A naukri.com initiative
Cyber Security News
Cybersecurity-Insiders
1M
261
Image Credit: Cybersecurity-Insiders
Criminal records exposed in cyber attack on Ministry of Justice
- A recent cyber-attack on the UK’s Ministry of Justice exposed approximately 2.7 million sensitive records, including criminal records.
- The attack occurred on April 23 and was publicly disclosed last week, prompting concerns about transparency and security measures.
- The breach was caused by a combination of human error and system vulnerabilities, affecting the Legal Aid Agency and compromising personal data including criminal histories and sensitive personal information.
- Collaborative efforts between the Ministry of Justice, National Crime Agency, and National Cyber Security Centre have been initiated to investigate the breach, believed to be part of a larger cyber-criminal campaign.
Read Full Article
15 Likes
Medium
1M
235
Image Credit: Medium
The Human Cost of Automation: Jobs Lost vs. Lives Improved
- Automation brings benefits like faster turnaround times, lower error rates, reduced costs, and new opportunities in emerging sectors.
- However, millions of jobs are at risk of automation by 2030, leading to psychological impacts, economic inequality, and social disruption.
- The focus should shift from job security to skill security, emphasizing lifelong learning, upskilling, and prioritizing human capabilities like creativity and empathy.
- The ethical dilemma lies in balancing efficiency gains from automation with societal well-being, ensuring technology uplifts humanity without leaving people behind.
Read Full Article
14 Likes
VentureBeat
1M
352
Image Credit: VentureBeat
Reddit, Webflow, and Superhuman are already customers—now GrowthX has $12M to grow
- GrowthX.ai secured $12 million in Series A funding led by Madrona Venture Group to enhance its unique AI-powered content creation approach.
- The company focuses on combining AI workflows with human expertise in content marketing, positioning itself as a 'service-as-software' entity.
- GrowthX's hybrid model has attracted clients like Reddit, Webflow, and Superhuman, delivering finished content with measurable business impact.
- The company's CEO, Marcel Santilli, emphasizes the importance of context, planning, and judgment in the content creation process.
- GrowthX's platform integrates content creation tools with flexible AI capabilities, leveraging a modular architecture for quick adaptation.
- Their workflow, combining AI automation with human oversight, has yielded impressive results, with some clients seeing up to 300% increases in organic traffic.
- GrowthX's profitable growth approach involved quick revenue generation through workshops, leading to recurring service contracts and organic profitability.
- The company plans to use the new funding to scale engineering capabilities and hire experts for customer-facing roles, emphasizing the synergy between AI and human input.
- According to Santilli, AI streamlines processes but human creativity remains essential in creating compelling content that resonates with audiences.
- With its solid business model and experienced team, including industry professionals like Matthew Panzarino, GrowthX is well-positioned to cater to the rising demand for AI-enhanced content solutions.
Read Full Article
21 Likes
TechCrunch
1M
137
Image Credit: TechCrunch
Pharma giant Regeneron to buy 23andMe and its customers’ data for $256M
- Regeneron is set to acquire genetic testing company 23andMe for $256 million as part of a bankruptcy auction.
- Regeneron plans to use 23andMe's genomics service and 15 million customers' data for drug discovery, ensuring privacy and ethical use.
- 23andMe filed for bankruptcy after a data breach affecting 7 million customers, leading to decreased stock value and the resignation of its CEO.
- Regeneron, as the buyer in the auction, aims to uphold privacy policies and laws regarding customer data as the bankruptcy court reviews the acquisition on June 17.
Read Full Article
8 Likes
TheNewsCrypto
1M
439
Crypto Executives Spend Millions on Security
- Major crypto firms like Coinbase, Circle, and Robinhood investing heavily in personal security for their top executives due to increasing risks like kidnapping and extortion in the industry.
- Coinbase allocated over $6 million for CEO security, Circle spent $800,000, and Robinhood allocated $1.6 million to protect their top executives, reflecting the seriousness with which crypto firms are addressing physical threats.
- A rise in kidnappings in Europe, particularly in France, has driven the demand for personal protection among prominent crypto figures, leading to a realization of the importance of proactive security measures.
- Experts advise crypto investors to keep their holdings private to avoid becoming targets for criminals, especially in light of recent data breaches and the inherent risks associated with the decentralized nature of cryptocurrencies.
Read Full Article
26 Likes
Tech Radar
1M
27
Image Credit: Tech Radar
Trump administration scuppers plan to stop data brokers from putting Americans’ sensitive data up for sale
- The Trump administration's plan to prevent data brokers from selling personal and financial information of American citizens has been abandoned.
