A naukri.com initiative
Cyber Security News
Cybersecurity-Insiders
1M
40
Image Credit: Cybersecurity-Insiders
The Intersection of Cybersecurity and Regulatory Compliance – Preparing for Global Standards
- Businesses are under pressure to enhance cybersecurity defenses amidst increasing cyberattacks, with regulatory compliance becoming crucial for strategic planning.
- Global standards like GDPR, CCPA, ISO 27001, and NIST reshape compliance landscapes with a focus on accountability and risk mitigation.
- Balancing cybersecurity with compliance is complex for multinational firms due to conflicting regulations and evolving threats, necessitating agile strategies.
- Infrastructure plays a pivotal role in compliance, requiring robust measures for cloud, data centers, and physical security like network cabling and encryption.
- Challenges in aligning cybersecurity and compliance include evolving threats, compliance complexity, resource constraints, third-party risks, and usability concerns.
- Best practices involve risk-based approaches, continuous monitoring, employee training, automation of compliance processes, and regular audits for global standards readiness.
- Adopting a proactive approach by integrating global standards with adaptable cybersecurity measures is crucial for organizational resilience and compliance in a dynamic threat landscape.
- Cybersecurity and compliance are interconnected pillars of resilience that require embedding regulatory requirements, agile frameworks, and collaboration for future-proofing operations.
- In a rapidly evolving cyber risk and regulatory environment, proactive alignment with global standards is essential not just strategically but for survival.
Read Full Article
2 Likes
Fintechnews
1M
103
Image Credit: Fintechnews
Visa Sets Up Scam Disruption Team, Blocking US$350 Million in Fraud
- Payments giant Visa has established a specialized Scam Disruption practice to tackle emerging fraud schemes and protect consumers.
- The newly formalized group operates under Visa’s Payment Ecosystem Risk and Control (PERC) division and prevented more than US$350 million in attempted scams in 2024.
- The Visa Scam Disruption (VSD) team employs a three-pronged approach to scam mitigation: scam intelligence, proactive investigations, and detection and disruption.
- Visa collaborates with financial institutions, law enforcement agencies, intelligence firms, and industry working groups to shut down fraudulent operations and strengthen the ecosystem’s ability to detect scams.
Read Full Article
6 Likes
Tech Radar
1M
934
Image Credit: Tech Radar
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
- American citizens lost $12.5 billion to fraud in 2024, a $2.5 billion increase from the previous year.
- Scams originating online accounted for over $3 billion in losses, surpassing traditional scams.
- Investment scams resulted in the highest losses, with a median loss of over $9,000 per person, totaling $5.7 billion.
- While the older generation experienced the worst financial damage, individuals aged 20-29 reported losing money more frequently.
Read Full Article
1 Like
TechCrunch
1M
328
Image Credit: TechCrunch
Tata Technologies’ data leaked by ransomware gang
- A ransomware group called Hunters International has published some of the data it claims to have stolen from Tata Technologies.
- The leaked data includes personal details of employees, purchase orders, and contracts with customers in India and the United States.
- The data set uploaded by the ransomware group totals about 1.4 terabytes in size.
- Tata Technologies, a subsidiary of the Tata Group, provides product engineering and research services to automotive and aerospace companies worldwide.
Read Full Article
19 Likes
Medium
1M
400
Image Credit: Medium
Securing Your Digital Privacy: Best Practices for Protecting Personal Photos
- Our smartphones have become personal archives containing years of memories — from travel adventures to family moments and sometimes sensitive personal images.
- Creating a secure environment for your private photos requires a multi-faceted approach, including utilizing specialized photo vault applications that offer advanced security features.
- The LockPic Hidden Photo Vault is an example of an iOS app that provides multiple layers of authentication and disguise techniques to protect private photos effectively.
- Taking proactive steps to secure personal photos using specialized tools like photo vaults can ensure privacy boundaries are maintained while keeping the photos organized and accessible.
Read Full Article
24 Likes
Medium
1M
337
Image Credit: Medium
Android's New Sensitive Content Scanner: A Blessing or a Breach?
- Android's new sensitive content scanner uses SafetyCore, Google's on-device machine learning system, to analyze images for nudity and sensitive material.
- The scanning process occurs entirely on-device, ensuring that no images are sent to Google's servers.
- While the feature raises privacy concerns, as personal photos are continuously processed on the device, its default enabled status and lack of user choice to opt out may be problematic.
- The service feature was included in a system update, leaving users unaware and without the option to disable it.
Read Full Article
20 Likes
Medium
1M
355
Lucian Nacht: The Shadow Architect of AI and Cybersecurity Investments
- Lucian Nacht, the elusive founder of Black Veil Capital, operates behind the curtain, shaping industries without seeking public recognition.
- Black Veil Capital specializes in stealth investments across artificial intelligence, cybersecurity, and classified defense technologies.
- Lucian Nacht's origins are unknown, with speculation ranging from being born into an elite European financial dynasty to being entirely self-made.
- Nacht's reclusiveness, deliberate avoidance of traditional media, and strategic disappearances add to the mystique surrounding him.
