menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Tech Radar

1M

read

63

img
dot

Image Credit: Tech Radar

Sean Plankey selected as CISA director by President Trump

  • President Trump has announced Sean Plankey as his pick for the Cybersecurity and Infrastructure Security Agency (CISA) Director.
  • Prior to the 2024 election, Plankey predicted a second Trump presidency would bring "more pointed measures at [our] adversaries."
  • Plankey has previous experience as Principle Deputy Assistant Secretary for the Office of Cybersecurity, Energy, Security, and Emergency Response (CESER).
  • CISA was created by President Trump in 2018 to protect government agencies and US infrastructure from cyberattacks and digital threats.

Read Full Article

like

3 Likes

share

Share

source image

The Fintech Times

1M

read

99

img
dot

Feedzai Unveils New AI Fraud Prevention Agent Turning Customers Into Active Defenders Against Scams

  • Feedzai has launched a new generative AI-powered fraud prevention agent called ScamAlert.
  • ScamAlert aims to turn customers into active defenders against scams by offering real-time alerts and actionable advice.
  • The AI agent helps users identify and avoid scams, preventing them from validating fraudulent transactions.
  • ScamAlert provides a two-pronged approach by serving as a tool for customer education and reinforcing the scam prevention message.

Read Full Article

like

5 Likes

share

1 Share

source image

Mcafee

1M

read

387

img
dot

Image Credit: Mcafee

Watch Out For IRS Scams and Avoid Identity Theft

  • Tax season is a prime time for scammers to exploit personal and financial data during the gathering of tax documents.
  • Scams like impersonation schemes, robocalls, and phishing emails impersonating the IRS can lead to identity theft and financial loss.
  • Hackers may use tactics like posing as IRS collectors or tax preparers to trick victims into providing sensitive information or money.
  • Victims of canceled social security number scams are often scared into transferring assets to scammers' accounts through robocalls.
  • Email scams impersonating the IRS lead victims to fake sites to collect personal data or infect computers with malware.
  • Scammers posing as CPAs may manipulate tax returns to qualify for unearned credits, potentially leading to audits or financial penalties for victims.
  • Consumers should file taxes promptly, monitor their credit and identity, beware of phishing attempts, and watch out for spoofed websites to protect themselves.
  • Using a VPN, being cautious with scam messages, cleaning up personal info online, and considering identity theft protection can further enhance security.
  • Being vigilant during tax season and following these tips can help individuals safeguard their personal and financial information against cybercriminals.

Read Full Article

like

23 Likes

share

5 Shares

source image

VentureBeat

1M

read

126

img
dot

Image Credit: VentureBeat

Anthropic’s stealth enterprise coup: How Claude 3.7 is becoming the coding agent of choice

  • Anthropic has strategically focused on enterprise coding with its Claude AI models, outperforming competitors like OpenAI and Google in coding benchmarks.
  • Claude 3.7 Sonnet set new records for coding performance with its recent release, while Claude Code aids developers in faster application development.
  • Anthropic's deliberate coding focus caters to the growing need for AI coding agents in building applications efficiently for both developers and non-coders.
  • Claude's success in coding tasks has been verified by the developer community, positioning it as a preferred choice for coding applications.
  • Anthropic's strategy to target the enterprise market with specialized coding capabilities, rather than general consumers, has driven its success.
  • Feedback from real-world testing indicates Anthropic's Claude models outshine competitors on coding tasks, particularly in writing code efficiently.
  • Anthropic's revenue projections hint at substantial growth driven by coding applications, showcasing its commitment to coding capabilities for enterprises.
  • Competitors like Microsoft's GitHub Copilot and Meta's Llama models offer alternatives, but Anthropic's coding focus and enterprise features set it apart.
  • Anthropic's democratization of coding through AI agents like Cursor, and its open standards approach with Model Context Protocol, fosters developer adoption.
  • The AI coding agent landscape is evolving rapidly, offering opportunities and challenges for enterprise decision-makers to leverage these tools effectively.
  • Anthropic's Claude models are spearheading the AI coding agent revolution, transforming how applications are built and empowering developers to focus on innovation.

