menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

VentureBeat

1M

read

36

img
dot

Image Credit: VentureBeat

Salesforce just unveiled AI ‘digital teammates’ in Slack — and they’re coming for Microsoft Copilot

  • Salesforce introduced Agentforce in Slack, providing task-specific AI agents to assist in workplace conversations and actions.
  • The move signifies a shift towards purpose-built AI agents over general assistants for more reliable results in enterprise AI.
  • Agentforce enables multi-step actions, orchestrating workflows and interacting with multiple systems within Slack.
  • Slack Employee Agent Templates will offer pre-configured solutions for common use cases like Customer Insights and Onboarding.
  • Salesforce emphasizes the need for AI agents to handle a wide range of tasks with logic and policy adherence.
  • Two key capabilities introduced are Slack Enterprise Search and General Slack Topic to support AI agents.
  • Agentforce operates within existing user permissions in Salesforce and Slack, ensuring data security and authorization.
  • Salesforce extends access to Agentforce to non-Salesforce users through no-cost Salesforce Identity licenses for interaction in Slack.
  • Early adopters of Agentforce like reMarkable and Formula 1 have reported significant improvements in support and response times.
  • Salesforce's specialized AI approach in Slack positions it against competitors like Microsoft’s Copilot and Google’s Gemini in the enterprise AI market.

Read Full Article

like

2 Likes

share

Share

source image

Socprime

1M

read

238

img
dot

Image Credit: Socprime

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE 

  • Two new security flaws, CVE-2025-4427 and CVE-2025-4428, in Ivanti Endpoint Manager Mobile (EPMM) software have been discovered, allowing for remote code execution without authentication.
  • The importance of proactive threat detection in light of the increasing number of vulnerabilities, as seen with over 18,000 logged by NIST in the first half of 2025, is emphasized.
  • Ivanti has addressed the vulnerabilities in the API component of EPMM software, where CVE-2025-4427 is an authentication bypass, and CVE-2025-4428 is an RCE flaw, impacting on-premises EPMM instances.
  • Defenders recommend applying the available patches to mitigate the risks associated with CVE-2025-4427 and CVE-2025-4428, found in EPMM versions up to 12.5.0.0.

Read Full Article

like

14 Likes

share

3 Shares

source image

Vista InfoSec

1M

read

200

img
dot

Image Credit: Vista InfoSec

Minimize Cybersecurity Threats by Making Smart Hosting Choices

  • Hosting plays a critical role in protecting websites from cyber threats and should not be overlooked in cybersecurity strategies.
  • Different hosting types offer varying levels of security, with dedicated and VPS hosting providing better isolation.
  • Choosing a hosting provider with transparency, quality support, and built-in security tools is crucial for long-term security.
  • Shared hosting can pose risks due to multiple sites sharing a server, making them vulnerable if one site is compromised.
  • Providers that prioritize security invest in infrastructure, monitoring, and responsive customer support to prevent breaches.
  • Key features like DDoS protection, malware scanning, automatic backups, and patch management enhance hosting security.
  • Warning signs when choosing a host include vague security documentation, poor customer support, and lack of compliance with industry standards.
  • Choosing a hosting solution tailored to your website's needs and future growth is essential for long-term cybersecurity.
  • Your hosting choice impacts your site's safety, reliability, and user trust, making it a crucial aspect of cybersecurity.
  • Understand your hosting environment and prioritize security features to make informed decisions that protect your digital space.

Read Full Article

like

10 Likes

share

2 Shares

source image

Siliconangle

1M

read

421

img
dot

Image Credit: Siliconangle

BreachRx raises $15M to expand intelligent incident response platform

  • Incident response startup BreachRx Inc. raises $15 million in new funding to scale up its go-to-market and engineering teams.
  • BreachRx offers an intelligent incident response platform that automates the creation of tailored incident response plans and guides stakeholders through every phase of an incident.
  • The platform provides a centralized workspace for all teams involved in incident response, integrates privileged communication channels and audit trails, and includes features like Rex AI for real-time recommendations.
  • The Series A round was led by Ballistic Ventures, with notable customers including Coinbase Global Inc., Commvault Systems Inc., and American Express Co. among others.

Read Full Article

like

25 Likes

share

5 Shares

source image

Tech Radar

1M

read

13

img
dot

Image Credit: Tech Radar

Broadcom hit by employee data theft after breach in supply chain

  • In a supply chain attack, sensitive data of Broadcom customers was leaked on the dark web after a breach at Business Systems House (BSH) in September 2024, a business partner of ADP, which serviced Broadcom.
  • The stolen data included National ID numbers, health insurance details, financial account numbers, contact information, and salary details.
  • Broadcom almost switched payroll providers before the breach was discovered in December 2024, with data exposed in unstructured format.
  • El Dorado, later rebranded as BlackLock, was identified as the group behind the attack, urging users to enhance security measures and monitor financial records.

