A naukri.com initiative
Cyber Security News
Tech Radar
2M
217
Image Credit: Tech Radar
Suspect arrested with links to €4.5M DoppelPaymer ransomware attacks
- A 45-year-old foreign national was arrested in Moldova on suspicion of mounting multiple cyberattacks, including a ransomware attack causing €4.5 million in damages.
- The suspect is wanted for committing cybercrimes such as ransomware attacks, blackmail, and money laundering on companies based in the Netherlands.
- The ransomware attack targeted the Dutch Scientific Research Organization, leading to substantial material damage and data exposure when a ransom payment was not met.
- During the arrest, authorities seized various electronic devices and cash from the suspect, who is currently awaiting extradition.
Read Full Article
13 Likes
Global Fintech Series
2M
442
Image Credit: Global Fintech Series
Federated Learning for AML: Fighting Money Laundering
- Federated Learning (FL) presents a groundbreaking approach to AML, allowing multiple institutions to collaborate on AI-driven detection models without sharing customer data.
- FL enhances AML systems by improving detection accuracy while maintaining data privacy and regulatory compliance.
- Traditional AML systems struggle with limited data sharing, high false positives, evolving laundering techniques, and regulatory compliance challenges.
- FL facilitates collaborative AML model training without sharing raw data and enhances detection through exposure to diverse money laundering patterns.
- FL reduces false positives and compliance costs by training AI models on broader datasets and adapting to emerging laundering tactics.
- Challenges in implementing FL for AML include standardization, computational costs, security risks, and balancing privacy with regulatory oversight.
- Future implications of FL in AML include AI-powered regulatory sandboxes, cross-border collaboration, integration with blockchain, and real-time detection systems.
- FL revolutionizes AML efforts by enabling secure collaboration, reducing false positives, and ensuring compliance with data privacy laws.
Read Full Article
26 Likes
TechDigest
2M
280
Image Credit: TechDigest
M&S admits customer data was stolen in cyber attack
- Marks & Spencer has confirmed a cyber attack resulted in stolen customer data and disruptions to their operations.
- The incident affected customers' personal information, prompting password resets, but no payment details were compromised.
- The cyber attack led to online order halts, empty shelves, and a drop in M&S's share price.
- M&S is taking measures to investigate the breach, improve security, and recover from the incident that impacted its supply chain.
Read Full Article
16 Likes
Dev
2M
294
Image Credit: Dev
Real-Time Attack Monitoring with SafeLine: Setting Up Syslog Integration
- SafeLine supports forwarding detailed logs via Syslog for better visibility into real-time web attacks.
- To set up Syslog integration in SafeLine, configure Syslog settings in the dashboard with the required server address and port.
- SafeLine logs are formatted in structured JSON, providing detailed context about HTTP requests, attack events, and enforcement actions.
- Integration with Syslog centralizes WAF logs, offers real-time threat insights, and enables automated responses using external systems.
Read Full Article
17 Likes
Lastwatchdog
2M
382
Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated
- The cybersecurity landscape is rapidly evolving, putting Chief Information Security Officers (CISOs) under immense pressure to defend critical assets and demonstrate fluency in the boardroom.
- CISOs often lack authority, resources, or organizational alignment, leading to burnout, scapegoating, and, in extreme cases, criminal charges.
- The GenAI wave has flooded security vendors with tools but also disrupted organizational dynamics, creating uncertainty and blurring responsibility lines.
- Steve Tout's book, 'The CISO on the Razor’s Edge,' presents Strategic Performance Intelligence (SPI) as a model to help CISOs regain influence and align cybersecurity with business outcomes.
- SPI differs from traditional approaches by considering environment variables like team health, leadership alignment, and strategy-execution gaps, in addition to tech monitoring.
- CISOs are urged to move beyond technical focus, enhance leadership skills, and align cybersecurity with real business objectives to avoid being reduced to purely technical roles.
- Agentic AI presents opportunities for CISOs by enhancing defense capabilities, providing insights, and offering performance improvements for lean teams.
