A naukri.com initiative
Cyber Security News
TechCrunch
1M
244
Image Credit: TechCrunch
Major UK, US stores face ongoing disruption after ransomware attack hits supply chain giant Blue Yonder
- A ransomware attack on Blue Yonder, a major supply chain software provider, is causing disruptions to operations at major U.S. and U.K. stores and retailers.
- Blue Yonder experienced disruptions to its managed services hosted environment due to a ransomware incident.
- The company is working to recover from the attack, but there is no timeline for restoration.
- Some supermarkets and retailers have confirmed disruption, while others like Tesco and DHL Supply Chain remain unaffected.
Read Full Article
14 Likes
Securityintelligence
1M
176
Image Credit: Securityintelligence
83% of organizations reported insider attacks in 2024
- 83% of organizations reported at least one insider attack in the last year, and businesses need to recognize the dangers that can originate from inside their digital ecosystems while implementing effective threat management strategies.
- Various factors are contributing to this increase including the increased use of remote and hybrid working models and next-generation technologies in complicated IT environments.
- The full scope of the financial repercussions of insider threats isn’t always recognized. For organizations that dealt with insider threats in the last year, the average cost to fully recover ranged from $100,000 to over $2 million.
- Implementing effective best practices like investing in advanced monitoring solutions, incorporating non-IT data sources, and creating a security-conscious culture may help minimize exposure to insider threats.
- Other essential strategies include automating threat detection and response, adopting a zero trust security model, continuous employee training for a security-conscious culture, and regular security audits and assessments with clearly outlined incident response plans in place.
- As insider threats continue to escalate, it’s critical for organizations to take active steps to prevent them.
- Cybersecurity Insiders’ recent 2024 report reviewed 413 IT and cybersecurity professionals to better understand where and how insider threats impact their organizations.
- Even employees who unknowingly contribute to an insider threat must become aware of the risks and become an active participant in preventing insider threats from happening.
- Inadequate security measures, lack of employee training and awareness, and weak enforcement policies have contributed to the rise in insider threat incidents.
- It’s critical to continuously educate staff on insider threats and teach them how to identify and report suspicious activities as well as involving company leadership in prioritizing threat management across all departments while leading by example.
Read Full Article
10 Likes
TechCrunch
1M
99
Image Credit: TechCrunch
Cleo Capital launches cybersecurity accelerator to help undo the ‘crushing burden’ of online threats
- Cleo Capital has launched a new cybersecurity accelerator to address the growing threat of online fraud and cybercrime.
- The accelerator is a remote, 12-week program that offers a standard investment of $250,000 for 7% equity.
- The program is open to pre-seed and seed companies globally, with up to ten companies selected to participate.
- Cleo Capital aims to support startups developing innovative solutions for consumer cybersecurity, defense sector, and dev tools and infrastructure.
Read Full Article
5 Likes
Mcafee
1M
194
Image Credit: Mcafee
How to Detect Signs of Identity Theft
- Detecting identity theft is a crucial step to take in ensuring that you don't become a victim.
- Identity thieves can obtain your personal information via data breaches, phishing attacks, malware, and much more.
- Identity theft is on the rise, with reported claims jumping from 650,000 to 1 million between 2019 and 2023.
- Some signs of identity theft include receiving mail for accounts you didn't open, authentication messages for accounts you don't recognize, and unauthorized transactions on your bank or credit card statements.
- If you suspect that you're a victim of identity theft, you need to notify the companies and institutions involved, file a police report, contact the Federal Trade Commission, and place a fraud alert.
- Additionally, if you receive a notice from the IRS about identity theft, you should follow the information provided within the notice and file an identity theft affidavit with the IRS.
- To prevent identity theft, use online protection software, such as McAfee+ Ultimate, which can monitor your credit activity, scan the dark web for breaches, and much more.
- Once identified, it's important to remain calm and organized to build up a case file for restoring your identity.
- Vigilance is the best defense against identity theft, which is why consistent monitoring of your credit reports and accounts is essential.