Read Full Article

like

Like

share

Share

source image

Tech Radar

1M

read

53

img
dot

Image Credit: Tech Radar

Broadcom hit by employee data theft after breach in ADP payroll system

  • Business Systems House, a partner of ADP, experienced a breach in September 2024, leading to sensitive Broadcom files appearing on the dark web.
  • Customers of Broadcom had their data exposed after a supply chain attack, with data such as National ID numbers, salary details, and personal contact information being leaked.
  • The stolen data was discovered on the internet in December 2024, prompting Broadcom to advise users to enable multi-factor authentication and monitor financial records.
  • The attackers, known as El Dorado and later rebranded as BlackLock, are a ransomware group consisting of Russian-speaking individuals. The incident highlights the importance of cybersecurity measures for both businesses and individuals.

Read Full Article

like

2 Likes

share

1 Share

source image

Dev

1M

read

82

img
dot

Image Credit: Dev

What is SD-WAN?

  • SD-WAN revolutionizes network connectivity for distant offices by centrally managing and enhancing performance.
  • Key components include SD-WAN edge devices, controller, orchestration, transport-independent network, overlay network, and integrated security.
  • SD-WAN adds a smart overlay to network connections, directing traffic based on defined policies and application needs.
  • SD-WAN offers a flexible, secure, and efficient approach to network management, essential for stable connections and reliable performance.

Read Full Article

like

4 Likes

share

1 Share

source image

Tech Radar

1M

read

1.2k

img
dot

Image Credit: Tech Radar

Legal Aid database hacked, 'significant amount' of data and criminal records stolen

  • A cyberattack on the Legal Aid system led to the theft of a 'significant amount' of data, including criminal records, with up to 2.1 million records accessed.
  • The data stolen may include contact details, addresses, dates of birth, national ID numbers, criminal history, employment status, financial data, debts, and payments.
  • Legal Aid Agency's online digital services have been taken offline as a precaution, and the Ministry of Justice is working with authorities to secure systems.
  • Individuals advised to be vigilant against unknown communications, update passwords, and verify identities independently to protect against potential misuse of stolen data.

Read Full Article

like

17 Likes

share

3 Shares

source image

TechDigest

1M

read

362

img
dot

Image Credit: TechDigest

UK identity fraud cases surge to record high

  • Identity fraud cases in the UK have surged to a record high of over 421,000, marking a 13% increase from the previous year.
  • Fraudscape 2025 report highlights a growing sophistication among fraudsters, with examples such as exploiting the Companies House system and claiming Universal Credit fraudulently.
  • Certain regions like Bedfordshire, Cleveland, Merseyside, Nottinghamshire, and Greater Manchester are disproportionately affected by identity theft cases.
  • Telecom sector faces a 76% rise in account takeover cases, with mobile phone accounts being prime targets; individuals over 61 account for 25% of identity fraud victims.

Read Full Article

like

21 Likes

share

5 Shares

source image

Wired

1M

read

412

img
dot

Image Credit: Wired

Who Even Is a Criminal Now?

  • WIRED has a history of championing rogues and disruptive innovators since its inception.
  • The current issue of WIRED explores the dark side of technology, featuring stories about scam influencers, DIY guns, and an AI-inflected death cult.
  • Despite the rise of bad actors in power, WIRED encourages embracing a positive form of 'rogue' spirit to drive positive change.
  • The issue also highlights individuals and organizations challenging the status quo, such as tech whistleblowers, anti-establishment rebels, and a vision for a democratized social internet.

Read Full Article

like

24 Likes

share

5 Shares

source image

Wired

1M

read

224

img
dot

Image Credit: Wired

For Tech Whistleblowers, There’s Safety in Numbers

  • Amber Scorah, a whistleblower, founded Psst in 2024 to help tech industry and government workers share information with extra protections.
  • Psst's main offering is a digital safe accessed through an encrypted text box on Psst.org, allowing users to enter their concerns anonymously.
  • A unique feature of Psst is its 'information escrow' system, keeping submissions private until similar concerns are shared by others.
  • Psst's approach of combining reports from multiple sources protects whistleblowers' identities and encourages sharing of information.
  • Only Psst's in-house legal team can access the digital safe, ensuring confidentiality, particularly in countries like the US and UK.
  • Psst plans to automate the review process through secure algorithms to identify potential matches while safeguarding contributors' identities.
  • Psst involves investigative journalists or publishes accounts based on collected information, sometimes alerting regulators without public disclosure.
  • Challenges include lagging regulations in areas like AI safety, where reporting may be in the public interest despite not being illegal.
  • Amber Scorah sees Psst as a platform to expose harmful practices in the tech industry, just as she did with her own stories.
  • Psst aims to have a sanitizing effect by shedding light on industry issues through whistleblowers' accounts.

