A naukri.com initiative
Cyber Security News
Cybersecurity-Insiders
1M
41
Image Credit: Cybersecurity-Insiders
Gmail to start Shielded Email Service for SPAM
- Gmail is introducing a new feature called Shielded Email Service to combat spam and protect users' privacy.
- Users can generate temporary email addresses for short-term purposes, reducing the risk of exposing their primary email.
- Temporary addresses are valid for a set period and important emails are forwarded to the user's primary inbox.
- Marketers may find ways to bypass the protection, so refining spam filters could provide more comprehensive long-term protection.
Read Full Article
2 Likes
Tech Radar
1M
278
Image Credit: Tech Radar
US space tech firm Maxar says employee personal data leaked in hack
- US space tech firm Maxar confirms data breach involving sensitive employee data.
- Attacker used a Hong Kong IP address to breach the systems.
- Sensitive information stolen includes names, addresses, and Social Security Numbers.
- Maxar offers identity theft protection and credit monitoring to affected employees.
Read Full Article
16 Likes
Securityaffairs
1M
232
Image Credit: Securityaffairs
China-linked actor’s malware DeepData exploits FortiClient VPN zero-day
- Chinese threat actors exploit a zero-day vulnerability in Fortinet's Windows VPN client.
- The vulnerability allows the threat actors to steal user credentials and server details.
- The exploit is carried out using the custom malware called DeepData.
- Volexity researchers reported the vulnerability to Fortinet, but it remains unresolved.
Read Full Article
13 Likes
Medium
1M
278
Image Credit: Medium
NordVPN customer testimonials review
- NordVPN customer testimonials highlight the reliability and effectiveness of the service in safeguarding users' digital lives.
- Users praise NordVPN's encryption for protecting their work on public Wi-Fi and enhancing productivity.
- The ability to bypass regional restrictions and access content from different countries is another highly valued feature of NordVPN.
- Privacy-conscious users appreciate NordVPN's no-log policy for accessing sensitive information without worries.
Read Full Article
16 Likes
The Register
1M
328
Image Credit: The Register
Navigating third-party risks
- Organizations rely on third-party contractors, vendors, and service providers, increasing the need to manage third-party risks.
- Unauthorized access by external parties can introduce vulnerabilities into IT infrastructure, threatening data security, operational continuity, and compliance efforts.
- SailPoint will host a webinar on December 3rd at 11AM ET, discussing strategies to manage and mitigate third-party risks.
- Key topics include identifying vulnerable access points, implementing effective access controls, and establishing a culture of compliance and security.
Read Full Article
19 Likes
Medium
1M
437
Image Credit: Medium
Personal VPN Services For Sale
- A VPN acts as a vital shield for your online presence by encrypting your data and masking your virtual location.
- NordVPN is a comprehensive solution for digital security, equipped with features aimed at keeping you safe online.
- The VPN ensures that your data remains uncompromised while enjoying a fast and reliable connection.
- You get detailed insights into your privacy status, empowering you to regain control over your personal information.
- You can connect up to 10 devices with NordVPN, ensuring privacy and security follow you everywhere.
- You not only protect your internet activities but also enhance your browsing experience itself with NordVPN.
- With NordVPN's file encryption, you can host a virtual safe full of important documents that you can access anytime, anywhere.
- NordVPN includes malware protection to fend off digital dangers and a password manager service that generates strong passwords.
- NordVPN offers top-notch protection for affordable prices and ensures your data is yours alone.
- Personal VPN services like NordVPN can change your online experience dramatically for better protection of your personal information.
Read Full Article
26 Likes
Bitcoinmagazine
1M
401
Bitcoin Multisig Company Casa Makes Self-Sovereignty Easy
- Casa has been helping customers secure their bitcoin in multisig wallets since 2017.
- Casa’s multi-key vaults are an easy-to-use version of multi-sig product, which also come with customer support.
- Before Casa, multi-sig software lacked customer support and was too complicated.
- Casa’s approach of being customer-friendly has paid off, as the company has become a household name in the Bitcoin and crypto space.
- The company offers two main set ups: 5-key vault and 3-key vault.
- Casa’s new Enterprise Plan is designed for companies to more easily secure their bitcoin treasuries.
- This summer, Casa began enabling users to replace hardware wallets used in their vaults with YubiKeys.
- In March, Casa launched Casa Inheritance, a service to access the bitcoin in the vaults in the event of the user’s death.
- Nick Neuman, the CEO of Casa, believes that more people will come around, and multisig will become more widely-adopted.
- For those that want to try Casa, the company is allowing people to try the service at no charge for a month.
