Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Dev

145

Image Credit: Dev

🔐 Understanding SAML, OAuth 2.0 and OpenID Connect

SAML 2.0 is an authentication and authorization protocol for Single Sign-On (SSO) primarily in enterprises, using XML-based security assertions.
OAuth 2.0 grants limited access to resources without exposing user credentials, commonly used for API access and delegated permissions.
OpenID Connect (OIDC) is an authentication protocol on top of OAuth 2.0, providing ID Tokens for verifying user identities in a secure way.
Identity Provider (IdP) authenticates users, while Service Provider (SP) is the application users want to access post-authentication.
SAML 2.0 enables Single Sign-On in an enterprise setting, using a VIP pass analogy for employees accessing rides in an amusement park.
OAuth 2.0 allows delegated access, likened to borrowing a friend's car, focusing on authorization rather than authentication.
OpenID Connect combines authentication and authorization, offering a digital ID with photo verification, suited for modern apps.
SAML is ideal for enterprise SSO, OAuth 2.0 for third-party API access, and OIDC for social login and modern web apps.
Understanding these protocols is vital for secure interactions, with OIDC being more lightweight and suited for contemporary applications.
SAML, while widely used in enterprises, is being replaced by OIDC due to its flexibility and compatibility with modern apps.

Read Full Article

8 Likes

BGR

Image Credit: BGR

Hackers are now using AI to break AI – and it’s working

Hackers are using artificial intelligence to attack AI models using a technique called Fun-Tuning.
Fun-Tuning makes prompt injection attacks more effective and achieved up to 82% success rates on Google's Gemini models.
These attacks exploit subtle clues in the fine-tuning process to increase the chances of successful prompt injections.
Defending against these attacks is challenging and removing key data from training would make the tool less useful for developers.

Read Full Article

2 Likes

TechBullion

230

Image Credit: TechBullion

AI-Driven Threat Detection: The Next Frontier in Cybersecurity

AI-driven threat detection is revolutionizing cybersecurity by leveraging machine learning, behavioral analytics, and automated response mechanisms.
Traditional rule-based systems are being replaced by AI-powered solutions that analyze vast amounts of data in real time, reducing time to detection.
Multi-tiered machine learning architectures, including supervised and unsupervised models, enhance threat detection accuracy and identify complex attack scenarios.
AI-driven response systems automatically contain threats, employ adaptive defense mechanisms, and reduce the burden on security teams.

Read Full Article

13 Likes

Gizchina

186

Image Credit: Gizchina

Hackers Steal Data and Blackmail U.S. Hospitals in Oracle Breach

Hackers breached Oracle's servers, stole sensitive patient data, and blackmailed several US medical institutions.
The breach highlights security concerns in the healthcare sector and the need for improved security protocols for patient records.
Oracle notified affected firms and authorities are investigating the ransom demands.
The incident emphasizes the importance of collaboration between healthcare and technology companies to protect patient data and privacy.

Read Full Article

11 Likes

Discover more

Dev

117

Image Credit: Dev

FB Marketplace Phishing Website Analysis

A Facebook Marketplace phishing scam was recently encountered, using a phishing website to steal user credentials.
Phishing attacks target individuals through emails, messages, or social media platforms, tricking them into revealing their credentials.
The analyzed phishing website used PHP for its backend and attempted to make the login process feel more legitimate with a loading overlay.
Phishers often use cheap shared hosting services to avoid high hosting costs and credit card cancellations.

Read Full Article

7 Likes

Insider

113

Image Credit: Insider

Okta's CEO tells us his thoughts on the Signal group chat snafu

Okta CEO Todd McKinnon believes that the Signal military group chat mishap is a usability issue, not a cybersecurity problem.
McKinnon suggests that Signal could improve its features to prevent accidental contact additions, such as displaying more than just initials as contact icons.
He emphasizes that usability challenges can undermine encrypted messaging platforms and lead to mistakes when sending messages quickly.
McKinnon also highlights the importance of securing the endpoints (devices) on which messaging apps are used, as they contribute to overall security.

