A naukri.com initiative
Cyber Security News
Insider
2M
234
Image Credit: Insider
A European defense startup is making drone submarines that can lurk underwater for 3 months at a time
- German defense tech startup Helsing is developing AI-equipped submarine drones that can operate underwater for up to three months at a time.
- The drones, controlled by a single operator, use AI software to detect subsea threats, identify ships, and submarines based on sound patterns.
- With European militaries increasing sea monitoring efforts, Helsing's drones aim to bolster defenses amid growing threats to critical subsea cable infrastructure.
- NATO's focus on defending underwater infrastructure and collaboration with startups like Helsing reflects the importance of using advanced technology for maritime security.
Read Full Article
14 Likes
Dev
2M
349
Image Credit: Dev
How to Effectively Vet Your Supply Chain for Optimal Performance
- SafeDep's vet tool helps guard software supply chains by checking libraries for hidden risks, preventing potential security breaches and malware spread.
- Supply chain attacks, such as malicious code injection, require a comprehensive solution like vet, which goes beyond conventional scanning methods.
- vet uses CEL to automate compliance, customize risk thresholds, and leverage vulnerability feeds, popularity metrics, and more for risk assessment.
- Key features of vet include code analysis, OSV integration, popularity checks, license compliance, OpenSSF Scorecards, and transitive dependency coverage.
- Installation of vet involves using CLI commands for setting up filter suites and running scans to ensure supply chain security.
- Integration with CI/CD workflows, like GitHub Actions, allows vet to assess policies on every pull request, facilitating early security checks.
- Real-world case studies show significant reductions in high-severity vulnerabilities and unmaintained packages after implementing vet in organizations.
- By enforcing policies and automating remediation workflows, vet enhances security, reducing vulnerabilities and accelerating response times.
- vet revolutionizes software supply chain security by integrating policy-as-code principles and metadata from various sources for comprehensive protection.
- Organizations can define security requirements in CEL filters, enforce them in CI/CD pipelines, and improve risk management with vet's real-time defense capabilities.
Read Full Article
21 Likes
Securityaffairs
2M
151
Image Credit: Securityaffairs
U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog
- U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet vulnerability to its Known Exploited Vulnerabilities catalog, impacting several Fortinet products.
- A critical remote code execution zero-day vulnerability, CVE-2025-32756, in FortiVoice systems was exploited by threat actors to execute arbitrary code.
- Attackers scanned networks, erased crash logs, enabled debugging, and captured login credentials after exploiting the vulnerability.
- CISA ordered federal agencies to address the identified vulnerability by June 4, 2025, in line with cybersecurity directives to protect networks and infrastructure from potential attacks.
Read Full Article
9 Likes
Socprime
2M
441
Image Credit: Socprime
What Is Generative AI (GenAI)?
- Generative AI (GenAI) is gaining prominence in cybersecurity, offering new opportunities for organizations to improve security strategies and defense models by integrating generative AI into workflows.
- Generative AI involves ML models creating new content by learning patterns from existing data to generate realistic artifacts at scale, evolving rapidly to handle various tasks efficiently.
- Built on deep learning and neural networks, generative AI uses transformer models for tasks like summarization, translation, and code generation, training on large datasets that enable context understanding over long sequences.
- In cybersecurity, GenAI is utilized for threat intelligence, alert triage, detection engineering, false-positive reduction, vulnerability management, analysis, summarization, training, and policy drafting.
- While GenAI offers productivity gains, human oversight remains vital due to potential inaccuracies and biases in AI-generated outputs, necessitating validation.
- GenAI is being used for automating tasks like summarizing threat data, creating detection rules, reducing false positives, prioritizing vulnerabilities, and generating training content efficiently.
- Challenges with generative AI include adversaries leveraging AI tools for malicious purposes, introducing new risks and complexities, and necessitating increased cybersecurity resources and regulations.
- SOC Prime's AI SOC Ecosystem combines AI-powered solutions to enhance cybersecurity operations, using large language models and ML models to bolster detection engineering and automated threat hunting.
- Uncoder AI, a major component of the ecosystem, offers various AI-powered features including generation from threat reports, custom prompts, decision tree summarization, rule optimization, syntax validation, and MITRE ATT&CK tag prediction.
- Overall, generative AI is transforming cybersecurity operations by augmenting human expertise, accelerating analysis, and improving defense capabilities across diverse security tasks, while necessitating continuous human validation and oversight.
Read Full Article
26 Likes
Pymnts
2M
151
Image Credit: Pymnts
Digital Wallets Want to Replace Your Apps, Not Just Your Cards
- Digital wallets have evolved from niche to powerful tools reshaping global payments, driven by speed, security, and transparency.
- Speed is crucial in cross-border payments, with digital wallets offering near-instantaneous transfers, a key factor for adoption.
- Security plays a vital role in retaining users, with trust frameworks and transparency being key to future loyalty.
- Transparency is emerging as a crucial aspect of digital wallet adoption, providing users with the ability to track payments and ensure accountability.
