Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Securityaffairs

168

Image Credit: Securityaffairs

China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane

China-linked APT Gelsemium has deployed a new Linux backdoor called WolfsBane in attacks targeting East and Southeast Asia.
The backdoor WolfsBane is a Linux version of Gelsevirine, a Windows backdoor previously used by Gelsemium APT.
The shift to targeting Linux reflects APT groups adapting to enhanced Windows defenses and focusing on vulnerabilities in internet-facing Linux systems.
The initial access method used by Gelsemium APT is still unclear, but researchers believe web application vulnerabilities were exploited.

Read Full Article

10 Likes

Wired

331

Image Credit: Wired

Andrew Tate’s ‘Educational Platform’ Was Hacked

Hackers have breached an online “educational platform” founded by Andrew Tate, the 'king of toxic masculinity,' reportedly revealing the email addresses of hundreds of thousands of users as well as private chat servers.
Hacktivists announced their breach of the platform on Thursday and the data from the hack was published by the transparency nonprofit Distributed Denial of Secrets.
Chinese government hackers have infiltrated into more than a dozen US telecommunications companies in what a senior senator is calling the worst telecom breach in American history.
Leaked documents reveal that GrayKey, a phone-hacking tool used by law enforcement can, at the moment, only partially access information from modern iPhones running iOS 18.0 and 18.0.1.
European authorities are investigating suspected sabotage to two undersea fiber-optic cables, one linking Finland and Germany, and the other connecting Sweden and Lithuania.
US companies legally collecting digital ad data are enabling adversaries to cheaply track American military and intelligence personnel.
Meta has disclosed its efforts to combat the forced-labor compounds driving the surge in pig butchering scams on its platforms by collaborating with global law enforcement, tech industry partners, and external experts.
SpyCloud shared findings about publicly accessible black market services offering low-cost access to sensitive information on Chinese citizens, including phone numbers, banking details, hotel and flight records, and even real-time location data.
Cybersecurity firm Volexity uncovered that a Russian hacking group has reportedly developed a novel Wi-Fi-hacking technique that involves taking control of a nearby laptop and using it as a bridge to infiltrate a targeted Wi-Fi network.
The US is calling out foreign influence campaigns faster than they ever have—but there’s plenty of room for improvement.

Read Full Article

19 Likes

Medium

308

Image Credit: Medium

By mastering these areas, future embedded developers will be equipped to handle the complexity and…

Embedded Systems Fundamentals: This area covers understanding microcontroller and microprocessor architecture, handling interrupts and real-time systems, and memory management.
Programming Languages: Mastering C and C++ for low-level programming, Python for automation and scripting, and Assembly Language for optimizing performance.
Hardware Knowledge: Gain knowledge in digital and analog electronics, sensors and actuators, and communication protocols such as UART, SPI, I2C, CAN, and Ethernet.
Real-Time Operating Systems (RTOS): Learn about RTOS basics, popular RTOS like FreeRTOS and CMSIS RTOS, and their usage in embedded systems.
Low-Level Hardware Interaction: Acquire skills in GPIO usage and control, as well as Pulse Width Modulation (PWM) for analog control.
Embedded Linux (for more advanced systems): Understand Linux kernel and driver development, and creating custom Linux distributions with Yocto and Buildroot.
Debugging and Testing: Gain familiarity with debugging tools like JTAG and oscilloscopes, and learn automated testing frameworks for system reliability.
Power Management: Understand energy-efficient design and power consumption optimization techniques for battery-powered or portable devices.
Security in Embedded Systems: Learn about cryptography, secure communication protocols, firmware security techniques to protect IoT devices from unauthorized access.
IoT (Internet of Things): Acquire knowledge of IoT protocols like MQTT, CoAP, and HTTP, and learn about cloud integration with platforms like AWS IoT and Google Cloud IoT.