Read Full Article

6 Likes

Wired

198

Image Credit: Wired

Top Trump Officials’ Passwords and Personal Phone Numbers Discovered Online

After senior Trump administration members mistakenly included The Atlantic editor Jeffrey Goldberg in a secret group chat about bombing Houthi targets in Yemen, encrypted messaging app Signal found itself at the center of a storm this week.
The incident labeled 'SignalGate' highlighted errors in handling sensitive information rather than flaws in the Signal app's security. Signal actually experienced a surge in US downloads following the news.
Amidst revelations from the Houthi group chat, national security adviser Mike Waltz left his Venmo account accessible to the public, exposing his connections, which could pose risks from foreign spies and hackers.
Der Spiegel reported that sensitive personal information of top Trump administration security officials, including passwords, phone numbers, and email addresses, was easily accessible online, potentially compromising their security.
The earthquake in Myanmar revealed how internet restrictions under the military junta hindered the dissemination of information about the disaster, hampering recovery and humanitarian efforts.
Alleged Snowflake hacker Connor Moucka agreed to be extradited to the US to face charges related to a massive data exfiltration incident involving the cloud storage company.
London is set to deploy its first permanent face recognition cameras, raising concerns among privacy advocates about the expansion of surveillance in the city.
Increased use of face recognition technology by UK police forces and the permanent installation of such cameras in London spark debates over privacy and potential widespread surveillance.
The handling of sensitive information and the risks posed by online exposure are key themes in recent security incidents involving high-level officials and technology.
Cybersecurity threats, privacy concerns, and the impact of surveillance technologies feature prominently in the evolving landscape of digital security.

Read Full Article

11 Likes

Medium

279

Image Credit: Medium

The Dark Truth About Instagram: Why You Need to Make Your Account Hacking-Proof

Being a content creator on Instagram comes with the risk of having your account hacked, and recovery is difficult.
To make your Instagram account hacking-proof, using an Authenticator App for 2FA is recommended.
Additionally, it is essential to avoid logging into Instagram from unofficial apps or sketchy websites
Regular security checkups, using unique and complex passwords, and being cautious of phishing emails are also important preventive measures.

Read Full Article

16 Likes

Hackernoon

263

Image Credit: Hackernoon

SquareX Discloses Browser-Native Ransomware That Puts Millions At Risk

SquareX has disclosed the emergence of browser-native ransomware, which poses a significant threat to enterprises.
Unlike traditional ransomware, browser-native ransomware does not require file downloads, making it undetectable by endpoint security solutions.
This type of attack targets the victim's digital identity, exploiting the shift towards cloud-based storage and browser-based authentication.
Browser-native ransomware can potentially gain access to enterprise-wide resources, posing a higher risk than traditional ransomware.

Read Full Article

15 Likes

Cybersecurity-Insiders

369

Image Credit: Cybersecurity-Insiders

PCI DSS 4.0.1 and Non-Human Identity Management: What You Need to Know

PCI DSS 4.0.1 introduces stricter security requirements around Non-Human Identities (NHIs), such as service accounts and roles, emphasizing their critical role in modern IT environments.
New requirements focus on least privilege, identity and authentication policies, deactivating unused accounts, managing shared IDs, revoking access for terminated users, interactive login capabilities, and credential rotation based on risk.
Attacks targeting NHIs have increased, leading to a need for dedicated focus on securing NHIs to mitigate cybersecurity threats.
Service accounts are common targets for attackers due to weak authentication, resulting in significant security risks for organizations.
PCI DSS 4.0.1 highlights the importance of stringent controls to address vulnerabilities related to NHIs and service accounts, stressing secure authentication practices.
Organizations are advised to assign ownership, automate access management, enforce authentication best practices, monitor anomalies, secure application credentials, review access rights regularly, and rotate secrets to ensure compliance.
Compliance with PCI DSS 4.0.1 requires proactive steps like mapping NHIs, automating access management, enforcing authentication practices, and regularly reviewing and rotating credentials.
Ensuring compliance with evolving standards and enhancing security posture are crucial for organizations in preparation for PCI DSS 4.0.1 requirements.
Adopting an NHI management solution can assist organizations in navigating the new requirements and ensuring compliance with PCI DSS 4.0.1.

