menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Securityaffairs

1M

read

231

img
dot

Image Credit: Securityaffairs

Marlboro-Chesterfield Pathology data breach impacted 235,911 individuals

  • SafePay ransomware attacked Marlboro-Chesterfield Pathology, compromising personal data of 235,000 individuals.
  • The breach occurred on January 16, 2025, leading to the unauthorized access of internal systems.
  • Stolen information included names, addresses, birth dates, medical treatment details, and health insurance data.
  • Marlboro-Chesterfield Pathology notified the US Department of Health and Human Services about the breach affecting 235,911 people.

Read Full Article

like

13 Likes

share

3 Shares

source image

Medium

1M

read

245

img
dot

Image Credit: Medium

How are the feeds of Facebook, YouTube, and Instagram tailored to the user?

  • Social media apps like Facebook, Twitter, and YouTube tailor feeds based on algorithms sorting posts by relevancy instead of publish time.
  • This customization includes prioritizing posts from close friends and family, and recommending videos based on past viewing history.
  • While the use of algorithms in social media feeds generally enhances user experience, it's crucial to be cautious about online sharing as everything posted is permanent.
  • Users can adjust settings on platforms like Facebook, YouTube, Twitter, and Instagram to control the content they see and mitigate the influence of algorithms.

Read Full Article

like

14 Likes

share

3 Shares

source image

Medium

1M

read

49

img
dot

Image Credit: Medium

What Online Games are Safe for My Child?

  • It is essential to be cautious about allowing children to play online games due to potential exposure to inappropriate content.
  • Minecraft is a recommended cross-platform game that is both educational and entertaining for children, promoting creativity, problem-solving, and teamwork.
  • Websites like PBS Kids, National Geographic Kids, and FunBrain offer safe and engaging online games for kids, catering to different age groups with educational content.
  • These websites provide various activities that help children learn about subjects like animals, geography, and more, in a secure online environment.

Read Full Article

like

3 Likes

share

Share

source image

Tech Radar

1M

read

50

img
dot

Image Credit: Tech Radar

TikTok fans beware - experts warn dangerous malware spread by AI fake videos

  • Hackers are using AI-generated videos on TikTok to trick users into downloading infostealing malware, as warned by cybersecurity researchers Trend Micro.
  • The videos demonstrate fake methods to activate premium features in software like Windows, Microsoft Office, Spotify, and CapCut, spreading malicious scripts through PowerShell commands.
  • The malware campaign leverages TikTok's algorithm to increase visibility, with one video reaching half a million views, promoting the deployment of Vidar and StealC infostealers.
  • Unlike past methods where malware links were shared in descriptions, this campaign delivers malware through videos, bypassing traditional security measures and posing a significant threat to users.

Read Full Article

like

3 Likes

share

Share

source image

Secureerpinc

1M

read

281

img
dot

Image Credit: Secureerpinc

HTML Attachments: A Hidden Cybersecurity Threat

  • Cybercriminals are increasingly using HTML attachments as a backdoor for hacking into company emails.
  • A study by Barracuda found that 23% of HTML attachments contain actively malicious content, making them a significant cybersecurity threat.
  • To safeguard businesses from deceptive HTML documents, it is crucial to train employees to recognize phishing signs, implement strict access controls, and invest in email scanning and protection systems.
  • Having a cyber-savvy workplace, creating strict access controls, and investing in email scanning tools are essential strategies to protect businesses from the rising threat of HTML attachment cyberattacks.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechCrunch

1M

read

190

img
dot

Image Credit: TechCrunch

Vote for the sessions you want to see at TechCrunch Disrupt 2025

  • TechCrunch Disrupt 2025 received an overwhelming response for speaker applications, with 20 finalists selected for breakout and roundtable sessions.
  • Audience Choice voting for the top sessions is open until May 30, with 5 breakout and 5 roundtable sessions to be chosen.
  • Notable breakout session topics include M&A tips for founders, AI for startups, and leading a Series A round.
  • Roundtable sessions cover subjects such as space economy, scaling search and AI, and addressing challenges in AI applications.