Read Full Article
11 Likes
Medium
1M
339
Image Credit: Medium
Reliable VPN Services For Sale
- VPN services are vital for ensuring online privacy and security. NordVPN is a top contender known for its advanced security features, user-friendly design, and robust security protocols. It includes a CyberSec feature that blocks malicious websites and ads, ensuring greater protection when browsing. NordVPN supports connections across multiple devices with one subscription, offering versatility for families or households. The VPN ensures seamless HD streaming, fast downloads, and immediate access to websites, removing lag and ensuring excellent performance. The no-logs policy means NordVPN does not track or collect browsing activity, safeguarding user privacy. Additionally, the Kill Switch feature is especially useful for unexpected VPN connection drops. NordVPN also comes with an effective password manager and file encryption services for added security. As a one-stop-shop for all online security needs, NordVPN offers safe browsing, password management, and encrypted sharing under one roof. The VPN service is offering exclusive Black Friday deals, providing up to 70% off and three months extra with every subscription.
- A VPN service creates a secure and encrypted connection over less secure networks for privacy and anonymity. NordVPN thrives with military-grade encryption, requiring even the most powerful supercomputers billions of years to crack. It ensures safety when browsing, checking emails or streaming, guaranteeing confidentiality of activities. NordVPN guarantees utmost performance speed with ultra-fast servers across the globe, ensuring speed and security in one place. Equipping yourself with NordVPN tools allows you to take control of your online experience and explore the vast digital world with confidence. With the holiday season nearing, the VPN service is a perfect gifting option that ensures safe and secure internet access throughout the year. NordVPN's comprehensive suite of digital protections enhances your peace of mind and simplifies worrying about online threats.
Read Full Article
20 Likes
Siliconangle
1M
81
Image Credit: Siliconangle
Aqua Security uncovers massive denial-of-service campaign targeting 35M devices
- Aqua Security's Nautilus research team has uncovered a massive distributed denial-of-service (DDoS) campaign by a threat actor called Matrix.
- Matrix targets vulnerable internet of things (IoT) and enterprise systems, with over 35 million devices targeted globally.
- The campaign uses botnets ranging in size between 350,000 and 1.7 million compromised systems, leveraging Mirai botnet and other tools.
- Matrix monetizes the DDoS campaign through a Telegram-based store, offering attack plans to customers with payments processed in cryptocurrency.
Read Full Article
4 Likes
Siliconangle
1M
149
Image Credit: Siliconangle
Netcraft highlights growing role of AI models in Black Friday fake store scams
- A new report from Netcraft Ltd. highlights the growing role of artificial intelligence large language models in creating fake online stores and content for Black Friday.
- Netcraft's researchers found a 110% increase in fake stores between August and October this year, with many using the Chinese e-commerce platform SHOPYY.
- Large language models are being used to generate convincing content for fake online stores, including product descriptions scraped from legitimate platforms like Amazon.
- These models are also helping cybercriminals rewrite titles and descriptions to avoid detection, scale their operations, and launch large-scale campaigns with minimal human oversight.
Read Full Article
8 Likes
The Fintech Times
1M
280
Northdoor: Cybercriminals Increasingly Using Penetration Testing to Identify Firm’s Vulnerabilities
- Cybercriminals are hiring freelance penetration testers to improve ransomware attacks and identify vulnerabilities.
- Malware writers are recruiting freelance penetration testers to test the effectiveness of their ransomware on virtual systems.
- The business model includes an affiliate program where each affiliate installs and carries out ransomware attacks.
- Organizations should prioritize cybersecurity and consider third-party IT consultancies for expert advice and implementation.
Read Full Article
16 Likes
TechBullion
1M
42
Image Credit: TechBullion
Reinventing Vehicle Security: A Conversation with Alberto Fontela
- Alberto Fontela, founder of Auto Seguro and Iron Glass, created a revolutionary breakthrough in bullet-resistant glass technology that would transform the automotive security industry across Latin America.
- The patented thin laminated bullet-resistant glass technology has made armored vehicles more accessible and practical for everyday use.
- Iron Glass provides better protection while being significantly thinner and more practical for everyday use compared to traditional vehicle armor industry solutions.
- The vehicle security landscape has become increasingly sophisticated over the past three decades.
- Iron Glass is currently developing new reinforced laminated glass solutions that will continue to revolutionize the industry.
- The future of vehicle security lies in creating solutions that are increasingly lightweight, transparent, and effective while maintaining the original design integrity of vehicles.
- Expansion is not only an opportunity for growth but also a chance to demonstrate that their solutions can compete and stand out in one of the world’s most demanding markets, US.
- Alberto advises entrepreneurs to embrace fear, stay curious, be relentless, and never stop questioning the status quo.