Read Full Article
24 Likes
TechCrunch
1M
82
Image Credit: TechCrunch
US extradites Russian accused of extorting millions in Phobos ransomware payments
- Evgenii Ptitsyn, an alleged Russian hacker, has been extradited to the US to face charges related to the Phobos ransomware operation.
- The Phobos ransomware operation extorted at least $16 million from over a thousand public and private victims globally.
- Ptitsyn is accused of administering the sale, distribution, and operation of Phobos, and the victims include various organizations from the US.
- Ptitsyn has been charged with wire fraud conspiracy, wire fraud, conspiracy to commit computer fraud and abuse, and intentional damage to protected computers and extortion.
Read Full Article
4 Likes
Siliconangle
1M
113
Image Credit: Siliconangle
Exabeam and Wiz partner to enhance cloud security and threat detection
- Exabeam Inc. has partnered with Wiz Inc. to enhance cloud security and threat detection.
- The partnership includes integrating Exabeam's AI-powered analytics with Wiz's cloud security insights.
- The integration aims to provide a unified platform for improved threat visibility, faster incident investigations, and enhanced response times.
- The collaboration addresses the need for robust cloud security strategies and offers additional benefits such as streamlined onboarding and enhanced threat detection capabilities.
Read Full Article
6 Likes
Siliconangle
1M
451
Image Credit: Siliconangle
Ionix unveils Cloud Exposure Validator to streamline cloud security alert management
- Ionix Inc. has introduced Cloud Exposure Validator, a tool to streamline cloud security alert management.
- The tool analyzes and reprioritizes alerts from cloud security platforms based on actual exploitation and severity.
- It helps organizations allocate resources to address the most critical issues first.
- Ionix aims to bridge the gap between vulnerability management and cloud security, allowing for better prioritization and validation.
Read Full Article
27 Likes
Siliconangle
1M
446
Image Credit: Siliconangle
Tanium introduces autonomous endpoint management to enhance IT and security operations
- Tanium introduces autonomous endpoint management at Converge 2024 user conference.
- Tanium Autonomous Endpoint Management enhances IT and security teams' ability to manage environments.
- Features include asset discovery, vulnerability management, incident response, and digital employee experience.
- Tanium AEM leverages real-time data and AI to optimize workflows and provide comprehensive visibility and control.
Read Full Article
26 Likes
Siliconangle
1M
50
Image Credit: Siliconangle
Black Kite introduces cloud asset mapping for enhanced vendor risk management
- Black Kite Inc. introduces new cloud asset mapping capabilities to enhance vendor risk management and provide visibility.
- The capabilities enable customers to track and monitor their own cloud infrastructure while gaining insights into vendor's cloud environments.
- Black Kite's cloud asset mapping offers deep insights into vendor infrastructure risks and assesses concentration risk to strengthen risk mitigation.
- The new capabilities also include the ability to map and classify both vendor and internal assets, and integration with Black Kite's Supply Chain Risk Module.
Read Full Article
3 Likes
Tech Radar
1M
9
Image Credit: Tech Radar
Microsoft says that it is making progress in its Secure Future Initiative — but there is still work to do
- Microsoft has released the November update for its Secure Future Initiative
- New security oriented solutions have been introduced across environments
- Microsoft also announces a new Windows Resiliency Initiative
- The company says further progress has now been made across Microsoft’s six engineering pillars
- MFA is also being enforced across Microsoft’s productivity environments to reduce the risk of phishing and credential theft
- The Entra Conditional Access template requires users to meet a certain level of device compliance
- GitHub Advanced Security is introduced to scan Azure DevOps Git repositories for secret exposures
- Microsoft released figures showing that they successfully addressed 90% of high severity cloud vulnerabilities
- Microsoft is now looking to issue security reports on nation-state actors direct to customers through Azure, Microsoft 365, and Dynamics 365
- The Windows Resiliency Initiative is aimed at reducing the number of admin privileges applications require.
Read Full Article
Like
Mcafee
1M
305
How to Protect Your Smartphone from SIM Swapping
- SIM swapping is one of the newer methods that allows cybercriminals to take control of your smartphone and break into your online accounts by directing cellular network traffic through a new SIM card.
- SIM swapping doesn’t require a cybercriminal to get access to your physical phone and steal your SIM card.
- The most glaring sign that your phone number was reassigned to a new SIM card is that your current phone no longer connects to the cell network.
- In the case of SIM swapping, the most secure way to access authentication codes is through authentication apps, versus emailed or texted codes.
- Phishing is a method cybercriminals use to fish for sensitive personal information that they can use to impersonate you or gain access to your financial accounts.
