Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Medium

169

Image Credit: Medium

Why Your Passwords Aren’t Safe: 7 Urgent Security Steps You Need Today

Thousands of accounts are breached daily due to weak passwords, reuse across apps, and ignoring basic security habits.
Hackers can crack complex passwords in seconds and steal databases with millions of login details.
Most individuals are unaware of being hacked until it's too late, emphasizing the urgent need for enhanced account security measures.
It's crucial to take immediate steps to secure your accounts, as even commonly perceived 'safe' passwords are vulnerable to hacking threats.

Read Full Article

10 Likes

Secureerpinc

Image Credit: Secureerpinc

Scammers Are Posing as Microsoft and Google

Scammers are increasingly posing as well-known brands like Microsoft, Google, Apple, and Mastercard in sophisticated phishing attacks.
Over 50% of brand-related social engineering attacks impersonated Microsoft, Google, or Apple, with Microsoft being targeted the most at 36%.
Mastercard users, particularly in Japan, have been targeted by fraudulent campaigns that mimic genuine websites to steal financial information.
To defend against branded phishing attacks, it is crucial to strengthen cyber awareness, employ anti-phishing measures like filters and link analyzers, and create incident response and recovery plans.

Read Full Article

4 Likes

Cybersecurity-Insiders

269

The End of VPNs — Part 2: Beyond the Buzz of Zero Trust

Zero Trust is an architectural decision to stop trusting the network, not just a feature, according to Zscaler CSO Deepen Desai.
Zero Trust is not about branding but architecture, focusing on attack surface reduction at Zscaler.
Zero Trust eliminates network presence, making applications unreachable, and aims to reduce the attack surface.
The core principles of Zero Trust, as defined by NIST and implemented by Zscaler, include never trust, always verify, least-privilege access enforcement, and assuming breach.
Zscaler's Zero Trust architecture enforces principles through ZPA, ensuring applications are not directly reachable, users are off the network, and policies are enforced with every connection.
Zscaler advocates a four-stage adoption path to Zero Trust, starting with securing internet egress, replacing VPNs with ZPA, segmenting user-to-application access, and trapping attackers before damage spreads.
Zero Trust is about containment, not prevention, using measures like deception and isolating breaches to prevent lateral movement.
NAC solutions and cloud VPNs are deemed insufficient for implementing Zero Trust due to their limitations in controlling access and making applications invisible.
Besides security benefits, Zero Trust also brings operational advantages by simplifying infrastructure, reducing complexity, and cutting costs related to VPNs.
The shift towards Zero Trust is already happening, with organizations moving away from VPNs and investing in Zero Trust architecture for improved security and control.

Read Full Article

16 Likes

Tech Radar

205

Image Credit: Tech Radar

Leaky location data bug fixed by O2 UK

O2 UK fixed a vulnerability in its VoLTE and Wi-Fi Calling that exposed users' locations and other identifiers.
The bug was present since early 2023 but has now been addressed.
Security researcher Daniel Williams discovered the bug, allowing access to sensitive data such as IMSI, IMEI, and cell location.
Williams reported the issue to O2 UK, who confirmed the fix has been successfully implemented.

Read Full Article

12 Likes

Discover more

TechDigest

205

Image Credit: TechDigest

HSBC boss says cyber attack threat keeps him ‘awake at night’

HSBC UK's head, Ian Stuart, expresses serious concerns about the increasing threat of cyberattacks, labelling it as an issue that keeps him awake at night.
Stuart highlights cybersecurity as a top priority for the banking group, citing the significant costs associated with addressing IT vulnerabilities and recent disruptions faced by retailers like Co-op and Marks & Spencer due to cyberattacks.
HSBC is investing hundreds of millions of pounds to bolster its IT systems and defences in response to the escalating cyber threat. The bank processes 1,000 payments per second and implements 8,000 IT changes weekly.
Other major UK banks have reported a total of 158 IT failures between January 2023 and February 2024, with incidents like Barclays' significant outage at the end of January prompting widespread disruption and potential compensation payments.

Read Full Article

12 Likes

Tech Radar

361

Image Credit: Tech Radar

Hackers are distributing a cracked password manager that steals data, deploys ransomware

A tainted version of the popular password manager KeePass is being distributed by cybercriminals, allowing them to steal data and deploy ransomware.
The malicious KeePass variant includes an infostealer and a Cobalt Strike beacon, enabling attackers to access saved passwords and deploy ransomware through network access.
The cybercriminals behind the attack are associated with an initial access broker group (IAB) known as UNC4696, linked to the ransomware operator Black Basta.
The fake password manager website, hosting the malicious version of KeePass, continues to serve malware to unsuspecting users through an extensive infrastructure.

Read Full Article

21 Likes

Siliconangle

169

Image Credit: Siliconangle

Exabeam and Vectra AI partner to improve threat detection and cloud visibility

Exabeam Inc. and Vectra AI Inc. have partnered to enhance threat detection and simplify security operations by integrating their respective platforms.
This collaboration aims to provide simpler security operations, reduce manual workloads, and strengthen cloud security posture to enable security teams to mitigate threats more effectively.
The integration of Vectra AI with Exabeam's platform allows for centralized visibility, faster threat detection, and improved response across cloud environments, leading to streamlined investigations and enhanced security outcomes.
Key benefits of the partnership include accelerated threat detection, enhanced visibility powered by behavioral analytics, and streamlined security operations through out-of-the-box integration features.