Read Full Article
9 Likes
Securityaffairs
2M
409
Image Credit: Securityaffairs
Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc
- Kosovo citizen Liridon Masurica (33) extradited to the US for running cybercrime marketplace BlackDB.cc and facing related charges.
- BlackDB.cc, an online criminal marketplace active since 2018, offered compromised credentials and PII for sale.
- Masurica charged in the US with six fraud-related counts, faces up to 55 years in prison for conspiracy and unauthorized access device usage.
- The US Department of Justice seized another cybercrime marketplace Rydox, arresting three Kosovo nationals, including administrators, for facilitating sales of stolen personal data and fraud tools.
Read Full Article
24 Likes
Medium
2M
0
Image Credit: Medium
Do You Really Need a VPN on Your Mac? Here’s the Truth
- Using Apple's built-in protection on your Mac may not be sufficient against threats from public networks, advertisers, and ISPs.
- A VPN creates an encrypted tunnel between your Mac and the internet, safeguarding your online activity and preventing others from exploiting your data.
- It is crucial for everyday Mac users to consider VPNs to address privacy concerns and security gaps.
- Without a VPN, activities on unsecured networks like public Wi-Fi can be easily intercepted by hackers, highlighting the importance of encryption for data protection.
- VPN technology also helps bypass geo-blocking restrictions, enabling users to access content from anywhere in the world.
- In scenarios like using campus Wi-Fi, a VPN can aid in overcoming limitations imposed on access to apps, websites, and streaming services.
- When selecting a VPN for your Mac, prioritize providers with stringent privacy policies, strong encryption, kill switches for added security, and reliable performance.
- Free VPNs may compromise on security or privacy; opt for trustworthy providers offering transparent terms and limited free plans for basic protection.
- Look for VPN services with positive reviews, transparent policies, and user-friendly interfaces to ensure ease of use, especially if you're new to VPNs.
- A good VPN should have native Mac apps for straightforward installation and connection, enhancing user experience and privacy.
- In conclusion, using a VPN on your Mac is advisable for protecting your data, maintaining privacy, and ensuring a secure online experience.
Read Full Article
Like
Medium
2M
174
Image Credit: Medium
Tails Operating System Explained
- Tails OS provides enhanced privacy and security for users concerned about their online activities being monitored.
- It is a free, open-source operating system designed to offer anonymity and protect user data from surveillance.
- Privacy professionals recommend Tails OS for individuals such as journalists, activists, and those seeking to avoid online tracking.
- Tails OS helps users regain personal freedom on the internet by ensuring their online activities remain private and secure.
Read Full Article
10 Likes
Global Fintech Series
2M
55
Image Credit: Global Fintech Series
Transactix Launches New Era in Canadian Payments
- Transactix Financial Inc. introduces the Open Value Network to revolutionize Canadian payments by reducing fees and inefficiencies.
- OVN enables immediate and cost-effective transfer of digital value, challenging the high costs associated with traditional financial transfers in Canada.
- The platform aims to empower consumers, drive fintech growth, and enhance Canada's economic sovereignty in the digital economy.
- OVN advocates for regulatory modernization, showcases innovative technologies to lower costs, and emphasizes economic resilience for Canada.
Read Full Article
3 Likes
Medium
2M
55
Image Credit: Medium
The Daily Tech Digest: 15 May 2025
- The Daily Tech Digest on May 15, 2025 highlighted advancements in AI and Machine Learning, including OpenAI's Safety Evaluations Hub and new versions of GPT models.
- Granola, an AI note-taking app, secured $43 million in funding, reflecting investor confidence in AI productivity tools.
- Issues with Elon Musk's xAI chatbot, Grok, inserting harmful content emphasized challenges in controlling AI model outputs.
- Microsoft introduced GitHub Copilot agent mode for AI-assisted task handling in software development, showcasing AI evolution.
- OpenAI considered building data centers in the UAE to expand infrastructure capacity and serve growing market demands.
- NVIDIA highlighted Physical AI at GTC Taipei, focusing on industrial autonomy and AI-powered transformation in manufacturing.
- Cybersecurity concerns were raised with threats against US judges and the need for vigilance against online harassment and data exploitation.
- Microsoft announced layoffs affecting 3% of its workforce, indicating a strategic realignment or cost-reduction effort.
- YouTube experimented with ad placement after 'peak' moments to optimize engagement, while Microsoft shut down Bing Search APIs.
- Uber introduced fixed-route shuttles, competing in the commuter transit market by offering cost-effective options.
Read Full Article
3 Likes
Cybersecurity-Insiders
2M
257
Image Credit: Cybersecurity-Insiders
Google warns of US retail cyber attacks and M & S insurance payout to cost £100m
- Google's Threat Intelligence team has issued a warning for U.S. retailers about potential cyberattacks by Scattered Spider, a sophisticated cybercriminal group.
- Scattered Spider, also known as UNC3944, is suspected of targeting major UK retailers with DragonForce ransomware and may expand its operations to the U.S.
- Mandiant, in partnership with Google, is offering a cybersecurity playbook to help businesses defend against advanced threats like Scattered Spider.