Read Full Article

like

7 Likes

share

1 Share

source image

Medium

1M

read

243

img
dot

Image Credit: Medium

All About Cookies: The Sweetest Web Trackers

  • Cookies are small text files that websites store in your browser to hold information about your login status, preferences, and tracking data.
  • There are different types of cookies, including session cookies, persistent cookies, first-party vs. third-party cookies, and secure cookies & HttpOnly cookies.
  • Cookies can be manipulated, stolen, or abused, posing risks such as tracking and privacy concerns, session hijacking, cross-site scripting (XSS), and cross-site request forgery (CSRF).
  • To take control of your cookies, it is advised to block third-party cookies, use HTTPS websites, avoid logging into sensitive accounts on public Wi-Fi, and be cautious of suspicious links.

Read Full Article

like

14 Likes

share

3 Shares

source image

VentureBeat

1M

read

9

img
dot

Image Credit: VentureBeat

AI vs. AI: 6 ways enterprises are automating cybersecurity to counter AI-powered attacks

  • AI is becoming essential for cybersecurity to combat AI-powered attacks, which are rapidly evolving in speed and sophistication.
  • Malicious actors are leveraging generative AI to launch attacks at machine speed, prompting organizations to prioritize preemptive measures with predictive analysis.
  • The rise of weaponized AI and malware-as-a-service (MaaS) is accelerating automated cybercrime, with MaaS comprising 57% of all cyberattacks.
  • Attackers are moving faster, utilizing new techniques that legacy systems struggle to detect, indicating the need for adaptive defenses like AI-driven strategies.
  • Various enterprises, such as Rate Companies, are implementing AI for threat modeling, zero-trust security, and automated response to enhance cyber resilience.
  • Enhancing threat detection with self-learning AI, shifting from reactive to proactive defense, and automating phishing defenses are crucial in combating adversarial AI.
  • AI-driven incident response plays a vital role in containing threats efficiently, with organizations like Rate Companies following a 1-10-60 SOC model for rapid intrusion detection and containment.
  • Continuous hardening of attack surfaces using AI, detecting and mitigating insider threats with behavioral analytics, and enhancing visibility are key strategies employed by organizations.
  • Implementing human-in-the-loop AI is essential for long-term cybersecurity success, as it augments human expertise rather than replacing it.
  • AI in cybersecurity must collaborate with human teams to amplify defenders and make faster, smarter security decisions to keep up with the shrinking breakout times.

Read Full Article

like

Like

share

Share

source image

Cybersecurity-Insiders

1M

read

419

img
dot

Image Credit: Cybersecurity-Insiders

Data Breach stories of Bank of America and Jaguar Land Rover

  • Jaguar Land Rover (JLR) facing a data breach after sensitive documents were leaked on BreachForums.
  • Leaked data includes future vehicle source codes, customer information, and development logs.
  • Jaguar Land Rover taking necessary precautions to address the breach and will notify affected customers.
  • Bank of America (BoA) experienced a data breach due to the mishandling of sensitive paper records by a third-party vendor.

Read Full Article

like

25 Likes

share

5 Shares

source image

Tech Radar

1M

read

441

img
dot

Image Credit: Tech Radar

Allstate sued for exposing personal customer information in plaintext

  • Allstate, the US insurance giant, is being sued by New York's Attorney General for allegedly losing sensitive customer data and not notifying the victims.
  • The lawsuit claims that Allstate's lax security practices resulted in two data breaches, one in 2020 and one in 2021, which were not reported until the filing of the lawsuit.
  • The first breach impacted 12,000 individuals, and the second breach affected an additional 187,000 customers after Allstate acquired National General in January 2021.
  • New York's Attorney General seeks civil fines of $5,000 per violation, plus other remedies, while Allstate denies any wrongdoing and states they promptly addressed the incidents.

Read Full Article

like

26 Likes

share

6 Shares

source image

Secureerpinc

1M

read

193

img
dot

SVG Files: A New Gateway for Phishing Attacks

  • Hackers are now using SVG files, a type of image file, for phishing attacks to trick people into sharing their Office 365 login credentials.
  • SVG files, commonly used for logos and illustrations, are built using XML text instructions, which can be exploited by cybercriminals.
  • In SVG phishing attacks, a malicious code runs in the background when the file is opened in a web browser, leading to a fake Office 365 login page and credential theft.
  • To protect against SVG malware and phishing attempts, it is important to train employees about the threat, change how SVG files open, and strengthen email security.