Read Full Article

like

11 Likes

share

2 Shares

source image

Tech Radar

1M

read

168

img
dot

Image Credit: Tech Radar

Commvault attack may put SaaS companies across the world at risk, CISA warns

  • CISA warns about the recent breach at Commvault that could potentially put many Software-as-a-Service (SaaS) providers at risk.
  • State-sponsored attackers are abusing a zero-day vulnerability in Commvault Web Server to target SaaS companies, as confirmed by Commvault and Microsoft.
  • CISA advises Commvault's customers to patch their systems and follow mitigations to minimize the risk of unauthorized access to client environments.
  • A large-scale campaign targeting various SaaS companies' cloud applications with default configurations and elevated permissions is currently ongoing, according to CISA.

Read Full Article

like

10 Likes

share

2 Shares

source image

Tech Radar

1M

read

140

img
dot

Image Credit: Tech Radar

NPM users warned dozens of malicious packages aim to steal host and network data

  • 60 malicious NPM packages identified by cybersecurity researchers Socket stealing sensitive user data and relaying it to attackers with post-install scripts.
  • The malicious packages did not deliver additional malware, escalate privileges, or have persistence mechanisms.
  • The attack involved typosquatting with package names similar to legitimate ones, targeting CI/CD pipelines before being removed after roughly 3,000 downloads.
  • Users advised to remove downloaded malicious packages, run system scans, rotate key credentials, and activate 2FA; separate campaign distributing eight packages capable of causing serious harm also discovered on NPM.

Read Full Article

like

8 Likes

share

1 Share

source image

Securityaffairs

1M

read

301

img
dot

Image Credit: Securityaffairs

China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure

  • China-linked APT group exploits two Ivanti EPMM flaws, CVE-2025-4427 and CVE-2025-4428, to target organizations in Europe, North America, and Asia-Pacific.
  • The flaws include an authentication bypass and a remote code execution vulnerability, allowing attackers to access protected resources and execute arbitrary code.
  • Ivanti has released updates addressing the vulnerabilities after threat actors actively exploited them to achieve remote code execution without authentication.
  • The attacks are linked to China-linked group UNC5221, which targeted critical sectors and used techniques like Java Reflection and KrustyLoader malware for espionage campaigns.

Read Full Article

like

18 Likes

share

4 Shares

source image

TronWeekly

1M

read

127

img
dot

Image Credit: TronWeekly

Industry Leaders Challenge SEC Cyber Risk Management Disclosure Rule

  • Leading U.S. financial associations petition the SEC to revise cybersecurity incident disclosure rules.
  • They argue that premature disclosure mandates are harmful and counterproductive.
  • The coalition suggests that existing disclosure frameworks already offer investor protection without increasing systemic risk.
  • The petition asserts that transparency during ongoing incident investigations poses challenges and cybersecurity risks.

Read Full Article

like

7 Likes

share

1 Share

source image

Dev

1M

read

127

img
dot

Image Credit: Dev

A Comprehensive Guide to Application Security: Types, Benefits, Tools and Techniques

  • Application security is vital in today's interconnected landscape, focusing on identifying and fixing vulnerabilities to prevent unauthorized access.
  • It spans from development to deployment and includes securing all layers of the application stack.
  • Implementing security measures early in the software development lifecycle is crucial, starting from design and development phases.
  • Prioritizing strong authentication and deploying security infrastructure like firewalls are essential practices.
  • Protecting sensitive data, maintaining business continuity, and adhering to regulatory requirements are key benefits of application security.
  • Neglecting application security can lead to unauthorized data access, financial losses, reputational damage, and operational disruptions.
  • Common application security threats include injection attacks, broken authentication, security misconfiguration, and sensitive data exposure.
  • Testing techniques like SAST, DAST, and IAST help identify vulnerabilities, while tools like Fortify Static Code Analyzer and Acunetix aid in securing applications.
  • Best practices for application security include threat modeling, secure coding, regular security testing, and incident response planning.
  • Building a Secure Development Lifecycle (SDL) integrates security at every stage of the software development process for enhanced security.
  • Future trends in application security include cloud security, DevSecOps, AI, machine learning, and a growing focus on API security.