- Data brokerage is a multibillion-dollar industry in the US, where data brokers can harvest and sell sensitive information, including names, addresses, Social Security numbers, and more.
- The Consumer Financial Protection Bureau (CFPB) had planned to adjust the Fair Credit Reporting Act to regulate data brokers but recently withdrew the rule.
- Concerns over privacy risks, discrimination, lack of transparency, and regulatory gaps prompted attempts to protect consumers from harmful use of their personal data.
Read Full Article
1 Like
Medium
1M
284
Image Credit: Medium
How I Run My Entire Digital Life on a Raspberry Pi: The Ultimate Self-Hosting Series PI
- The article discusses how the author shifted essential services from the cloud to their Raspberry Pi for increased privacy and control over their data.
- The author uses a Raspberry Pi 5 with an NVMe SSD and a cooling system for performance and stability.
- Components like the cooler and NVMe HAT are selected for compatibility and effective mounting.
- Setting up encryption on the SSD ensures data protection even if physically removed from the system.
- Process involves basic installations, formatting with LUKS, passphrase setup, and filesystem selection like ext4.
- Configuring a USB key as a secure decryption key for automatic unlocking and mounting during startup is detailed.
- Steps include preparing the USB stick, creating an fstab entry, and generating a strong decryption key.
- Adding the key file to LUKS for automatic decryption and verifying successful configuration are highlighted.
- Ensuring automatic decryption at boot by adding an entry to /etc/crypttab and verifying the setup.
- The article concludes with reboot verification, system ownership setup, and successful integration of encryption with USB key for decryption automation.
Read Full Article
17 Likes
Tech Radar
1M
22
Image Credit: Tech Radar
Procolored printers shipped out with malware-ridden drivers for half a year
- Procolored, a major Chinese printer manufacturer, has been inadvertently infecting its customers with backdoors, infostealers, and cryptocurrency stealers for six months.
- Six of Procolored's product lines were found to be infected with malware, with the last software update made in October 2024, indicating the deployment of malware for at least half a year before detection.
- Researchers discovered 39 malware detections in 20 uniquely hashed executables, including RATs, trojans, clipboard stealers, and cryptocurrency stealers, with almost 10 BTC stolen by the attackers.
- Following the discovery, all software was removed from Procolored's website, an investigation was initiated, and the company suspects that its own systems were compromised as well.
Read Full Article
1 Like
Securityaffairs
1M
421
Image Credit: Securityaffairs
Japan passed a law allowing preemptive offensive cyber actions
- Japan has enacted the Active Cyberdefense Law, allowing preemptive offensive cyber operations to counter threats before damage occurs.
- The law permits government agencies to conduct hacking back operations to neutralize threat actors targeting Japan and its organizations.
- Japan's new Active Cyberdefense Law enables preemptive targeting of hostile infrastructure, reflecting a shift in national and allied security priorities.
- The Japanese government aims to fully implement the new legal framework by 2027 to enhance cyber defense capabilities and align with major Western powers.
Read Full Article
25 Likes
Global Fintech Series
1M
233
Image Credit: Global Fintech Series
Bluefin and Verifone Partner to Bring PCI-Validated P2PE to Convenience and Petroleum Retailers
- Bluefin and Verifone have partnered to bring Bluefin’s Decryptx solution, providing PCI-validated Point-to-Point Encryption (P2PE) to Verifone’s convenience and fuel retailing merchants globally.
- The integration enables Verifone Commander convenience store operating system to offer P2PE for in-store, curbside, or unattended terminal transactions, reducing PCI compliance scope by up to 90%.
- Verifone Commander manages payments, fuel, and operations for convenience and petroleum retailers, providing enhanced security and streamlined operations.
- Bluefin and Verifone will discuss this joint solution at Verifone’s VCF customer conference for petroleum and fuel retailers in May.
Read Full Article
14 Likes
Tech Radar
1M
151
Image Credit: Tech Radar
Hackers can turn off Windows Defender with this sneaky new tool
- Hackers can now disable Windows Defender using a new tool called Defendnot created by a security researcher named es3n1n.
- Defendnot exploits an undocumented Windows Security Center API to trick the OS into thinking a fake antivirus program is running, causing Windows Defender to shut down.
- A previous similar tool by es3n1n was removed due to copyright infringement, prompting the creation of Defendnot with a new approach and an autorun feature.
