menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Cybersecurity-Insiders

3d

read

111

img
dot

Image Credit: Cybersecurity-Insiders

How to identify hackers sitting in a computer network

  • Cybersecurity threats like advanced persistent threats (APTs) involve hackers gaining access to a computer network and remaining undetected.
  • To identify hackers in a network, monitor unusual network traffic for spikes, odd activity times, and communication with unknown IPs.
  • Look for abnormal user behavior like logins at odd times, accessing restricted files, or multiple failed login attempts.
  • Check for new or unauthorized accounts, administrative changes, and increased privileged account activity.
  • Examine unexpected software installations, like backdoors or RATs, through unknown processes or file changes.
  • Watch for system slowdowns, high resource usage, or disk activity indicating malicious activities.
  • Investigate disabled security alerts, altered logs, or configuration files as signs of tampering by hackers.
  • Perform vulnerability scanning to identify outdated software, unpatched flaws, or misconfigured systems.
  • Utilize threat intelligence feeds and collaborate with industry peers to stay ahead of cyber threats and hacker tactics.
  • Vigilant monitoring, audits, and proactive security measures are crucial in detecting hackers within a network and preventing significant damage.

Read Full Article

like

6 Likes

share

1 Share

source image

Cryptonews

3d

read

389

img
dot

Crypto Wealth Spurs Demand for Bodyguards Amid Rising Kidnapping Threats

  • A failed kidnapping attempt in Paris targeting a crypto executive’s family has raised concerns over physical threats to crypto holders.
  • Private security firms are experiencing increased demand from crypto investors seeking protection services, including bodyguards.
  • Firms like Circle and Robinhood are allocating millions annually for executive protection, recognizing personal security as crucial amid growing wealth exposure in the crypto industry.
  • The rise in demand for private security follows incidents like the kidnapping attempt on a French crypto executive’s family and concerns over data leaks that have put wealthy holders at risk.

Read Full Article

like

23 Likes

share

5 Shares

source image

Cybersecurity-Insiders

3d

read

39

img
dot

Image Credit: Cybersecurity-Insiders

Scam Messages and emails increase exponentially after M & S Cyber Attack

  • A cyberattack on Marks and Spencer compromised personal data of nearly 9.4 million customers, exploiting a vulnerability created by human error.
  • Hackers accessed sensitive information including order histories, dates of birth, and partial payment card details, but not complete card data.
  • M&S reassured customers that full payment card details were not accessed due to limited data storage, with potential impact on online ordering.
  • Increase in scam messages and emails reported by customers following the cyberattack, urging vigilance against potential spam campaigns using stolen information.

Read Full Article

like

2 Likes

share

Share

source image

Cybersecurity-Insiders

3d

read

167

img
dot

Image Credit: Cybersecurity-Insiders

Experts React: Coinbase Discloses Breach, Faces Up to $400 Million in Losses

  • Coinbase, a major cryptocurrency exchange, has revealed a significant data breach exposing sensitive customer information, with attackers demanding a $20 million ransom.
  • The breach could result in losses up to $400 million, considering regulatory fines, legal actions, and customer compensation, prompting an internal investigation by Coinbase and cooperation with law enforcement.
  • Implications of the breach include risks for crypto users facing identity theft and phishing attacks, potential stock price volatility for investors, regulatory scrutiny, cybersecurity upgrades for Coinbase, and brand damage impacting revenue growth.
  • Experts highlighted the growing challenge of protecting customer data in digital ecosystems, emphasizing the need for robust cybersecurity measures to safeguard sensitive information.

Read Full Article

like

10 Likes

share

2 Shares

source image

Dev

3d

read

139

img
dot

Image Credit: Dev

Effortless Token Refresh in React Using Axios Interceptors

  • Token rotation is a method to automatically refresh expired access tokens using a refresh token, providing a seamless user experience and enhanced security.
  • Axios interceptors enable the implementation of token rotation in a React app by automatically fetching a new token when the access token expires without users noticing.
  • The step-by-step example demonstrates how to handle token expiration and rotation using Axios interceptors in a React app, ensuring users stay logged in securely.
  • Different token storage options like Local Storage, Session Storage, and HttpOnly Cookies are compared in terms of security and persistence, helping developers choose the most suitable option for their projects.