- Marks & Spencer is expected to file a £100 million insurance claim to cover recovery costs after a cyberattack linked to Scattered Spider.
- The cyberattack on Marks & Spencer led to operational disruptions, financial losses, and potential damage to the company's reputation and trust with consumers.
- The insurance claim payout for the cyberattack on Marks & Spencer is uncertain and depends on factors such as IT infrastructure preparedness.
- Cyber insurance considerations include premiums tied to cybersecurity preparedness, potential coverage exclusions for specific cyber risks, and future pricing adjustments.
- As cyber threats increase, organizations, especially in retail, must prioritize cybersecurity measures and insurance coverage to mitigate financial impacts.
- CIOs and CTOs need to reassess cyber insurance strategies as premiums rise and coverage options change due to evolving cyber threats.
- Vigilance in the retail sector is paramount to safeguard customer data and financial transactions from cybercriminals as cyber threats continue to evolve.
Read Full Article
15 Likes
Cryptonews
2M
96
Safe Enough To Store Trillions: Ethereum’s New Plan To Boost Security and Interest
- The Ethereum Foundation has announced the 'Trillion Dollar Security' initiative to strengthen Ethereum's security for safely storing trillions of dollars worth of value on-chain.
- The initiative involves identifying and fixing security vulnerabilities, communicating Ethereum's security advantages over other networks, and aiming to secure trillions on the network.
- The plan includes mapping the network for security weaknesses, executing fixes prioritized by the mapping, and emphasizing the security benefits of Ethereum to users.
- Despite Ethereum's weaker price performance compared to competitors like Solana, Ethereum remains the second largest cryptocurrency by market cap and dominates the DeFi market with over 50% of the total value locked.
Read Full Article
5 Likes
Medium
2M
32
Image Credit: Medium
Advancing Quantum Machine Learning with Multi-Chip Ensemble Architectures
- The Multi-Chip Ensemble VQC framework, developed by researchers like Junghoon Justin Park and others, partitions quantum computations across multiple quantum chips for scalability and noise resilience.
- Key benefits of this framework include its validation with standard datasets and robustness under realistic noise models, showcasing potential for practical Quantum Machine Learning (QML) applications.
- The framework aligns with industry efforts for scalable quantum architectures, such as Rigetti Computing's multi-chip processor and MIT's modular hardware platform, highlighting the trend towards modular and scalable quantum computing solutions.
- The Multi-Chip Ensemble VQC framework is a significant advancement in practical and scalable Quantum Machine Learning, offering a modular approach that addresses challenges of NISQ devices, positioning it as a promising solution for future QML applications.
Read Full Article
1 Like
Idownloadblog
2M
197
Image Credit: Idownloadblog
Security researcher shares PoC for CVE-2023-41992 local privilege escalation bug
- Apple patched a security vulnerability (CVE-2023-41992) in iOS & iPadOS 16.7 discovered by Bill Marczak, which allowed local privilege escalation.
- iOS security researcher @karzan_0x455 shared a proof of concept for the CVE-2023-41992 vulnerability showing how it can be exploited.
- The proof of concept demonstrates the local privilege escalation bug, providing insights for potential hackers to create exploits, jailbreaks, or TrollStore installation methods.
- While the bug may not lead to immediate jailbreaks due to additional security bypass requirements, it could be valuable for future projects like alternative installation methods up to iOS & iPadOS 17.0.
Read Full Article
11 Likes
Cybersecurity-Insiders
2M
331
Image Credit: Cybersecurity-Insiders
Data Protection Market: Endless Possibilities to Ensure a Secure Future
- The average cost of a data breach is projected to exceed USD 4 million by 2025, having already hit approximately USD 4.86 million globally in 2024.
- Data protection is crucial in safeguarding individual rights, fostering trust in digital interactions, and maintaining personal integrity.
- The market for data protection is estimated to grow to USD 1.12 trillion by 2037, from USD 158.77 billion in 2024, driven by increased awareness of data integrity and cybersecurity threats.
- With the rise of remote work, strong data protection measures are necessary, as breaches related to remote work cost USD 173,073 on average per occurrence.
- Organizations are adopting Zero Trust Architecture (ZTA) to enhance cybersecurity, especially in response to the surge in remote work and cyber threats targeting SMBs.
- The shift to cloud computing has necessitated robust data protection strategies, with over 75% of data breaches in 2023 originating from data stored on the cloud.
- Stringent data privacy laws worldwide, such as the Digital Personal Data Protection Act in India and GDPR in the EU, emphasize the importance of safeguarding data from breaches and illegal access.
- Businesses are focusing on complying with data privacy regulations to maintain trust, protect assets, and ensure sustainability amidst increasing concerns over data breaches.
- Data protection remains a top priority for all businesses to uphold data confidentiality, integrity, and individual rights, amidst evolving regulations and technological advancements.
- The global data protection market is poised for substantial growth in response to the evolving cybersecurity landscape and heightened focus on data privacy and security.
Read Full Article
19 Likes
For uninterrupted reading, download the app