- Microsoft Defender is now able to detect and isolate Defendnot as a threat, ensuring protection against this form of attack.
Read Full Article
9 Likes
TechJuice
1M
384
Image Credit: TechJuice
What is Dark Web And How You Can Safely Access It in 2025
- The dark web serves as a hub for both illicit activities and essential functions like privacy and free expression.
- It is important to prioritize safe navigation due to the anonymity that motivates cybercriminals on the dark web.
- The internet is divided into the surface web, deep web, and dark web, with the latter accessible only via specialized networks like Tor or I2P.
- Tools like Tor Browser, Tails, and Whonix are essential for safe access to the dark web, ensuring anonymity and security.
- Security measures like maintaining system security, avoiding P2P protocols, and dark web monitoring are crucial to protect against evolving threats.
- 2025 dark web trends include AI-driven cyberattacks, disinformation services, state-sponsored cyber activities, and ransomware incidents.
- To explore the legitimate resources on the dark web responsibly, users need to understand its structure, use secure tools, and stay informed about emerging threats.
- Safe access to the dark web involves installing Tor Browser, adjusting security settings, verifying anonymity, and protecting against threats like phishing and malware.
- It is essential to follow cybersecurity best practices, educate employees, implement strong infrastructure, and have incident response plans to mitigate risks on the dark web.
- Individual precautions like using strong passwords, monitoring the dark web for compromised data, and being aware of AI-driven threats are crucial for safe dark web exploration in 2025.
Read Full Article
23 Likes
Kaspersky
1M
293
Image Credit: Kaspersky
AirBorne: attacks on devices via Apple AirPlay | Kaspersky official blog
- Researchers have discovered a series of security flaws in Apple AirPlay, termed 'AirBorne', which can be exploited for wireless attacks on AirPlay-enabled devices.
- AirPlay is an Apple-developed protocol for streaming audio and video wirelessly between devices, with wide integration across Apple devices and third-party gadgets.
- The vulnerabilities in AirPlay allow various types of attacks, including remote code execution, man-in-the-middle attacks, denial of service, and sensitive information disclosure.
- Some of the critical vulnerabilities can lead to attacks like zero-click remote code execution on macOS devices, potentially spreading malware across networks.
- Updating all AirPlay-enabled devices to the latest software versions is crucial to safeguard against AirBorne attacks, along with disabling AirPlay receiver when not in use and restricting streaming permissions.
- Additional security measures include installing reliable security solutions on devices to enhance protection against potential vulnerabilities.
- The AirBorne vulnerabilities highlight the importance of staying vigilant and proactive in securing Apple devices from cyber threats and potential attacks.
- Some of the other vulnerabilities that Apple users may encounter include the SparkCat trojan stealer, Banshee malware targeting macOS, and risks to Apple Vision Pro users.
- It's essential for users to stay informed about security risks, follow best practices for device security, and take necessary steps to mitigate vulnerabilities in their Apple ecosystem.
- By addressing vulnerabilities promptly, users can enhance the security of their devices, protect their data and privacy, and reduce the risk of falling victim to cyber attacks.
- Ensuring regular software updates, configuring AirPlay settings securely, and employing robust security solutions are key strategies in defending against potential threats in the digital landscape.
Read Full Article
17 Likes
Dev
1M
192
Image Credit: Dev
Can WhatsApp actually read your messages? Myth vs Reality
- WhatsApp's end-to-end encryption ensures messages are only readable by the sender and recipient, protecting user communications from third parties.
- End-to-end encryption encrypts messages on the sender's device and decrypts them only on the recipient's device, making messages unreadable in transit.
- Persistent myths suggest WhatsApp employees can access messages, data is shared with Facebook, and WhatsApp has a backdoor to access messages.
- WhatsApp's encryption protocol, implemented using Signal Protocol, prevents anyone, including WhatsApp employees, from accessing message content.
- While WhatsApp shares some user data with Facebook, message content remains encrypted and inaccessible for advertising or other purposes.
- There is no evidence of WhatsApp having a backdoor to access user messages, as the encryption protocol is open-source and transparent.
- WhatsApp collects metadata but does not have access to message content; exceptions include backups to cloud storage and device security vulnerabilities.
- Protecting your device with strong passwords, two-factor authentication, and software updates is crucial to securing WhatsApp messages.
- Understanding the security measures of WhatsApp and staying informed about cyber threats can help users maintain privacy and security online.
- Using authentic software and files while staying updated on security practices can contribute to a safer online experience for users.
Read Full Article
11 Likes
For uninterrupted reading, download the app