Read Full Article

like

8 Likes

share

1 Share

source image

Cybersecurity-Insiders

3d

read

19

img
dot

Image Credit: Cybersecurity-Insiders

Mitigating Insider Threats and Zombie Accounts Amid Workforce and Contract Changes

  • The recent Twitter data leak of 2.8 billion users' personal information highlights insider threats due to disgruntled employees retaining access to sensitive systems.
  • Proper identity hygiene is crucial, with dormant 'zombie' accounts posing risks as a common attack vector for cybercriminals, as highlighted in the Verizon Data Breach Investigations Report 2024.
  • Mitigating risks includes promptly revoking access for departing employees and implementing identity governance automation solutions to minimize errors and reduce deprovisioning time.
  • Maintaining a risk-aware mindset is essential, as insider threats can lead to compliance liabilities and severe consequences, emphasizing the importance of managing cybersecurity risks effectively.

Read Full Article

like

1 Like

share

Share

source image

Medium

3d

read

128

img
dot

Image Credit: Medium

Securing AI with Zero-Knowledge Proofs: How ExpandZK Enables Trustless Data Authentication

  • ExpandZK is an infrastructure platform using zero-knowledge proofs to enable trustless data authentication for AI and Web3.
  • AI agents in Expand's architecture generate cryptographic proofs without accessing or transmitting raw data, providing verifiable claims without exposing sensitive information.
  • The system uses efficient ZK circuits coded in high-level languages to validate statements like credit score thresholds, ensuring secure access to AI-driven services while maintaining privacy.
  • ExpandZK's low cost and high efficiency make it ideal for real-time AI decisions, offering developers an SDK to embed ZK proof functionality and connect to decentralized oracle networks.

Read Full Article

like

7 Likes

share

1 Share

source image

Medium

3d

read

227

img
dot

Image Credit: Medium

Why I Don’t Share Photos of My Daughters Online: A Father’s Perspective from the Inside

  • A father shares his perspective on why he doesn't share photos of his daughters online.
  • He emphasizes that he is protective of his daughters and chooses not to expose them to potential online dangers.
  • The father highlights concerns about how easily images of children can be misused or digitally altered.
  • He prioritizes his daughters' safety and privacy by opting for a private, unrecorded childhood for them.

Read Full Article

like

13 Likes

share

3 Shares

source image

Pymnts

3d

read

11

img
dot

Image Credit: Pymnts

UK Investment Association Warns of Rise in ‘Cloning Scams’

  • The Investment Association in the UK has issued a warning about the increase in 'cloning scams', where criminals set up fake versions of legitimate websites or accounts to deceive people into giving them money.
  • In the last year, there were 478 incidents of investment management firms being impersonated by fraudsters, resulting in consumers losing £2.7 million ($3.5 million), with 23% of attempts being successful.
  • Consumers are urged to be vigilant against these scams, with the rise of artificial intelligence making them more sophisticated and harder to detect.
  • The IA report also highlighted other types of fraud, including card fraud and account takeover scams, emphasizing the need for caution when transferring money and sharing personal information.

Read Full Article

like

Like

share

Share

source image

Medium

3d

read

7

img
dot

Image Credit: Medium

We’re just trying to keep our privacy, not trying to be cool!

  • Minimizing the data collected by online services is crucial to protecting our privacy as they may end up knowing more about us than we do.
  • Failure to protect our privacy can lead to identity theft, financial loss, spam emails, unwanted calls, and phishing scams.
  • Constant tracking of our location data without clear consent can lead to safety risks and threats to freedom and autonomy, making privacy protection essential in the digital age.
  • Different levels of anonymity exist in online services, ranging from basic authentication to no collection of personal information, emphasizing the importance of privacy tools and techniques.