Read Full Article

22 Likes

Cybersecurity-Insiders

215

Image Credit: Cybersecurity-Insiders

Personal Data Exposure: The Silent Cybersecurity Threat That You Need to Address

Personal data exposure poses a significant cybersecurity threat due to potential unauthorized access to stored information on websites.
Exposed data can be shared across platforms or accessed by data brokers, leading to privacy risks and unauthorized third-party access.
The risks of data exposure include identity theft, financial fraud, cyberattacks, and phishing attempts.
Protecting personal data from exposure is crucial but can be challenging due to low awareness, long-term effort, repopulation of data, and far-sighted consequences.
Minimizing data exposure involves steps like scanning for old accounts, adjusting privacy settings, using a VPN, managing passwords, utilizing data removal services, and being cautious of deceptive websites.
Even top cybersecurity companies like Microsoft face challenges in addressing personal data exposure.
Data exposure consequences may not be immediate, making it a hidden yet major cybersecurity threat.
Proactive protection and keeping personal information private are essential to mitigate risks associated with personal data exposure.
Understanding the risks of data exposure and taking preventative measures are key to safeguarding personal data in the digital age.
Overall, personal data exposure is a critical issue that demands attention to ensure online privacy and security.

Read Full Article

12 Likes

Pymnts

370

Image Credit: Pymnts

Google Suspends Account of Advertiser That Distributed Malware

Google suspended the account of an advertiser that distributed malware through sponsored Google ads.
The ads pretended to offer access to DeepSeek but actually delivered malware.
Google detected the malware campaign and suspended the advertiser's account.
This incident is part of a series of cyberthreats reported in recent months.

Read Full Article

22 Likes

Idownloadblog

329

Image Credit: Idownloadblog

Technical analysis by Verichains confirms sandbox escape use by certain banking apps to detect TrollStore, jailbreak apps

Certain banking apps in the Apple App Store are using 0-day sandbox escape technique to detect unfavorable apps on users' devices.
Finance security firm Verichains conducted an analysis and identified at least two banking apps using this technique: BIDV SmartBanking and Agribank.
The apps are exploiting a private iOS API to check for the presence of certain apps, including popular package manager apps, jailbreak apps, and TrollStore.
Using private APIs without user consent violates Apple's guidelines and risks app removal from the App Store.

Read Full Article

19 Likes

Lastwatchdog

264

News alert: SquareX discloses nasty browser-native ransomware that’s undetectable by antivirus

SquareX has disclosed a new type of ransomware that is browser-native and undetectable by antivirus software.
Traditional ransomware attacks target the victim's device, but with the shift towards cloud-based storage and browser-based authentication, browser-native ransomware attacks exploit the victim's digital identity.
This type of ransomware does not require file downloads and uses AI agents to automate the attack sequence, making it highly effective with minimal social engineering.
Enterprises need to reconsider their browser security strategy and adopt browser-native solutions to combat the next generation of ransomware attacks.

Read Full Article

15 Likes

Securityaffairs

289

Image Credit: Securityaffairs

Crooks are reviving the Grandoreiro banking trojan

Crooks are reviving the Grandoreiro banking trojan.
Grandoreiro is a modular backdoor with various capabilities including keylogging, command execution, and web-injects.
The trojan has been active since 2016 and initially targeted Brazil but expanded to Mexico, Portugal, and Spain.
The recent phishing campaigns use VPS hosting, obfuscation, and malicious ZIP files to evade detection and steal credentials.

Read Full Article

17 Likes

For uninterrupted reading, download the app