- To avoid being scapegoated, CISOs are advised to negotiate shared goals and liabilities, prioritize transparency, and consider contractual protections amid growing cybersecurity threats.
- The persistence of 'strategic amnesia' in organizations, where hard lessons are forgotten after crises, is attributed to a focus on technology, compliance, and short-term survival over long-term investment in cybersecurity.
- CISOs are encouraged to shift from tactical defense to strategic influence by demonstrating cybersecurity's role as a business enabler with measurable ROI and aligning security initiatives with business outcomes.
Read Full Article
22 Likes
Global Fintech Series
2M
419
Image Credit: Global Fintech Series
Softstack Completes Smart‑Contract Audit of Fetch AI’s Agentverse Launchpad, and Eliminates Risks
- Softstack audits Fetch AI’s Agentverse launchpad, fixes key risks, and strengthens security for tokenized AI agents and bonding-curve sales.
- Softstack finalized a comprehensive smart-contract audit for Fetch AI’s Agentverse Launchpad, reviewing Solidity code governing AgentCoin deployments, bonding-curve sales, liquidity listing, and multisig governance.
- Auditors identified one high-severity, one medium-severity, and two low-severity issues in the audit, which were promptly addressed by Fetch AI.
- Fetch AI aims to create a decentralized machine-to-machine economy using AI, multi-agent systems, and blockchain, while Softstack specializes in securing Web3 projects and has audited over $100 billion in user funds.
Read Full Article
25 Likes
Medium
2M
161
Image Credit: Medium
RAILGUN: Elevating Privacy in Decentralized Finance
- RAILGUN is a smart contract-based privacy system that enables private transactions on public blockchains like Ethereum.
- Founded by Emmanuel Goldstein and Alan Scott, RAILGUN gained attention when Ethereum co-founder Vitalik Buterin publicly endorsed the protocol.
- RAILGUN uses zk-SNARKs to provide privacy for DeFi transactions without the need for standalone privacy coins.
- The $RAIL token plays a crucial role in supporting and growing the RAILGUN ecosystem, offering an innovative solution for privacy in decentralized finance.
Read Full Article
9 Likes
Siliconangle
2M
326
Image Credit: Siliconangle
Riverbed introduces new SteelHead 90 network acceleration appliances
- Riverbed Technology LLC has introduced a new line of network acceleration appliances called the SteelHead 90 series with four devices powered by RiOS 10 operating system.
- The SteelHead appliances compress data to boost network speeds and are designed to increase data throughput by up to 60 gigabits per second.
- The RiOS 10 operating system includes performance optimizations and cybersecurity features like Intel's TDX technology for data protection.
- In addition to the hardware appliances, Riverbed also offers a cloud edition called SteelHead Cloud, and will be launching SteelHead RS software for storing backup copies of files on edge computing devices.
Read Full Article
19 Likes
Medium
2M
262
Image Credit: Medium
The Internet Computer’s Privacy, Security, and Speed
- The Internet Computer network consists of over 571 high-performance computer nodes distributed in 37 subnets across 32 countries, offering exceptional speed and surpassing blockchains like Solana, Bitcoin, and Ethereum, achieving over 12,000 transactions per second.
- Each subnet is decentralized, resilient, and ranges from 13 to 34 and 40 nodes, making network failure difficult as even if 25% of the nodes fail, the network continues to function normally.
- The Internet Computer blockchain offers robust security measures with decentralized nodes requiring thorough evaluation, hardware investment, and compliance with hosting regulations in Tier-3 data centers across recommended countries.
- The Internet Computer's sophisticated cryptographic technology, decentralized network, and efficient consensus protocol make it a highly advanced and secure blockchain platform, emphasizing privacy and performance.
Read Full Article
15 Likes
Fintechnews
2M
228
Image Credit: Fintechnews
AUSTRAC to Expand Fintel Alliance Following Success in Combating Financial Crime
- AUSTRAC is expanding its Fintel Alliance initiative which has been successful in combating financial crime through collaborative intelligence sharing.
- Fintel Alliance, established in 2017, involves major banks, remittance and gambling service providers, and law enforcement agencies sharing real-time data and insights.