Read Full Article

like

13 Likes

share

3 Shares

source image

Wired

1M

read

41

img
dot

Image Credit: Wired

How to Win Followers and Scamfluence People

  • Format Boy, an influencer popular on various platforms, teaches online scams to a group of West African fraudsters known as the Yahoo Boys.
  • The Yahoo Boys engage in scams targeting wealthy foreigners, often utilizing tactics like deepfakes and emotional manipulation to extract money.
  • With a focus on social engineering, Yahoo Boys have exploited victims worldwide, leading to significant financial losses and tragic outcomes.
  • They use coded terminology, such as 'formats,' for different scam types and maintain a lavish lifestyle on social media.
  • Format Boy, a prominent 'scamfluencer,' shares tutorials on creating deepfakes and outlines various scam formats used by Yahoo Boys.
  • Despite claiming not to personally engage in scamming, Format Boy provides advice and tools that could aid individuals in illegal activities.
  • His teachings have drawn scrutiny for potentially encouraging criminal behavior, but he justifies his actions as empowering those in challenging circumstances.
  • Format Boy's optimistic messages on determination and success contrast with the ethical implications of his teachings.
  • Facing algorithmic challenges and identity theft issues, Format Boy remains active in sharing scam-related content and exploring new ventures like memecoins.
  • The article sheds light on the intricate world of scam influencers and the ethical dilemmas surrounding their activities, emphasizing the impact on victims and broader societal implications.

Read Full Article

like

2 Likes

share

Share

source image

Silicon

1M

read

394

img
dot

Image Credit: Silicon

Coinbase Hit By $400m Crypto Scam

  • Cryptocurrency trading platform Coinbase faced a $400 million scam where criminals used customers' data to swindle funds.
  • Attackers obtained personal data on less than 1% of customers by bribing overseas Coinbase staff and contractors.
  • Rather than paying a $20 million ransom demand, Coinbase set up a reward fund for information leading to the criminals' arrest.
  • The incident highlights the crypto industry's vulnerability to theft, with Coinbase estimating costs between $179m to $400m for remediation and reimbursements.

Read Full Article

like

23 Likes

share

5 Shares

source image

Dev

1M

read

256

img
dot

Image Credit: Dev

Taking Python Further in Cybersecurity: Real-World Applications and Projects

  • After mastering Python basics in cybersecurity, real-world applications are crucial for hands-on experience.
  • Python excels in network analysis, vulnerability detection, automation, and digital forensics in cybersecurity.
  • Practical Python projects tackle real-world cybersecurity challenges, enhancing expertise and confidence.
  • Projects like network monitoring, vulnerability scanning, file integrity monitoring, and password security research are valuable.
  • Python automates incident response processes, forensic investigations, and web security tasks effectively.
  • Building projects with Python aids in understanding security concepts and creating a valuable portfolio for cybersecurity careers.
  • Additional project ideas include log parsing, subdomain scanning, reverse shell building, GeoIP tracking, and threat intelligence aggregation.
  • Participating in Capture The Flag competitions and staying connected with the cybersecurity community are recommended for skill enhancement.
  • Python in cybersecurity offers endless possibilities for learners, aiding in threat identification, mitigation, and response.
  • For further assistance, a detailed 17-page PDF guide 'Mastering Cybersecurity with Python' is recommended.

Read Full Article

like

15 Likes

share

3 Shares

source image

TechDigest

1M

read

252

img
dot

Image Credit: TechDigest

Cyber attack on UK legal aid agency exposes private data, including criminal records

  • The UK's Legal Aid Agency experienced a significant cyberattack resulting in the theft of private data, including criminal records, as reported by the Ministry of Justice.
  • Attackers claim to have accessed 2.1 million pieces of data, including applicants' contact details, criminal history, and financial information spanning the past 15 years.
  • The Ministry of Justice advises individuals who applied for legal aid during this period to remain vigilant for suspicious activities and update potentially exposed passwords.
  • The breach is being investigated by the National Crime Agency and the National Cyber Security Centre, with the Information Commissioner notified, and the Legal Aid Agency's online services have been taken offline.

Read Full Article

like

15 Likes

share

3 Shares

Prev

140
141
142
143
144
145
146
147
148
149
150

Next

For uninterrupted reading, download the app