A naukri.com initiative
Cyber Security News
Secureerpinc
2M
10
Image Credit: Secureerpinc
Cybersecurity Investments Protect and Fuel Business Growth
- Shifts in business landscape such as remote work and cloud computing have led to both opportunities and cybersecurity threats for small and medium-sized businesses.
- Investing in cybersecurity is crucial as the more advanced technology a business utilizes, the bigger the need for protection.
- Companies are increasingly recognizing the strategic advantages of cybersecurity investments including greater innovation, business continuity, improved reputation, regulatory compliance, and workforce flexibility.
- Cybersecurity is essential for businesses of all sizes, with scalable solutions available for securing digital assets, training employees, implementing multi-factor authentication, and creating incident response plans.
Read Full Article
Like
Tech Radar
2M
395
Image Credit: Tech Radar
Scattered Spider moves beyond the UK, places crosshairs on US companies
- Scattered Spider, a ransomware collective, is expanding its target scope beyond UK firms to include US retailers.
- Google's Threat Intelligence Group warns US retailers to be cautious as Scattered Spider, linked to group UNC3944, is targeting multiple firms after a long hiatus.
- Scattered Spider operates within a larger hacking community called 'the Com' and engages in various cyberattacks, with previous victims including notable companies like Nike, Twitter, and more.
- In response to attacks, UK's NCSC has issued guidance for better defense against Scattered Spider, urging the retail sector to enhance security measures.
Read Full Article
23 Likes
Pymnts
2M
179
Image Credit: Pymnts
US Banks ‘Prime Candidate for Exploitation’ by Money Launderers
- Banks in the United States are increasingly being targeted by money launderers connected to drug cartels.
- Money launderers utilize underground networks to deposit cash from drug sales at US bank branches and ATMs.
- Incidents like a Chinese network depositing $92 million in cash at major banks have raised concerns.
- The banking industry is urging the US government to revamp anti-money laundering regulations to combat fraud effectively.
Read Full Article
10 Likes
Tech Radar
2M
399
Image Credit: Tech Radar
Largest US steel manufacturer puts production on the backburner after cyber attack
- Nucor, a major US steel manufacturer, had to halt parts of its operations due to a cyberattack.
- The company confirmed the unauthorized access of certain IT systems by a third party and took measures to contain the incident.
- The decision to temporarily stop production operations has raised speculations of a possible ransomware attack.
- No threat actors have claimed responsibility, and the extent of data breach remains unknown.
Read Full Article
24 Likes
Lastwatchdog
2M
280
GUEST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web
- Small businesses are increasingly targeted by cybercriminals due to their lack of cybersecurity expertise and resources.
- The dark web offers easy access to cybercrime-as-a-service tools, making it cheaper and simpler to launch attacks on small businesses.
- AI-powered tools are being used to scale attacks, tailor phishing lures, write malware, and evade detection, posing a significant threat to small businesses.
- To protect themselves, small businesses should prioritize employee training, use AI-powered security tools, invest in cyber insurance, and consider partnering with managed service providers.
Read Full Article
16 Likes
VentureBeat
2M
225
Image Credit: VentureBeat
You.com’s ARI Enterprise crushes OpenAI in head-to-head tests, aims at deep research market
- You.com has launched ARI Enterprise, claiming it outperforms OpenAI in head-to-head tests and excels in accuracy on independent benchmarks.
- ARI achieved 80% accuracy on the FRAMES benchmark, surpassing major competitors.
- This advanced research platform offers 4x greater depth and breadth and connects to internal corporate data sources.
- ARI Enterprise provides 35% more insights and facts per research project, with enhanced integration capabilities.
- Early adopters include venture capital firms, consulting agencies, and research institutions.
- The platform's interactive approach involves collaboration with users to refine research plans and guide analysis.
- Founder Richard Socher emphasizes ARI's role in augmenting analysts' efficiency, not replacing them.
- You.com believes ARI Enterprise democratizes access to high-quality research and transforms professional roles.
- The company raised $99 million to challenge Google's search dominance and has reported significant revenue growth.