Read Full Article

18 Likes

Medium

Image Credit: Medium

NordVPN Complete Review: Your Cyber Guardian

Nord VPN Complete acts as a sherpa in the digital world.
This robust security veil ensures that your data is invisible to those prying eyes.
It is easy to use, which will suit both tech wizards and technology beginners.
NordPass is your reliable digital butler that manages, syncs, and secures your login credentials.
The Data Breach Scanner and Dark Web Monitor offer unmatched, real-world utility.
NordLocker encrypts and stores your files, whether they are mundane documents or precious photo collections.
NordVPN Complete offers peace of mind and a glimpse into a world no longer shrouded in security risks.
Seamless protection extends across platforms — from PC, Mac to mobile.
This product suite enables a realm where inhibition gives way to inquisitive expansion.
Your digital journey is devoid of paranoia with NordVPN Complete.

Read Full Article

1 Like

Discover more

Securityaffairs

190

Image Credit: Securityaffairs

Microsoft seized 240 sites used by the ONNX phishing service

Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation.
Microsoft identified Abanoub Nady as the man behind the ONNX phishing service who developed and sold phishing kits.
Phishing heavily targets financial services and Microsoft observed a 146% increase in Adversary-in-the-Middle attacks.
Through a civil court order, Microsoft has redirected the malicious technical infrastructure, permanently stopping the use of these domains for phishing attacks.

Read Full Article

11 Likes

Tech Radar

272

Image Credit: Tech Radar

Beware of Black Friday frenzy – UK issues an "urgent alert" as shopping scams surge

The UK's cybersecurity and law enforcement have issued an "urgent alert" as online shopping scams surge during Black Friday.
Brits lost over £11.5 million in online shopping scams between November 2023 and January 2024, with an average loss of £695 per victim.
43% of the reported incidents came from social media platforms, highlighting the need for caution when encountering offers online.
To protect against fraud, experts recommend being vigilant, using credit cards instead of bank transfers, setting up 2-step verification, and checking for indicators of fake websites and deals.

Read Full Article

16 Likes

Medium

131

Image Credit: Medium

How to Catch a Cheater Using Spy Apps

Spy applications are checking instruments intended to follow different exercises on a cell phone or PC, permitting clients to get to call logs, instant messages, online entertainment movement, GPS areas, and in any event, perusing history.
While these instruments can give bits of knowledge into somebody’s activities, it is urgent to move toward this strategy with alert because of moral and legitimate contemplations.
Choosing a solid and proficient covert operative application is pivotal for accomplishing exact outcomes, and compatibility, highlights, stealth mode, and client care should all be thought of.
Most government agent applications require actual admittance to the objective gadget to introduce the product.
Subsequent to setting up the application, you can screen different parts of the objective individual’s telephone use.
If the government agent application uncovers dubious way of behaving, break down the discoveries cautiously prior to rushing to make judgment calls.
Utilizing spy applications to screen somebody’s telephone without their assent is a legitimate and moral hazy situation, so before utilizing spy applications, counsel neighborhood regulations to stay away from expected legitimate difficulty.
Legitimate and Moral Considerations: Keeping an eye on your accomplice can disintegrate trust further and may harm your relationship destroyed.
Rather than depending on spy applications, consider tending to your interests straightforwardly through open correspondence.
Spy applications can give bits of knowledge into an accomplice’s activities, yet their utilization accompanies huge legitimate and moral dangers.

Read Full Article

7 Likes

Medium

368

Image Credit: Medium

BugBounty — Mastering the Basics (along with Resources)[Part-5]

Choosing the right target is important for Bug Bounty Hunting.
Reconnaissance and thorough review of domain history and links are key.
Testing specific functionalities and searching for low-hanging fruits is recommended.
Useful resources: Twitter: https://twitter.com/i_amsphinx, LinkedIn: https://www.linkedin.com/in/pathakabhi24/, GitHub: https://github.com/pathakabhi24

Read Full Article

22 Likes

Medium

445

Image Credit: Medium

The Hidden Cost of AI Convenience: Navigating the Privacy Paradox in 2024

The use of AI systems comes at a cost: personal data for convenience.
This trade-off has implications beyond data collection, affecting all aspects of our digital lives.
The privacy paradox is exemplified by targeted ads based on private discussions with AI assistants.
Research reveals that individuals generate 1.7 megabytes of data per second while using AI applications.