- The alliance's efforts have led to the detection of serious crimes including money laundering, child exploitation, and tax evasion by analyzing millions of cash deposit transactions.
- To support its growth, AUSTRAC is increasing staff capacity, enhancing the analytics hub, and engaging more industry partners, with a focus on tackling organized crime and expanding its regulatory oversight.
Read Full Article
13 Likes
Dev
2M
267
Image Credit: Dev
OAuth 1.0 vs OAuth 2.0 in .NET Core
- OAuth 1.0 and OAuth 2.0 are compared in the context of .NET Core development.
- OAuth 1.0 is strict, uses cryptographic signatures, and is more complex, while OAuth 2.0 is framework-based, uses bearer tokens, and is simpler.
- OAuth 1.0 focuses on access tokens, whereas OAuth 2.0 supports multiple token types and relies on HTTPS for security.
- OAuth 2.0 is recommended for modern web APIs, mobile apps, and integrations with providers like Google, Facebook, etc., due to its flexibility and industry-wide adoption.
Read Full Article
16 Likes
Cybersecurity-Insiders
2M
18
Image Credit: Cybersecurity-Insiders
Are Cloud Storage Solutions 100% Secure with Regards to Cybersecurity?
- Cloud storage solutions are not 100% secure in terms of cybersecurity, but major providers offer robust security measures like encryption, redundancy, access controls, and constant monitoring.
- Potential security risks include human error, account compromise, insider threats, and service outages or breaches, highlighting the importance of user awareness and best practices.
- The shared responsibility model in cloud security divides responsibility between providers securing the infrastructure and users securing their data and access points.
- While cloud storage is generally secure when used correctly, businesses handling sensitive data need to implement additional precautions like end-to-end encryption, data classification, and regulatory compliance.
Read Full Article
1 Like
Cybersecurity-Insiders
2M
294
Image Credit: Cybersecurity-Insiders
Malware emerging from AI Video generation tools
- Cybercriminals are exploiting AI video generation platforms to distribute malware, with the recent emergence of the Noodlophile malware, an info-stealer targeting sensitive user data.
- Recent investigations by cybersecurity researchers reveal that hackers are leveraging seemingly legitimate AI video tools to infect users' devices with malware, aiming to generate income through ad revenue and malware distribution.
- To attract users, cybercriminals promote fake AI tools like Luma Dreammachine AI and gratislibros on social media, making it crucial for users to be cautious and avoid clicking on suspicious links.
- Authorities are facing challenges in combating malware embedded within popular applications and websites, highlighting the need for users to be vigilant, download software from reputable sources, and avoid engaging with dubious services promoted on social media.
Read Full Article
17 Likes
Cheapsslshop
2M
401
Image Credit: Cheapsslshop
SSL Certificate for Subdomains: Which Certificate Does Your Website Need?
- Choosing the right SSL Certificate for Subdomains is crucial to ensure overall security and trust for your website.
- Businesses are now opting for Wildcard SSL Certificates to secure the primary domain and all its first-level subdomains with a single solution.
- SSL (Secure Socket Layer) or TLS (Transport Layer Security) encrypts data transmission between an internet server and a web browser, ensuring secure communication.
- Having SSL protection is important as it signifies a secure connection with websites starting with HTTPS, prioritized by modern browsers and search engines.
Read Full Article
22 Likes
Securityaffairs
2M
41
Image Credit: Securityaffairs
Apple released security updates to fix multiple flaws in iOS and macOS
- Apple released urgent security updates for iOS and macOS to fix critical vulnerabilities that could be exploited by attackers.
- The updates address flaws in AppleJPEG, CoreMedia, ImageIO, and WebKit components that could lead to memory corruption or unexpected crashes.
- iOS 18.5 update resolved multiple critical flaws, including file-parsing issues in CoreAudio, CoreGraphics, and ImageIO.
- Updates for macOS and other Apple devices were also released to address vulnerabilities in various components like mDNSResponder, Notes, FrontBoard, iCloud Document Sharing, and Mail Addressing.
Read Full Article
2 Likes
For uninterrupted reading, download the app