- ARI Enterprise changes how businesses process information, offering comprehensive, verified analysis in minutes.
Read Full Article
13 Likes
Tech Radar
2M
317
Image Credit: Tech Radar
SAP NetWeaver woes worsen as ransomware gangs join the attack
- Multiple ransomware operators are targeting a severe vulnerability in SAP NetWeaver Visual Composer, enabling unauthorized actors to upload malicious executables.
- Around 1,200 SAP instances were reported to be at risk from this vulnerability, CVE-2025-31324.
- Ransomware families like BianLian and RansomEXX, along with Chinese state-sponsored actors, have been identified in exploiting the flaw.
- SAP quickly released a patch for the bug but multiple attacks were observed in the wild, emphasizing the critical nature of the security issue.
Read Full Article
19 Likes
Arstechnica
2M
413
Image Credit: Arstechnica
Spies hack high-value mail servers using an exploit from yesteryear
- Threat actors, possibly supported by the Russian government, hacked high-value mail servers globally by exploiting XSS vulnerabilities.
- XSS vulnerabilities allow attackers to execute malicious code in browsers through programming errors in webserver software.
- The exploits originated from a bug class widely exploited in the past and primarily involve the execution of JavaScript.
- The Kremlin-linked hacking group Sednit gained access to email accounts by targeting vulnerabilities in mail server software like Roundcube, MDaemon, Horde, and Zimbra.
Read Full Article
24 Likes
TechCrunch
2M
404
Image Credit: TechCrunch
Coinbase says customers’ personal information stolen in data breach
- Crypto giant Coinbase confirms data breach where customer data, including personal information and government-issued ID documents, were stolen.
- Hacker obtained customer account information and demanded $20 million ransom, which Coinbase refuses to pay.
- The hacker accessed customer names, addresses, phone numbers, Social Security numbers, bank account details, and government IDs.
- Less than 1% of Coinbase's customers were affected by the breach, with estimated incident remediation and reimbursement costs between $180 million to $400 million.
Read Full Article
24 Likes
Kaspersky
2M
147
Image Credit: Kaspersky
Apple beefs up parental controls: what it means for kids | Kaspersky official blog
- Apple announced new initiatives for safer environment for kids using their devices, including easier setup of kids' accounts and sharing children's age with app developers for content control.
- Updates will be available later this year, with simplified Child Account creation and age editing options for parents.
- Apple will apply age-appropriate web content filters if parents don't set up devices for under-13 children; parental consent will be required for app downloads.
- New Declared Age Range API aims to address online age verification issue, allowing parents to authorize sharing age category with app developers.
- Apple introduces an updated age rating system with five categories to provide clearer app appropriateness information.
- Apple and Meta disagree on responsibility for online child safety, with Meta advocating age verification by app stores and Apple emphasizing app developer responsibility.
- There are concerns about entrusting child safety to tech giants profit from addictive products; Apple and Meta have faced criticisms over targeting young users.
- Child psychology experts warn about negative effects of unlimited digital content consumption on children's mental and physical health.
- Apple's advancements may be futile if third-party app developers do not cooperate; relying solely on tech giants' solutions is cautioned against.
- Kaspersky Safe Kids offers parental control solution to monitor child's activity, customize restrictions, and prevent digital addiction.
Read Full Article
8 Likes
Kaspersky
2M
105
Image Credit: Kaspersky
How phishing emails are sent from [email protected] | Kaspersky official blog
- Scammers are using a phishing scheme that impersonates genuine Google services to deceive victims.
- Phishing emails mimic official Google notifications, using a legitimate Google address: [email protected].
- Victims receive an email claiming Google has been subpoenaed for their account data, with a link to a fake Google support page.
- The link appears genuine with an official Google domain but actually leads to a phishing site on sites.google.com.
- Attackers exploit trust in the Google domain, making it challenging to spot the scam without close inspection.
- Scammers registered a domain, set up a fake Google Workspace account, and used OAuth technology for this phishing scheme.
- Although Google OAuth doesn't share credentials, it can provide limited account access to scammers.