Read Full Article
21 Likes
Securityaffairs
1M
446
Image Credit: Securityaffairs
Apple fixed the third actively exploited zero-day of 2025
- Apple released emergency security updates to address a zero-day vulnerability, CVE-2025-24201, in the WebKit cross-platform web browser engine.
- The vulnerability was exploited in 'extremely sophisticated' cyber attacks, and it is an out-of-bounds write issue.
- The fix was released as a supplementary measure after blocking a similar attack in iOS 17.2.
- Apple addressed the flaw with improved checks, releasing updates for various devices.
Read Full Article
26 Likes
Siliconangle
1M
121
Image Credit: Siliconangle
Sola Security launches with $30M to simplify cybersecurity with AI and no-code tools
- Self-service cybersecurity startup Sola Security Inc. has raised $30 million in funding to develop its AI-powered, no-code cybersecurity platform.
- Sola aims to simplify security management and eliminate complexity, cutting costs, and putting power into the hands of security professionals.
- The company's platform allows businesses to build and deploy security solutions without extensive technical expertise.
- Sola Security's funding round was led by S Capital LP and veteran venture capitalist Mike Moritz.
Read Full Article
7 Likes
Siliconangle
1M
346
Image Credit: Siliconangle
Cybereason raises $120M as Chainguard reportedly eyes $350M round
- Cybereason has closed a $120 million funding round led by SoftBank Group Corp., SoftBank Vision Fund 2, and Liberty Strategic Capital.
- The funding will support the growth of Cybereason's XDR platform, which uses artificial intelligence to detect cyberattacks across various devices and technology assets.
- Cybereason has appointed Manish Narula as its new CEO, succeeding former CEO Eric Gan.
- Chainguard, a cybersecurity startup, is reportedly in talks about a $350 million investment from Kleiner Perkins, following its previous $140 million Series C raise.
Read Full Article
20 Likes
Pymnts
1M
392
Image Credit: Pymnts
Sola Raises $30 Million for ‘Self-Serve’ Cybersecurity Solution
- Sola Security has raised $30 million to develop its AI-powered cybersecurity platform.
- The funding will allow Sola to create a no-code solution for businesses to build security apps without technical expertise.
- Sola Security aims to be part of the 'self-serve revolution' in the cybersecurity industry.
- The company intends to provide customizable and cost-effective security solutions.
Read Full Article
23 Likes
Siliconangle
1M
36
Image Credit: Siliconangle
Assessing the human element: Panelists weigh AI’s role in cybersecurity during HumanX
- Cybersecurity professionals are grappling with the impact of AI and how to protect key systems and assets while keeping humans in the loop.
- The inaugural HumanX conference in Las Vegas focused on the intersection of AI and human insight in cybersecurity.
- Panelists at the conference emphasized the importance of trust in building AI infrastructure and the need for increased compliance and governance in the age of AI.
- While AI adoption in cybersecurity can help alleviate work burdens, organizations also face challenges in creating safe AI models and educating employees about cybersecurity practices.
Read Full Article
2 Likes
Arstechnica
1M
315
Image Credit: Arstechnica
Apple patches 0-day exploited in “extremely sophisticated attack”
- Apple patched a critical zero-day vulnerability in iPhones and iPads.
- The vulnerability is in Webkit, the browser engine for Safari on iOS devices.
- The vulnerability may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- Apple released a supplementary fix for this vulnerability.
Read Full Article
18 Likes
TechBullion
1M
211
Image Credit: TechBullion
The Ultimate Guide to Unlocking Any PDF Without Stress
- PDF files are commonly used, but locked PDFs can be frustrating when they prevent editing, copying, or printing.
- There are two types of document security measures: password protection and limited permissions.
- Methods to unlock PDF files include using online unlocking tools, professional software, desktop programs, and mobile apps.
- Proper legal and ethical conduct should be followed when attempting to unlock PDF files to respect security measures and privacy rules.
Read Full Article
12 Likes
Lastwatchdog
1M
166
News alert: GitGuardian discloses 70% of leaked secrets remain active 2 years — remediation urgent
- GitGuardian's '2025 State of Secrets Sprawl Report' reveals a 25% increase in leaked secrets year-over-year and 23.8 million new credentials on public GitHub in 2024.
- 70% of secrets leaked in 2022 are still active today, posing a significant cybersecurity threat in various organizations.
- A single leaked API key led to the U.S. Treasury Department breach, emphasizing the dangers of exposed credentials.
- Generic secrets like passwords and credentials now account for over half of all detected leaks, making them challenging to identify.
- 35% of private repositories scanned contained plaintext secrets, contradicting the belief that private repos are secure.
- Hardcoded secrets are prevalent in collaboration platforms and container environments, where security controls are typically weaker.
- Non-human identities (NHIs) outnumber human identities in many organizations, lacking proper management and rotation.
- Even organizations using secrets management solutions face vulnerabilities, with a 5.1% secret leakage rate among repositories leveraging secrets managers.
- The report emphasizes the need for comprehensive secrets security, automated discovery, detection, and stronger governance.
- GitGuardian recommends deploying monitoring, centralized detection, semi-automated rotation policies, and clear developer guidelines.
Read Full Article
10 Likes
For uninterrupted reading, download the app