- Entrust your passwords and phrases to a secure password manager, which is included in McAfee+.
- McAfee, on average, detects suspicious activity ten months earlier than similar monitoring services.
- An identity protection partner can restore your confidence in your online activities.
- Choose random PIN codes that are not associated with birthdays, anniversaries, or addresses.
- Be wary of messages from people and organizations you don’t know, even if the sender looks familiar.
Read Full Article
18 Likes
Siliconangle
1M
59
Image Credit: Siliconangle
Microsoft expands Windows security and announces new proactive defense measures at Ignite 2024
- At the Microsoft Ignite Conference in Chicago, the technology giant revealed its latest advancements in security aimed at protecting its system. The company is improving Windows security and updates through the general availability of Microsoft’s Security Exposure Management platform and the launch of a new Zero Day Quest initiative for artificial intelligence and cloud security. Features include the Windows Resiliency Initiative, Quick Machine Recovery, Zero Trust DNS and safer programming languages such as Rust. Microsoft also revealed a new platform called Security Exposure Management, designed to continuously help firms identify, prioritise and mitigate risks through a holistic view of their digital attack surface.
- Key capabilities of the platform include attack surface management that offers a real-time view of assets, with high-risk pathways that could lead to critical asset branches. Unified exposure insights additionally provide actionable metrics to guide decision-making. Microsoft is also offering its Zero Day Quest bug bounty initiative aimed at strengthening the security of AI and cloud platforms with up to $4m in potential awards. Researchers will have the opportunity to collaborate directly with Microsoft’s AI engineers and the AI Red Team to enhance their skills and contribute to secure AI development.
- Microsoft today introduced a set of new security features to enhance protection in Windows 11, including Quick Machine Recovery that allows admin to apply targeted fixes through Windows Update without the device needing physical access, Windows Hello which now has support for passkeys, aimed at providing an improved defence against credential-based attacks. Zero Trust DNS enables control of network traffic, minimising the need for regular restarting.
- The company now aims for a shift to Zero Trust to control network traffic and improve hot patching for Windows 11. Microsoft has now shifted to safer programming languages, notably functions that from C++ to Rust, to reduce vulnerabilities related to unsafe code. Security Exposure Management aims at providing a holistic view of the digital attack surface.
- Microsoft has introduced several new features to boost security in Windows 11, including the Windows Resiliency Initiative, enhancing protection from chip to cloud and learning from past incidents. Quick Machine Recovery aims at reducing downtime by allowing quicker recovery from system issues. Expanded protection is being given through a new feature that reduces security risks by allowing users to perform admin-level tasks securely using Windows Hello, with support for passkeys providing improved defence.
- Credential security is being addressed with Windows Hello, now having support for passkeys, providing improved protection against credential-based attacks. Windows 11 aims to enhance protection from chip to cloud, with improved system reliability, learning from past events and enhanced protection capabilities.
- Microsoft has announced a set of new security features aimed at enhancing protection in Windows 11, with Quick Machine Recovery reducing downtime with targeted fixes. Credential security is being targeted by Windows Hello which now includes support for passkeys. The tech giant aims for a shift to Zero Trust DNS to control network traffic and improve hot patching. It has also shifted to safer programming languages such as Rust. Microsoft additionally launched the Security Exposure Management platform, which offers attack surface management that highlights critical areas that are vulnerable to attack, providing a real-time view of assets.
- The Security Exposure Management platform is aimed at helping organisations understand interdependencies across their entire digital estate. The final product contains improvements in attack path analysis and exposure mapping capabilities based on feedback from the public preview. Finally, Microsoft revealed a new bug bounty programme called Zero Day Quest aimed at strengthening the security of AI and cloud platforms with up to $4m potential rewards.
- Zero Day Quest is aimed at strengthening the security of AI and cloud platforms. The initiative will see up to a $4m rewards pool offered, dramatically up from the $1.5m previously offered.
- Microsoft introduces a range of new features to enhance protection in Windows 11, with updates to Quick Machine Recovery, expanding protection through Windows Hello, the biometric authentication system in Windows which uses facial recognition, fingerprints or PINs for secure and password-free sign-ins. Microsoft's shift to Zero Trust significantly reduces the need for restarts and helps maintain a secure environment with minimal disruption. Microsoft announced the general availability of its Security Exposure Management platform, providing a holistic view of organisations' digital attack surface, and launched a new bug bounty initiative, Zero Day Quest to strengthen AI and cloud security.
Read Full Article
3 Likes
For uninterrupted reading, download the app