Read Full Article

26 Likes

Medium

103

introduction to cybersecurity

Cybersecurity is a critical component of modern life, protecting digital assets from cyber threats.
The historical context of cybersecurity can be traced back to the 1970s, with cyberattacks becoming more sophisticated over time.
Cybersecurity provides not only protection but also fosters innovation and ensures trust, business continuity, and privacy.
Key concepts of cybersecurity include threats, vulnerabilities, attacks, malware, and data security.

Read Full Article

6 Likes

Startupnation

313

Image Credit: Startupnation

Why Digital Identity Management is Critical for Brand Growth

Digital identity management is a set of technologies and processes that allow for the secure sharing of user information and personal data online with companies and organizations.
It ensures that user information is only collected by those with the required permissions and allows enterprises to verify user/device identities and secure them.
Digital identity management might involve approving user credentials via usernames and passwords or granting access to online materials based on IP address, device authentication, visitor tracking etc.
Digital identity management ensures that user experiences are smooth and it streamlines the payment and purchasing process, which is essential for brand growth.
You can also use the data gathered via digital identities to improve customer journeys and user experiences and therefore improve loyalty and sales over time.
Data protection is paramount to improving your brand credentials and reputation.
Digital identity management cuts costs by streamlining processes through a centralized automation and governance process.
Identity management systems connect every part of your organization digitally. It allows for easy access from anywhere, users just need their IDs and passwords, and to follow any required security or authentication steps.
Putting digital identity management systems in place strengthens the overall compliance of your company when it comes to privacy and data safety.
Digital identity management creates a framework of security that can expand as you scale your business.

Read Full Article

18 Likes

Medium

386

Image Credit: Medium

Online Sale For Top-rated VPN

NordVPN offers a comprehensive solution for your online security needs that excels in security, speed, and reliability.
With NordVPN, you'll have an added layer of security that encrypts your online movements making it harder for hackers or cybercriminals to intercept your data.
NordVPN offers fast connection speeds without compromising security and shields your online activities from weak points like public Wi-Fi networks where your data can be easily intercepted.
NordVPN provides universal compatibility with up to 10 devices connected securely simultaneously making it easy for you to stay safe and protected on all devices wherever you go.
NordVPN offers additional features like safe browsing, a premium password manager, and encryption of your files for added security.
Investing in NordVPN's limited Black Friday deal will provide you with a safer, more private online experience at an unbeatable price of 70% off and three additional months for free.

Read Full Article

23 Likes

Siliconangle

145

Image Credit: Siliconangle

Aviatrix boosts security posture for AI workflows in partnership with Microsoft

Aviatrix Systems Inc. is partnering with Microsoft to enhance the security posture for AI workflows.
Microsoft Azure is changing its structure, requiring companies to choose their internet access.
Aviatrix offers a security solution, including integration with Microsoft Security Copilot for threat hunting.
Aviatrix also introduces Aviatrix Platform-as-a-Service, providing advanced capabilities at the same operational overhead.

Read Full Article

8 Likes

Siliconangle

390

Image Credit: Siliconangle

Microsoft and Hitachi Vantara team up for full stack hybrid cloud solution

Hitachi Vantara and Microsoft collaborate to create an AI-ready full stack platform leveraging Azure for delivering a hybrid cloud solution.
The partnership between the two companies launched Hitachi Unified Compute Platform for Azure Stack HCI, delivering enhanced cloud management across multiple environments.
Hitachi Vantara provides an underlying data fabric, storage capability, and compute for AI workloads, and has partnered with Hitachi Solutions, a Microsoft services company.
Hitachi Vantara plans to make its software-defined storage on Azure generally available, allowing customers to migrate mission-critical applications to the cloud while maintaining data security.

Read Full Article

23 Likes

Tech Radar

431

Image Credit: Tech Radar

Pro-Russian hacker group targets critical infrastructure and public services

Pro-Russian hacker group NoName057 continues DDoS attacks against Taiwanese targets.
Multiple sectors and critical infrastructure were hit by the attacks.
No significant disruption was noted, and many services were restored.
NoName057 has a history of launching cyber-attacks against governments and enterprises.

Read Full Article

25 Likes

For uninterrupted reading, download the app