Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Securityaffairs

294

Image Credit: Securityaffairs

Coinbase disclosed a data breach after an extortion attempt

Coinbase disclosed a data breach after rogue contractors stole customer data and demanded a $20M ransom.
The breach, affecting under 1% of users, was reported to the SEC after a ransom demand was received on May 11, 2025.
The unauthorized access was detected in previous months, leading to termination of involved personnel and implementation of heightened fraud-monitoring measures.
Compromised data includes contact details, partial SSNs and bank info, ID images, account history, and limited internal documents but did not expose passwords, private keys, or customer funds.

Read Full Article

17 Likes

Siliconangle

280

Image Credit: Siliconangle

NetApp puts strategy over hype in race to real-world AI outcomes

NetApp Inc. prioritizes strategy over hype in approaching AI and data infrastructure challenges.
CEO George Kurian emphasizes a commitment to progress that aligns with long-term responsibility.
NetApp's Intelligent Data Infrastructure strategy focuses on managing risk, empowering AI, and ensuring performance at scale.
Kurian identifies flash, AI, block, and cloud as key market drivers shaping NetApp's strategy.
The company's customer-first approach involves deliberate focus and saying 'no' to initiatives that don't align.
NetApp provides AI-ready infrastructure that aims to protect data, ensure AI-readiness, and offer intelligent data services.
The company supports real-time decision-making through performance, scalability, and security in mission-critical environments.
NetApp's partnerships extend to sports entities like the National Football League and the San Francisco 49ers, enhancing data-driven fan experiences.
Through collaborations with companies like Intel, NetApp simplifies AI deployment, focusing on outcomes and security for partners and customers.
As businesses strive to translate AI ideas into tangible benefits, NetApp's infrastructure and solutions play a key role in delivering practical outcomes.
The emphasis on AI and data complexity highlights the need for solution providers to guide businesses toward faster, more efficient outcomes.

Read Full Article

16 Likes

Infoblox

432

Image Credit: Infoblox

Blocking Shadow AI Using Protective DNS—Simple yet Powerful

Generative AI applications are being widely adopted by organizations, leading to unique risks in areas such as security, privacy, and organizational reputation.
Approximately 50% of employees use unapproved AI tools, known as 'Shadow AI,' despite security risks and corporate policies prohibiting their use.
Organizations need to implement preemptive cyber defense approaches to manage the risks associated with unsanctioned AI usage, such as identifying and blocking such applications.
Using a Protective DNS solution like Infoblox Threat Defense can help organizations identify and block unsanctioned AI applications based on DNS activity, providing a simple yet powerful method to enhance security.

Read Full Article

25 Likes

Dataprivacyandsecurityinsider

349

Employees Hiding Use of AI Tools at Work

One out of three workers secretly use artificial intelligence tools in the workplace for various reasons including seeking a competitive advantage and uncertainty about job security.
By 2025, 42% of employees are projected to use generative AI tools at work, with significant percentages reporting feelings of resentment and presenteeism.
The secret use of AI tools poses risks such as unauthorized data disclosure, cybersecurity vulnerabilities, bias, and intellectual property misappropriation.
The study underlines the importance of organizations adopting an AI Governance Program to ensure employees feel comfortable using approved AI tools and to mitigate risks associated with unauthorized tool use.

Read Full Article

21 Likes

Discover more

Pymnts

165

Image Credit: Pymnts

Proofpoint to Acquire Hornetsecurity and Expand Human-Centric Security Solution Worldwide

Proofpoint plans to acquire Hornetsecurity Group to enhance human-centric security for small- to medium-sized businesses worldwide through managed service providers (MSPs).
The definitive agreement for the acquisition is expected to close in the second half of the year, subject to customary closing conditions.
The deal will add Hornetsecurity Group’s AI-powered Microsoft 365 security, data protection, and compliance services in Europe to Proofpoint’s cybersecurity and compliance solutions globally.
Upon acquisition closing, Proofpoint intends to offer the Hornetsecurity platform to MSPs and their customers worldwide to improve security across digital channels.

Read Full Article

9 Likes

Medium

234

Image Credit: Medium

Outdated + Reliable = Freedom

Big companies are blending devices and services to categorize users based on online behavior for targeted advertisements and recommendations.
Advancements in AI enable detailed tracking of user data from various sources, leading to effective manipulation for commercial gains.
Concerns arise about the loss of choice in technology consumption, as individuals are pressured to adopt the latest gadgets with reduced features and increased cloud dependency.
Some professionals are advocating for maintaining older software and hardware as a backup to counter the erosion of personal privacy and choice in the tech industry.

Read Full Article

14 Likes

Tech Radar

243

Image Credit: Tech Radar

Google removes Chrome admin privileges to reduce threat posed by dodgy extensions

Google is removing Chrome admin privileges to reduce the threat posed by malicious extensions.
A Microsoft developer has submitted an update to Chromium, which will de-elevate Chrome to run without admin privileges by default.
This move aims to enhance user protection from suspicious extensions, risky websites, and other potentially malicious activities.
Microsoft advises users not to launch their browsers with admin rights to prevent malware and data theft.

Read Full Article

14 Likes

Neuways

372

Image Credit: Neuways

Quishing scams in 2025: How to stay secure

Quishing scams involving fake QR codes have surged in 2025, leading to a significant increase in phishing attacks using QR codes to trick people into visiting malicious websites.
Organised crime groups are heavily involved in these scams, targeting high-traffic areas like car parks and restaurants by using fake QR codes that look identical to legitimate ones.
Businesses using QR codes should be cautious as they can become part of the problem if the right security measures are not in place, risking data theft, payment fraud, and reputational damage.
Red flags to watch for in QR code scams include unusual URLs, requests for app downloads outside of trusted stores, and suspicious payment or verification requests.

