Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Securityaffairs

270

Image Credit: Securityaffairs

Security Affairs newsletter Round 524 by Pierluigi Paganini – INTERNATIONAL EDITION

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials
New botnet HTTPBot targets gaming and tech industries with surgical attacks
Google fixed a Chrome vulnerability that could lead to full account takeover
Coinbase disclosed a data breach after an extortion attempt

Read Full Article

16 Likes

Securityaffairs

435

Image Credit: Securityaffairs

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Chinese-made power inverters in US solar farm equipment were found to have 'kill switches', including hidden cellular radios, that could potentially allow Beijing to remotely disable power grids during a conflict.
Experts discovered rogue devices, such as hidden cellular radios, in Chinese-made power inverters used globally, raising concerns about the possibility of remote power grid disruptions in critical infrastructure.
US experts found undocumented communication devices like cellular radios in batteries from various Chinese suppliers, indicating a potential covert means to physically destroy power grids.
US Representative August Pfluger emphasized the threat posed by such rogue devices, expressing the need to enhance efforts against Chinese interference in sensitive infrastructure to safeguard national security.

Read Full Article

26 Likes

Medium

206

Your Password Manager Is a Liar

Password managers often boast about their security measures and recovery options, but the ability to reset passwords can pose a significant security risk in case of a breach.
Monitoring the dark web for passwords involves accessing and potentially reading the breached data, contradicting the concept of zero-knowledge security.
LastPass experienced a data breach in December 2022, raising concerns about its security practices, while Bitwarden faced issues such as an autofill vulnerability.
1Password, known for its strong security, had incidents like being indirectly impacted by the Okta breach and a critical vulnerability in its macOS version.

Read Full Article

12 Likes

Dev

444

Image Credit: Dev

🚀 Introducing Astra v1.1 – Local, Powerful, and Now Even More Flexible

Astra v1.1 is the latest version of the open-source network scanning tool designed for security researchers and sysadmins, offering speed, flexibility, and privacy without reliance on third-party APIs.
New features in Astra v1.1 include CIDR scan enhancements, output flexibility with JSON or CSV saving options, expanded port scanning choices, improved verbose logging, and performance tuning settings.
Quality of life improvements in Astra v1.1 consist of simplified config setup, better help output, and graceful handling of invalid domains and empty scan results.
Astra allows users to scan domains, CIDR ranges, limit resources on large scans, and export results to files, offering privacy, customizability, transparent output, and open-source flexibility.

Read Full Article

26 Likes

Discover more

Medium

135

Image Credit: Medium

How to start your cybersecurity career?

Before starting a cybersecurity career, question your motives and ensure genuine curiosity and patience.
Learn about Kali Linux, a Linux distribution commonly used by cybersecurity experts.
Understanding networking is crucial in cybersecurity as it forms the backbone of IT.
Start with learning tools like Nmap and Wireshark, focus on understanding commands rather than just copying them.

Read Full Article

8 Likes

Medium

298

Image Credit: Medium

A Path Down Linux Lane

Linux initially relied on CLI but later introduced GUIs like KDE Plasma and GNOME to enhance accessibility.
The flexibility of Linux distros allows users to choose between CLI and GUI interfaces.
Linux dominates in server, cloud, supercomputers, IoT, and embedded systems, showcasing its versatility and reliability.
With its reliability, security, and strong community support, Linux is a worthwhile choice for both beginners and tech enthusiasts.

Read Full Article

17 Likes

Medium

Image Credit: Medium

SentryPC: The Ultimate Digital Monitoring & Control Solution for Families and Businesses

SentryPC is a powerful monitoring and control software designed for families and businesses to protect against cyber risks like cyberbullying, data leaks, and distractions.
It offers real-time monitoring, smart filtering, and actionable insights for parents, employers, and educators to manage digital activities effectively.
Features include keystroke logging, website & app tracking, custom blacklists, daily usage schedules, and user-specific permissions to ensure security and productivity.
SentryPC provides solutions for parents to protect children online, employers to monitor productivity, and educators to maintain a focused learning environment.

Read Full Article

5 Likes

Dev

292

Image Credit: Dev

How Many AI Tokens to Play a Game of Chess?

AI token usage is following a similar trajectory as cloud adoption, with costs increasing over time and potential for unexpected expenses.
Understanding token usage is crucial as scale can hide costs; similar to surprise cloud bills, token costs can escalate rapidly.
Developers commonly use AI in practice for 'vibe coding,' where tokens accumulate with each iteration, leading to potential cost overruns.
Best practices for managing AI token usage include scoping code slices, externalizing business rules, and writing focused prompts to optimize efficiency and cost.

Read Full Article

17 Likes

Securityaffairs

151

Image Credit: Securityaffairs

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

The FBI warns ex-government officials of being targeted with deepfake texts and AI-generated voice messages impersonating senior U.S. officials.
Threat actors have been using texts and AI voice messages since April 2025 to access personal accounts of officials and their contacts.
Malicious links are sent to officials posing as messaging platform invites, allowing threat actors to extract data or funds through impersonation.
To avoid falling for AI-powered scams, officials are advised to verify callers' identities, check for errors in messages, and avoid sharing sensitive information with unknown contacts.