Read Full Article

like

Like

share

Share

source image

TechCrunch

3d

read

115

img
dot

Image Credit: TechCrunch

Crypto elite increasingly worried about their personal safety

  • Cryptocurrency executives and investors are increasingly concerned about their personal safety, as reported by Wall Street Journal and Bloomberg.
  • The rise in value of Bitcoin has led to a growing threat of violent abduction targeting individuals with significant wealth from crypto holdings.
  • Security experts are observing an increase in inquiries and demands for proactive security measures from crypto investors, emphasizing the importance of intelligent security measures at this level of business.
  • Coinbase disclosed spending $6.2 million on personal security costs for its CEO in the previous year, surpassing the combined security expenses for CEOs of major companies like JP Morgan, Goldman Sachs, and Nvidia.

Read Full Article

like

6 Likes

share

1 Share

source image

Medium

3d

read

253

img
dot

Image Credit: Medium

The Great Hack: How Your Data Was Stolen and What to Do About It

  • In the digital age, personal data is being stolen, exploited, and sold, leading to data breaches, targeted ads, and privacy scandals.
  • Companies like Cambridge Analytica accessed personal data through quiz apps, not by hacking into servers, exposing users and their friends to data misuse.
  • Many other companies are engaging in similar practices of collecting and using personal data to influence individuals, not just for selling products but also for shaping opinions.
  • It is crucial for individuals to be aware of how their data is being used and take measures to protect their privacy in the digital realm.

Read Full Article

like

15 Likes

share

3 Shares

source image

Semiengineering

3d

read

235

img
dot

Image Credit: Semiengineering

Cache Side-Channel Attacks On LLMs (MITRE, WPI)

  • Researchers from MITRE and Worcester Polytechnic Institute published a paper on exploiting CPU cache side-channels to leak tokens from Large Language Models (LLMs).
  • The paper, titled 'Spill The Beans,' introduces a novel method to use cache side-channels to extract tokens generated by LLMs by detecting cache hits on shared lower-level caches.
  • Challenges include the large size of LLMs leading to quick eviction of embedding vectors from the cache, managed by balancing monitored tokens against potential leakage. The study demonstrates the feasibility of leaking tokens from LLMs via cache side-channels, highlighting vulnerabilities and suggesting implications for privacy and security.
  • Proof of concept experiments show recovery rates of 80%-90% for high entropy API keys and 40% for English text with single shot monitoring. Rates are dependent on the token set monitored and can be improved with specialization.

Read Full Article

like

14 Likes

share

3 Shares

source image

Pymnts

3d

read

196

img
dot

Image Credit: Pymnts

Binance and Kraken Reportedly Fend Off Social Engineering Hack

  • Binance and Kraken were reportedly targeted in a social engineering cyberattack along with Coinbase.
  • Both Binance and Kraken successfully repelled the attacks without compromising customer data.
  • Recently, crypto firms have experienced a rise in attacks as the value of digital assets like bitcoin has increased.
  • Social engineering fraud has increased by 56% in the past year, with fraudsters using advanced tactics to target consumers.

Read Full Article

like

11 Likes

share

2 Shares

source image

Medium

3d

read

0

img
dot

Image Credit: Medium

Why That ‘Free Charging Station’ at the Airport Could Cost You Everything

  • Jake falls for the trap of 'juice jacking' at an airport charging station while waiting for his delayed flight with a dying phone battery.
  • Hackers use public USB ports for 'juice jacking' to install malware or extract data from connected devices.
  • Jake ends up losing $8,000 due to falling victim to the free charging station scam.
  • To avoid falling prey to such scams, it is recommended to use personal charging devices or portable power banks instead of public USB ports.

Read Full Article

like

Like

share

Share

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app