- Victims were directed to download potentially malicious 'legal documents' on the fake Google Support page.
- Users are advised to carefully examine email headers, avoid clicking suspicious links, and use robust security solutions to prevent falling for phishing scams.
- Google is working on fixing the OAuth vulnerability that scammers exploited in this phishing campaign.
Read Full Article
6 Likes
Tech Radar
2M
73
Image Credit: Tech Radar
Millions seized and 17 arrested in Europol criminal banking bust
- Europol has successfully dismantled a criminal banking network involving 17 arrests across Europe.
- The arrested individuals, mainly of Chinese and Syrian nationality, are accused of providing money laundering services to criminals.
- Assets worth €4.5 million, electronic devices, firearms, €183,000 in cryptocurrency, and 77 bank accounts were seized in the takedown.
- Criminals are increasingly utilizing alternative banking methods to evade law enforcement and conduct illegal activities.
Read Full Article
4 Likes
Medium
2M
119
this is how small Instagram pages for earning large per month
- Many micro-Instagram pages in India with 10K–100K followers are earning ₹1–5 lakhs per month through various revenue streams and smart strategies.
- The revenue streams include paid shoutouts & collabs, affiliate marketing, digital products, paid newsletters, service offers, UGC licensing, and Instagram Shop/dropship. They typically earn ₹1 lakh – ₹4 lakhs+ per month.
- Influencers and content creators focus on niche positioning, content repurposing, trending formats, engagement loops, batching & scheduling to maximize their reach and engagement.
- Automation tools like ManyChat, PhantomBuster, Meta Business Suite, Later/Planoly, Jarvee, ChatGPT, Canva Pro, and Link-in-Bio tools help in automating tasks, scheduling posts, and optimizing content creation for increased efficiency.
Read Full Article
7 Likes
Tech Radar
2M
160
Image Credit: Tech Radar
Dior fashion brand hit by cyberattack and customer data leaked - here's what we know
- Global fashion brand Dior has confirmed a cyberattack where sensitive customer data was compromised.
- No passwords or payment data was taken in the attack.
- Dior is investigating the incident with the help of cybersecurity experts and no groups have claimed responsibility yet.
- Although passwords and payment information were not accessed, customer names, addresses, phone numbers, and purchase history were compromised.
Read Full Article
9 Likes
Global Fintech Series
2M
404
Image Credit: Global Fintech Series
Experimentation Frameworks for Fintech Product Iteration
- Experimentation frameworks play a vital role in helping Fintech companies adapt to evolving user expectations and regulatory environments, driving sustainable growth and delivering customer value.
- Key components of an effective experimentation framework in Fintech include hypothesis-driven development, segmentation, A/B testing, sequential testing, and defining success metrics.
- Fintech experimentation frameworks must consider compliance and risk factors, such as GDPR, PSD2, and AML directives, due to the sensitive nature of financial data.
- Successful experimentation leads to continuous improvement, guiding product pivots, informing pricing models, and inspiring new features in Fintech products.
- As AI and machine learning advance in Fintech, experimentation will focus on testing intelligent systems like personalized loan offers and predictive fraud detection.
- The future of experimentation in Fintech includes integrating explainable AI (XAI) to help stakeholders understand the reasoning behind changes, promoting transparent and compliant innovation.
- Building a culture of experimentation is mission-critical for Fintech companies to stay agile, competitive, and deliver user-centric solutions while addressing risk and compliance challenges.
- Continuous learning, scalability testing, and controlled rollouts are essential steps post-successful experimentation to ensure consistent feature performance across a broader user base.
- Fintech companies invest in data platforms and experimentation tools like Optimizely, LaunchDarkly, and product analytics tools to support robust experimentation frameworks.
- Collaboration between legal, compliance, product, and data science teams is crucial to ensure Fintech experiments align with regulatory standards and innovation goals.
- Experimentation frameworks in Fintech enable teams to test, learn, and iterate rapidly and efficiently, making data-driven decisions to enhance user engagement and business outcomes.
Read Full Article
24 Likes
For uninterrupted reading, download the app