Read Full Article

22 Likes

Medium

427

Image Credit: Medium

Who Holds the Key to the Houthi PC Small Group?

Jeffrey Goldberg, editor-in-chief of The Atlantic, found himself added to a Signal group chat where senior U.S. military officials were discussing confidential details about an upcoming operation in Yemen.
The incident highlights the cyber risks faced by organizations, including the escalating number of cyberattacks targeting everyone from governments to small businesses.
Small and medium-sized enterprises (SMEs) are particularly vulnerable to cyber threats, posing risks to entire supply chains and hindering the adoption of technology like generative AI solutions due to security concerns.
Recent events, such as Apple being fined for prioritizing user privacy and governments pushing for backdoors into encrypted systems, raise questions about who should have control over digital privacy and security in today's complex landscape.

Read Full Article

25 Likes

Tech Radar

225

Image Credit: Tech Radar

12 Nvidia RTX 5090 GPUs will take 14 days to crack a complex 6-character password but I don't think you should care

Cybersecurity firm Hive Systems simulated an attack using 12 Nvidia RTX 5090 GPUs to crack passwords.
Short and predictable passwords can be cracked quickly, emphasizing the importance of using longer, unique passwords.
The time to crack a password significantly increases with complexity and length, ranging from days to billions of years.
Using a password manager and ensuring passwords are at least 12 characters long with a mix of characters is recommended for better security.

Read Full Article

13 Likes

Neuways

Image Credit: Neuways

Retail security breaches: What’s happened since?

Marks & Spencer and Co-op faced major cyber attacks impacting their retail operations, with M&S experiencing a severe ransomware attack leading to website disruptions, stock availability issues, and a data breach involving personal customer information.
Co-op also experienced a supply chain breach that disrupted internal systems, led to unauthorized access of personal data, and caused operational challenges, including stock management delays.
Both incidents highlight the vulnerability of supply chain connections and the importance of assessing supplier risk, adopting Zero Trust principles, updating incident response plans, conducting regular cybersecurity training, and implementing endpoint detection and response.
These breaches emphasize the need for businesses to prioritize cybersecurity measures across their entire ecosystem, including third-party connections, to mitigate the risks posed by modern cyber threats.

Read Full Article

3 Likes

Tech Radar

423

Image Credit: Tech Radar

"Meta AI non-compliant with GDPR" – Digital rights group menaces Meta with injunction over EU AI training

Austria-based digital rights group noyb has sent a cease and desist letter to Meta over its AI training plans, arguing they are not GDPR-compliant.
Meta intends to feed its AI models with public posts and user interactions from May 27, 2025, with an opt-out option, which noyb contests as a violation of GDPR rules.
noyb believes Meta should seek opt-in consent under GDPR regulations rather than relying on opt-out mechanisms.
The group has threatened Meta with an injunction and potential class actions if the AI training proceeds without changes.
Meta's use of the legitimate interest provision in GDPR is questioned by noyb, as it may infringe on users' rights and freedoms.
Noyb argues Meta's AI training won't be able to comply with GDPR rights like the right to be forgotten or access to data due to the nature of the database.
Meta's dialogue with EU regulators and reference to an EDPB opinion are deemed insufficient by noyb regarding the legality of AI training.
Despite warnings from consumer protection groups, Meta plans to start feeding its AI models with EU user data on May 27, prompting concerns and potential legal action.
Users are advised to opt out of Meta AI training if they wish to protect their data privacy by filling out objection forms on Facebook and Instagram.
noyb continues to advocate for user consent as a solution to GDPR issues around Meta AI training and is evaluating legal actions if necessary.

Read Full Article

25 Likes

Cybersecurity-Insiders

175

Image Credit: Cybersecurity-Insiders

Insider Threat fetches $400m loss to Coinbase

Coinbase, a major cryptocurrency exchange in the US, faces potential losses of $180-400 million this year due to a recent cyber attack.
The breach, attributed to an insider threat, involved the leakage of sensitive data including personal information of customers and employees.
Cybercriminals utilized advanced phishing tactics to deceive users into transferring cryptocurrency to fraudulent accounts.
Coinbase responded by resetting passwords, reimbursing affected customers, terminating freelance employees involved, and offering a reward for information leading to the attackers' capture.

Read Full Article

10 Likes

Pymnts

133

Image Credit: Pymnts

Coinbase Reimburses Customers Following $20 Million Extortion Attempt

Coinbase is reimbursing users after a data breach that led to a $20 million extortion attempt.
The breach involved cybercriminals convincing Coinbase insiders to copy customer support data to trick customers into handing over their crypto.
Coinbase fired the compromised employees, referred them to law enforcement, and plans to press criminal charges.
Coinbase is reimbursing customers tricked into sending funds to the attacker, setting up a $20 million reward fund for information leading to the attackers' arrest.

Read Full Article

8 Likes

Siliconangle

Image Credit: Siliconangle

Coinbase suffers data breach, exposing customer information to hackers

Coinbase Global Inc. disclosed a data breach where cybercriminals bribed offshore customer service support agents to steal customer data.
No passwords, private keys, or funds were exposed, but personal customer information such as names, addresses, phone numbers, email addresses, and limited corporate data were stolen.
Attackers did not access login credentials or private keys to move or access customer funds.
Coinbase refused a $20 million payoff demanded by the attackers and instead turned it into a $20 million bounty for information leading to the arrest of the criminals; estimated costs for the company range between $180 million and $400 million for reimbursement and expenses.

Read Full Article

5 Likes

For uninterrupted reading, download the app