

422

Image Credit: Dataprivacyandsecurityinsider

MS-ISAC Loses Funding and Cooperative Agreement with CIS

The Multi-State Information Sharing and Analysis Center (MS-ISAC) will lose its federal funding and cooperative agreement with the Center for Internet Security.
MS-ISAC is a cybersecurity partner for 17,000 State, Local, Tribal, and Territorial (SLTT) government organizations, providing incident response support, intelligence, advisories, and more.
The dismantling of MS-ISAC is expected to save $10 million, but it may leave state and local governments at increased risk of cyberattacks.
This decision is criticized as a short-sighted strategy that hinders information sharing and preparedness efforts for cyber threats in government entities.

Read Full Article

25 Likes

Siliconangle

341

Image Credit: Siliconangle

Fighting the authenticity war: How AI is transforming brand protection

AI-driven platform, Flora, developed by Focus IP Inc. (Tracer), is helping brands transform their brand protection strategies.
The platform uses computer vision, synthetic data, and natural language processing to fight against online fraud and cybercriminals.
Flora can detect fraudulent websites, track suspicious paid advertising campaigns, and identify counterfeit products by analyzing vast amounts of online activity.
By reducing the time a fraudulent website remains active by 80%, Tracer's AI technology offers better protection for both brands and consumers.

Read Full Article

20 Likes

Tech Radar

139

Image Credit: Tech Radar

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign

Microsoft has warned of a new variant of the XCSSET malware for macOS, which has seen limited attacks in the wild.
The upgraded malware has enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies.
XCSSET is an infostealer capable of stealing digital wallet data, extracting system information, and collecting data from the Notes app.
To protect against this malware, users are advised to inspect and verify Xcode projects and only install apps from trusted sources.

Read Full Article

8 Likes

Hackernoon

197

Image Credit: Hackernoon

INE Security Alert: Using AI-Driven Cybersecurity Training To Counter Emerging Threats

INE Security is launching a new initiative to help organizations rethink cybersecurity training and workforce development in response to the surge of AI-powered cyber threats.
While AI offers advantages in cyber defense, proper training is essential to leverage it effectively without overreliance on automation, as highlighted by Dara Warn, CEO of INE Security.
AI-driven security tools are enhancing SOC efficiency by reducing false positive alerts and prioritizing critical threats for analysts.
The impact of generative AI in the cybersecurity workforce raises concerns regarding professionals' dependence on AI outputs and the necessity for critical-thinking skills.
Data privacy risks related to AI, specifically large language models, require organizations to prioritize privacy-first security architectures in AI-powered security solutions.
Agentic AI architectures offer potential for autonomous threat investigation and real-time defense adjustments, but caution is advised to not replace human expertise and decision-making.
INE Security aims to expand its AI-driven training programs focusing on threat analysis, machine learning for defense, generative AI, and hands-on AI security labs.
Companies are urged to train cybersecurity teams on AI tools, prioritize AI-powered solutions enhancing human expertise, and implement privacy-first AI models to mitigate data exposure risks.
INE Security emphasizes the importance of preparing for AI-driven threats through investing in security training, developing talent, and understanding AI's impact on the field.
INE Security is a leading provider of online networking and cybersecurity training, offering hands-on lab platforms, cutting-edge technology, and a range of learning paths for IT professionals worldwide.

Read Full Article

11 Likes

Pymnts

373

Image Credit: Pymnts

Blackwall Raises $49 Million to Battle AI-Powered Bots

Estonia-based cybersecurity firm Blackwall raised 45 million euros (about $49 million) in new funding.
The financing round will let Blackwall double its headcount and expand into the United States and Asia-Pacific markets.
Blackwall's flagship product 'GateKeeper' defends against AI-powered bots, helping hosting service providers and managed service providers protect their hosted websites.
Fraud is on the rise, and the funding will enable Blackwall to provide effective and cost-efficient solutions to combat automated attacks.

Read Full Article

22 Likes

TechCrunch

323

Image Credit: TechCrunch

Apple’s Lockdown Mode is good for security — but its notifications are baffling

Apple's Lockdown Mode, a security feature, is highly recommended for individuals at risk from government hackers.
Lockdown Mode removes certain features to enhance protection from sophisticated spyware and zero-day attacks.
While effective at blocking advanced hacks, Lockdown Mode's operations remain opaque to users.
Notifications from Lockdown Mode, although intended to enhance security, have become confusing and unexplained.
Users have reported receiving notifications about blocked contacts without understanding the reason behind the blocks.
Some users have expressed confusion about the purpose and actions of Lockdown Mode notifications.
Tapping on Lockdown Mode notifications does not provide any further explanation or guidance to users.
Experts suggest that Apple should provide more context or eliminate these unhelpful notifications altogether.
Experiments revealed that Lockdown Mode blocks notifications are visible only to the recipient and not the sender.
Apple did not provide clear explanations regarding the purpose of Lockdown Mode notifications when queried.

Read Full Article

19 Likes

Tech Radar

374

Image Credit: Tech Radar

Biometrics add another layer of security to passwordless authentication

Okta's Business At Work 2025 report reveals the growing adoption of passwordless authentication in Europe.
France leads in the usage of Okta's FastPass authentication solution, followed by Israel, Germany, South Korea, and Canada.
Half of the businesses in Germany enforce biometric authentication for enhanced security.
Okta reports a significant increase in Okta FastPass and biometric authentications in the last year.

Read Full Article

22 Likes

Socprime

Image Credit: Socprime

Medusa Ransomware Detection: The FBI, CISA & Partners Warn of Increasing Attacks by Ransomware Developers and Affiliates Against Critical Infrastructure

Ransomware recovery costs have surged to $2.73 million in 2024, marking a 500% increase from 2023.
The FBI, CISA, and MS-ISAC issued a joint advisory on Medusa ransomware, affecting 300+ victims in critical infrastructure.
Medusa ransomware differs from MedusaLocker and Medusa mobile malware.
Recent AA25-071A advisory underscores evolving ransomware threats targeting organizations of all sizes.
SOC Prime Platform offers rule collections for detecting Medusa ransomware TTPs early and effectively.
Detection rules are MITRE ATT&CK mapped, enriched with threat intel, and compatible with various security solutions.
Organizations can utilize Uncoder AI for quick IOC hunting based on the Medusa ransomware advisory.
Medusa ransomware actors use double extortion, exploit vulnerabilities, and employ various tools for network infiltration.
Detection evasion tactics include obfuscation methods, PowerShell history deletion, and disabling EDR solutions.
Security measures against Medusa ransomware include secure backups, strong passwords, patching, and cyber hygiene practices.

Read Full Article

3 Likes

Securityaffairs

184

Image Credit: Securityaffairs

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

North Korea-linked APT group ScarCruft has been using a new Android spyware called KoSpy to target Korean and English-speaking users.
KoSpy has been observed masquerading as utility apps like Phone Manager and File Manager, and has been distributed through the Google Play Store and Firebase Firestore.
The spyware collects SMS, calls, location, files, audio, and screenshots through plugins, and communicates with its C2 servers for further exploitation.
Researchers have found connections between KoSpy, APT37, and APT43, suggesting broader cyber-espionage operations targeting Korean users.

Read Full Article

11 Likes

For uninterrupted reading, download the app