Read Full Article
2 Likes
Cybersecurity-Insiders
1M
158
Image Credit: Cybersecurity-Insiders
How Android and iOS Devices Are Affected by Stalkerware
- Stalkerware, a type of malicious software that lets someone secretly track and monitor another person’s device, has become a growing concern for mobile users.
- Stalkerware affects both Android and iOS devices but varies in ways it operates and the methods used to install it.
- Android being an open-source operating system makes it more prone to stalkerware, while iOS offers a more secure environment.
- Stalkerware on Android devices is considered the installation of malicious apps disguised as other system services or by physical access to the device.
- Once installed, stalkerware on Android runs in the background, and it's hard to detect, especially if it’s configured to run invisibly or be disguised as another app.
- Stalkerware on iOS devices can still be installed despite Apple’s strict app review process and controls.
- The real danger of stalkerware lies in its ability to control and manipulate a victim’s life in subtle ways by tracking their every move.
- Regardless of the platform, the best defense against stalkerware is awareness—understanding the risks, regularly reviewing app permissions, and using robust security measures to protect personal information.
Read Full Article
9 Likes
HRKatha
1M
339
Image Credit: HRKatha
Starbucks employees face pay disruptions amid ransomware attack
- Starbucks employees face pay disruptions amid ransomware attack
- Starbucks' system, managed by software provider Blue Yonder, was hit by a ransomware attack, causing disruptions in pay and scheduling.
- Employees are instructed to log their shifts manually while the system remains offline, and discrepancies may arise for subsequent pay periods.
- Paid time off payments are delayed until the system is restored, posing challenges for workers around the holiday season.
Read Full Article
20 Likes
Cybersecurity-Insiders
1M
357
Image Credit: Cybersecurity-Insiders
Starbucks targeted by a ransomware attack
- Starbucks, a major player in the food and beverage industry, was targeted by a ransomware attack causing disruptions in their IT systems.
- The attack primarily affected employee information and did not extend to customer-facing services.
- Speculation has arisen about the involvement of notorious ransomware groups, but no definitive proof has been found yet.
- Starbucks and Blue Yonder, the supply chain software provider, are actively working on investigating and mitigating the effects of the attack.
Read Full Article
21 Likes
Securityaffairs
1M
231
Image Credit: Securityaffairs
The source code of Banshee Stealer leaked online
- The source code of Banshee Stealer, a MacOS Malware-as-a-Service, leaked online.
- Russian hackers promoted BANSHEE Stealer, a macOS malware capable of stealing browser data and crypto wallets.
- BANSHEE Stealer supports evasion techniques, checks for debugging and virtualization, and targets multiple browsers.
- After the source code leak, the operators shut down their operations.
Read Full Article
13 Likes
Securityaffairs
1M
298
Image Credit: Securityaffairs
U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog.
- Array Networks' AG Series and vxAG (versions 9.4.0.481 and earlier) are impacted by a remote code execution vulnerability.
- Attackers can exploit the SSL VPN gateway without authentication by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL.
- CISA has ordered federal agencies to fix this vulnerability by December 16, 2024.
Read Full Article
17 Likes
Pymnts
1M
194
Image Credit: Pymnts
The Great Paper Escape: Transforming Accounts Payable for the Digital Age
- Legacy payments, in the form of paper checks, are costing the business world both operationally and financially.
- Check fraud is an ongoing challenge in the age of digital transactions, exposing vulnerabilities that pose a threat to business continuity.
- Despite this, the majority of companies are yet to transition away from paper checks.
- Digital payments offer a host of benefits, the most significant being enhanced cash flow, reduced operational costs, and stronger buyer-supplier relationships.
- Adopting digital payment solutions can lead to substantial cost savings and improve visibility into a company's cash position.
- Even though digital payments have numerous advantages, some businesses continue to resist them due to a lack of understanding and concerns about increased costs.
- Partnerships with AP automation providers can facilitate the transition to digital payments and improve supplier relationships.
- Finance leaders should evaluate processes, set clear goals, choose the right solutions, educate suppliers, and partner with automation providers for a successful transition.
- Digital payments offer opportunities for businesses to boost revenues, increase customer satisfaction, and meet the demands of a digital-first market.
- The digital transformation of B2B payments is essential, with paper checks representing a strategic liability.
Read Full Article
11 Likes
For uninterrupted reading, download the app