Read Full Article

like

7 Likes

share

1 Share

source image

Wired

1M

read

345

img
dot

Image Credit: Wired

A Starter Guide to Protecting Your Data From Hackers and Corporations

  • Digital privacy and security are crucial in today's world, given the powerful digital surveillance capabilities of governments and hackers.
  • Using multifactor authentication for online accounts is a key step to enhance security, making it harder for hackers to access accounts.
  • Recommendations include using privacy-friendly browsers, search engines, and password managers, with unique passwords for each service.
  • Prioritize small steps to improve privacy gradually, such as switching to privacy-focused browsers and search engines like Brave, Firefox, and DuckDuckGo.
  • ProtonVPN, based in Switzerland, is a recommended non-US-based VPN that offers strong privacy features, including a free version.
  • For online accounts, consider having a dedicated email address for important accounts and using burner emails for less critical services.
  • When crossing borders, be mindful of the data on your devices, consider using a travel phone with minimal sensitive information, and take precautions against potential scrutiny.
  • Exercise caution with smart devices like Alexa due to privacy implications, and review and adjust privacy settings for enhanced security.
  • Awareness of sharing personal data with AI companies is crucial, as data collection for AI can raise privacy concerns and expose individuals to surveillance.
  • Privacy is a fundamental human right, and individuals should have the freedom to act without constant surveillance or tracking, even if they claim to have 'nothing to hide.'

Read Full Article

like

20 Likes

share

4 Shares

source image

SiliconCanals

1M

read

295

img
dot

Image Credit: SiliconCanals

Paris-based Memority raises €13M to help companies protect digital identities and fight cyberattacks: Know more

  • Paris-based Memority has raised €13M in its first Series A financing round to support its expansion in Europe in Identity and Access Management.
  • The investment was led by Tikehau Capital via Brienne, its private equity strategy dedicated to cybersecurity, showcasing the increasing importance of cybersecurity for organisations.
  • Memority aims to change identity and access management for the cloud era with its Identity Factory SaaS platform offering IDaaS, IGA, CIAM, SSO, Federation, and MFA services, creating a centralised system for identity and access management.
  • The capital raised will be utilized to accelerate the development of Memority's technology plan, expand the sales team, and increase the company's presence across Europe to meet the growing demand for improved cybersecurity solutions.

Read Full Article

like

17 Likes

share

4 Shares

source image

Global Fintech Series

1M

read

277

img
dot

Image Credit: Global Fintech Series

Blockchain Is Revolutionizing Cross-Border Payments for Enterprises

  • Cross-border payments play a crucial role in international commerce, but are often complex and costly for businesses due to multiple factors such as currency conversion and regulatory compliance.
  • The cross-border payments market is projected to reach $290 trillion by 2030, prompting the adoption of blockchain-based solutions by enterprises to streamline global money movement.
  • Blockchain technology offers faster, cheaper, and more transparent payment options through its decentralized nature and near-instant settlement capabilities.
  • Blockchain redefines cross-border payments by enabling direct transactions between parties, reducing operational costs, and accelerating settlement times to seconds.
  • Permissioned decentralized finance (DeFi) models could lower transaction costs by up to 80% compared to conventional methods, enhancing efficiency in cross-border transactions.
  • Major organizations like Visa, Shopify, and PayPal are leveraging blockchain and stablecoins to facilitate cross-border transactions, signaling mainstream acceptance of these technologies.
  • Different types of blockchain solutions, including public, private, consortium, and hybrid blockchains, address various challenges in cross-border payments with distinct features and benefits.
  • Blockchain enhances security, data integrity, cost efficiency, rapid settlements, transparency, and auditability in cross-border transactions, reshaping the future of payment systems.
  • The adoption of blockchain technology in cross-border payments is gaining momentum, with financial institutions, FinTechs, and central banks exploring its scalability and operational advantages.
  • Central banks are increasingly considering launching central bank digital currencies (CBDCs) within the next five years, underscoring the confidence in blockchain's role in modernizing cross-border transactions.

Read Full Article

like

16 Likes

share

3 Shares

source image

Tech Radar

1M

read

272

img
dot

Image Credit: Tech Radar

M&S hack may have been caused by security issues at Indian IT giant Tata Consultancy Services

  • Marks & Spencer suffered a cyber incident in April 2025 due to a ransomware attack, leading to operational disruptions and loss of customer data.
  • Tata Consultancy Services (TCS) is investigating if the cyberattack on Marks & Spencer originated from its network, with reports linking the attack to Scattered Spider.
  • TCS, a part of the Tata Group conglomerate, has faced cyber incidents in the past, making it a target for cybercriminals targeting UK retailers and other organizations.
  • Scattered Spider, the group behind the attack, operates within a larger hacking community and is involved in ransomware attacks on various industries, including retail and technology.

Read Full Article

like

16 Likes

share

3 Shares

Prev

120
121
122
123
124
125
126
127
128
129
130

Next

For uninterrupted reading, download the app