Read Full Article

like

11 Likes

share

2 Shares

source image

Dev

1M

read

279

img
dot

Image Credit: Dev

TryHackMe: Web Application Pentesting Review

  • The TryHackMe Web Application Penetration Tester path offers a structured, hands-on learning experience for web application security and ethical hacking.
  • Key tools and techniques learned include BurpSuite and GoBuster, along with useful websites for reconnaissance and vulnerability research.
  • This learning path is suitable for beginners wanting to specialize in web security, bug bounty hunters, security professionals, and developers interested in secure coding.
  • The course covers various topics like Cookies & JWT tokens, SSTI, XXE attacks, SSRF, and more, with detailed explanations and practical examples.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechCrunch

1M

read

90

img
dot

Image Credit: TechCrunch

FTC says Americans lost $12.5B to scams last year — social media, AI, and crypto didn’t help

  • FTC reported that Americans lost $12.5 billion to scams in 2024.
  • Social media was the most common way people were contacted by scammers.
  • Impostor scams, creating a sense of urgency, were the most common type of scams.
  • Traditional bank transfers and cryptocurrency payments were the most common methods of losing money to scams.

Read Full Article

like

5 Likes

share

1 Share

source image

TechCrunch

1M

read

441

img
dot

Image Credit: TechCrunch

Trump nominates Sean Plankey as new CISA director 

  • President Donald Trump nominated Sean Plankey as the new director of the Cybersecurity and Infrastructure Security Agency (CISA).
  • Plankey has several years of experience working for the U.S. government, including roles at U.S. Cyber Command, U.S. Coast Guard, and U.S. Navy.
  • He also worked in the previous Trump administration as a director for cyber policy on the White House's National Security Council and later at the Department of Energy.
  • Plankey's nomination will be voted on by the Senate, with no date provided yet.

Read Full Article

like

26 Likes

share

6 Shares

source image

Tech Radar

1M

read

338

img
dot

Image Credit: Tech Radar

A new SMS energy scam is using Elon Musk’s face to steal your money

  • A malicious SMS campaign has been discovered by Bitdefender, targeting Americans seeking to save on energy bills.
  • Scammers send SMS texts advertising an 'innovative' energy saving device, using the victim's real name and urging them to follow a link.
  • The link leads to a fake news article featuring a photo and testimonial from Elon Musk, promising up to 90% savings on electricity bills.
  • The campaign is a social engineering attack aiming to trick victims and steal their personal information.

Read Full Article

like

20 Likes

share

4 Shares

source image

Tech Radar

1M

read

311

img
dot

Image Credit: Tech Radar

Nation-state threats are targeting UK AI research

  • The Alan Turing Institute has issued a report calling for urgent action to protect the UK's AI research ecosystem.
  • Higher education institutions in the UK are frequently targeted by nation-state threat actors seeking to steal intellectual property and exploit the 'dual-use' nature of AI technology.
  • The report emphasizes the need for a cultural change to prioritize risk awareness and security practices, as well as filling the AI skills gap and providing research security training.
  • Academia and the government must strike the right balance between academic freedom and protecting the vital asset of AI research.

Read Full Article

like

18 Likes

share

4 Shares

source image

Tech Radar

1M

read

428

img
dot

Image Credit: Tech Radar

Google bug bounty payments hit nearly $12 million in 2024

  • Google reveals it paid out $11.8 million in bug bounties in 2024 to 660 security researchers.
  • Highest payout in 2024 was $110,000, with a total payout of $65 million since 2010.
  • Chrome researchers and vulnerabilities in Android and other Google Devices accounted for half of the payouts.
  • Google's VRP program will celebrate its 15-year milestone in 2025.

Read Full Article

like

25 Likes

share

6 Shares

Prev

120
121
122
123
124
125
126
127
128
129
130

Next

For uninterrupted reading, download the app