Read Full Article

10 Likes

Securityaffairs

Image Credit: Securityaffairs

China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked APT group UnsolicitedBooker used a new backdoor named MarsSnake to target an international organization in Saudi Arabia.
The group employed spear-phishing emails with fake flight ticket lures to infiltrate systems and has a history of targeting government organizations in Asia, Africa, and the Middle East.
UnsolicitedBooker's arsenal includes backdoors like Chinoxy, DeedRAT, Poison Ivy, and BeRAT, commonly seen in Chinese APT groups, indicating espionage and data theft motives.
The repeated attacks on the Saudi organization in 2023, 2024, and 2025 show a persistent interest from UnsolicitedBooker in the specific target.

Read Full Article

4 Likes

Tech Radar

Image Credit: Tech Radar

Instagram and TikTok accounts are being stolen using malicious PyPI packages

Security researchers found three malicious PyPI packages named “checker-SaGaF”, “steinlurks”, and “sinnercore” designed to steal Instagram and TikTok accounts.
These packages collectively had around 7,000 downloads before being removed from PyPI.
The first two packages validated email addresses with TikTok and Instagram APIs while the third package triggered password reset flows on Instagram accounts.
This incident follows a recent discovery of two malicious PyPI packages targeting cryptocurrency wallets and highlights the ongoing threat of malware on the platform.

Read Full Article

2 Likes

Global Fintech Series

106

Image Credit: Global Fintech Series

Banks Improving Debit Card Management in Online Banking and Adding Security Features While Real-Time Alerts Still Advancing

Bank of America maintains first place in Keynova Group’s Q2 2025 Online Banker Scorecard for its powerful online banking capabilities and customer experience.
Key findings highlight improvements in debit card management and controls, with more banks offering options like tracking transactions and card replacement.
Banks are enhancing consumer-facing security measures, such as multi-factor authentication, security strength indicators, and managing linked apps/websites for improved protection.
Despite progress, real-time alerts for low balances and overdrafts are not widely available in online banking, with only half of the evaluated banks currently offering such features.

Read Full Article

5 Likes

Siliconangle

326

Image Credit: Siliconangle

TrustCloud raises $15M to boost AI and go-to-market for security assurance

TrustCloud Corp. raises $15 million in new funding to boost AI capabilities and go-to-market strategies for security assurance.
TrustCloud offers an AI-native security assurance platform to modernize governance, risk, and compliance operations for hybrid enterprises.
The platform provides first-party risk assessments, continuous risk monitoring, and AI-driven automation for vendor risk assessments.
Notable customers of TrustCloud include Cribl Inc., Corelight Inc., DataRobot Inc., Dolby Laboratories Inc., and ServiceNow Inc.

Read Full Article

19 Likes

Socprime

173

Image Credit: Socprime

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE

Threat actors exploited CVE-2023-22527 in Atlassian Confluence to deploy ELPACO-team ransomware quickly.
Ransomware recovery costs soared to $2.73 million in 2024, emphasizing the need for proactive defenses.
Security professionals can access detection rules on SOC Prime Platform for CVE-2023-22527 exploitation.
Rules on SOC Prime are compatible with various security solutions and mapped to the MITRE ATT&CK® framework.
Uncoder AI, a threat detection engineering tool, is now freely available on SOC Prime to streamline investigations.
CVE-2023-22527 exploitation by ELPACO-team ransomware involved sophisticated attacks on unpatched servers.
Adversaries utilized advanced persistence strategies like deploying multiple backdoors and enabling RDP access.
Attackers demonstrated deliberate actions by waiting 62 hours to deploy ransomware after compromising systems.
Unusual tactics were used, such as creating a local admin account and altering registry settings for RDP access.
Defenders are urged to apply timely patches, monitor system activity, and enhance remote access security against similar attacks.

Read Full Article

10 Likes

Dev

274

Image Credit: Dev

Templates, Automation, and Playbooks: My AWS IR Toolkit is Now Live

A new AWS Incident Response Toolkit has been launched by Javier after refining his incident response process for AWS.
The toolkit includes a printable incident response checklist, an editable playbook, notification flows, a cloud forensics tool matrix, and deployment-ready Terraform + Lambda code for alerting automation.
Javier built the toolkit to help teams and individuals struggling with rebuilding IR processes, unclear communication paths for findings, and lack of automation in triage.
The AWS IR Toolkit can be explored further through the full article provided and downloaded on Gumroad for €9, with future updates included. Feedback and suggestions for improvements are welcomed for the toolkit.

Read Full Article

16 Likes

Dbi-Services

Different types of Oracle wallets

An Oracle wallet is used to store certificates for Listeners with https protocol or as an encrypted password store for Oracle logins.
It is an encrypted, password-protected PKCS#12 container file that can be accessed with openssl tools.
Storing credentials in an Oracle wallet is a proprietary extension from Oracle.
Different types of Oracle wallets include normal, auto_login, auto_login_local, and auto_login_only.
Auto_login wallets allow for non-interactive logins without a password prompt.
The auto_login_only wallet does not have a PKCS#12 container and allows access without a password.
Wallet types can be determined by analyzing the content using octal dump (od) utility.
Converting wallets between auto_login and non-auto-login types is possible with orapki commands.
Ensure filesystem permissions are secure and restrict access to wallets for better security.
Auto_login_only wallets are suitable for storing trusted certificates for client-connects.

Read Full Article

3 Likes

Siliconangle

Image Credit: Siliconangle

Strider upgrades Spark platform to deliver faster threat intelligence against nation-state attacks

Strider Technologies has upgraded its Spark platform to provide faster threat intelligence against nation-state attacks.
The AI-driven threat intelligence engine now enables organizations to combine external intelligence with internal data for real-time insights, reducing investigation times significantly.
The upgrades focus on assisting industry, government, and academic organizations vulnerable to nation-state attacks, offering detailed threat analysis within seconds.
Strider's Spark platform rapidly analyzes data points to help organizations uncover and mitigate state-sponsored threats in real time, with features for ease of use and efficiency.

Read Full Article

5 Likes

For uninterrupted reading, download the app