Read Full Article

9 Likes

Secureerpinc

293

Image Credit: Secureerpinc

Bots Now Rule the Internet Highway

Online traffic is now dominated by bots, accounting for 51% of all web traffic.
Bots serve various purposes, including search engine indexing, social media management, data extraction, and monitoring website performance.
A significant percentage of bots are malicious, causing issues like data theft, spam propagation, and inflating online numbers.
To combat the rising threat of bad bots, organizations are advised to implement strong password habits, enhance website defenses, and invest in bot detection systems.

Read Full Article

17 Likes

Securityaffairs

220

Image Credit: Securityaffairs

Shields up US retailers. Scattered Spider threat actors can target them

Cybercrime group Scattered Spider, known for social engineering and extortion, is now targeting U.S. companies after focusing on UK retailers.
UNC3944 (Scattered Spider) has hacked numerous organizations, including Twilio, LastPass, DoorDash, and Mailchimp, transitioning from telecoms to ransomware and broader sectors by 2023.
Threat actors linked to Scattered Spider used DragonForce ransomware to target UK retailers, exploiting the large trove of PII and financial data held by retailers.
Google experts suggest that UNC3944 targets sectors like Tech, Telecom, Finance, and Retail, focusing on large enterprises in English-speaking countries and beyond by using social engineering tactics for high-impact attacks.

Read Full Article

13 Likes

TechBullion

312

Image Credit: TechBullion

How to Get Your Crypto Back After a Phishing Scam: Emergency Action Plan 2025

In 2023, users and investors lost $4.6 billion to crypto scams, showing a 30% decrease from the previous year, with crypto scams growing by 900% since the pandemic began.
Phishing scams in crypto target victims to reveal sensitive information like passwords and private keys through deceptive messages from seemingly legitimate sources.
Crypto transactions cannot be reversed once funds are transferred to another wallet, making recovery challenging but not impossible.
Emergency steps to retrieve stolen cryptocurrency involve contacting recovery services like HackersTent, providing loss details and transaction histories for better recovery chances.
Phishing attacks exploit human vulnerabilities, using fear, greed, and urgency to trick individuals into surrendering digital assets.
Scammers target private keys and seed phrases that provide full control over wallets, emphasizing the importance of safeguarding these credentials.
After falling victim to a phishing attack, securing remaining assets by isolating compromised devices, conducting scans for malware, and setting up a new secure wallet is crucial.
Effective prevention methods against crypto scams include verifying offers, conducting thorough research on projects, monitoring wallet activities, and utilizing security tools like HackersTent Recovery Service.
With $4.6 billion stolen in 2023, recovering stolen cryptocurrency requires quick action, secure practices, and professional help from blockchain forensics firms like HackersTent.
Seeking immediate assistance after a scam, implementing strong security measures, verifying exchanges for recovery support, and utilizing professional blockchain forensic tools are essential for successful recovery.

Read Full Article

18 Likes

Medium

100

Image Credit: Medium

From Silicon Valley to Courtroom Valley

Illinois is leading the charge in biometric privacy lawsuits against tech giants such as Google and TikTok.
The state's Biometric Information Privacy Act (BIPA) has already hit Facebook with a $650 million fine.
Google and TikTok are facing legal consequences under BIPA for allegedly collecting biometric data without proper consent.
Companies need to adhere to BIPA regulations regarding biometric data collection to avoid legal repercussions.

Read Full Article

6 Likes

Medium

Image Credit: Medium

Digital Anonymity: A Shield of Privacy or an Illusion of Security?

Digital anonymity allows online engagement without revealing one's real-world identity, offering space for open expression and privacy.
Technological advancements like digital fingerprinting challenge true anonymity, highlighting the illusion of security in the digital realm.
Indonesia faces a lack of awareness on digital anonymity, with the need to comprehend and minimize digital identity exposure.
To protect privacy in a hyperconnected world, individuals must understand data exposure, utilize privacy tools, and promote digital literacy.

Read Full Article

4 Likes

Wired

266

Image Credit: Wired

Coinbase Will Reimburse Customers Up to $400 Million After Data Breach

Researchers published 1,000 email addresses linked to North Korean IT worker scams; Xinbi Guarantee marketplace used by Chinese-speaking crypto scammers cracked down by Telegram.
Telegram banned thousands of accounts used for money laundering in cryptocurrency scams, including Haowang Guarantee, facilitating $27 billion in transactions.
CFPB acting director Russell Vought scrapped a plan to regulate sale of Americans' personal data; Concerns rise over generative AI services fueling fraud online.
Google enhances Android Scam Detection tool ahead of Android 16 launch; Introduces Advanced Protection mode for highly targeted users with heightened security features.
Coinbase discloses costly data breach affecting less than 1% of monthly users; Expecting $180 million to $400 million to remediate breach and reimburse customers.
12 more individuals indicted for cryptocurrency theft, money laundering totaling $263 million; Luxury spending included on things like private jet rentals and exotic cars.
Former FBI director James Comey under investigation for Instagram post of seashells spelling out '8647' tagged as a potential violence threat against Trump.
Comey's post led to investigations by DHS and Secret Service, with accusations of inciting violence against Trump from Republican figures.
Trump interpreted post as a call for his assassination, leading to calls for Comey to be put behind bars; Comey, in response, stated he opposes violence.
Comey served as FBI director until being fired by President Trump in 2017 amid the investigation into Russian interference in the 2016 election.

Read Full Article

16 Likes

For uninterrupted reading, download the app