menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

TechJuice

6d

read

396

img
dot

Image Credit: TechJuice

Meezan Bank Refuses Data Breach, Links Unauthorized Transactions to Third-Party Platforms

  • Meezan Bank clarifies that unauthorized debit card transactions were not a result of a data breach but customers sharing sensitive information on third-party platforms.
  • Affected customers have been compensated, and the bank assures the security of its systems.
  • The incident highlights concerns over cybercrime in Pakistan, leading to proposed changes to legislation.
  • Meezan Bank emphasizes the need for stronger cybersecurity measures to protect consumer data.

Read Full Article

like

23 Likes

source image

Pymnts

6d

read

941

img
dot

Image Credit: Pymnts

Chainalysis Acquires Hexagate to Combat Crypto Theft

  • Blockchain data platform Chainalysis acquires Hexagate, a security provider to companies like Coinbase and Consensys.
  • Chainalysis aims to expand beyond investigations into prevention to combat crypto theft.
  • Hexagate offers monitoring, mitigation, forensics, and compliance services, detecting known hacks and preventing them.
  • Crypto thefts and scams have been increasing, and Chainalysis intends to leverage Hexagate's expertise to enhance security in the crypto industry.

Read Full Article

like

22 Likes

source image

Cybersafe

6d

read

829

img
dot

Image Credit: Cybersafe

Hacker leak exposes 2.9GB from Cisco DevHub

  • A hacker known as IntelBroker has leaked 2.9GB of data allegedly stolen from Cisco's DevHub environment.
  • The breach originated from Cisco's public-facing DevHub portal due to inadequate security measures.
  • The compromised data includes source code, credentials, confidential documents, and cloud storage data.
  • Cisco has disabled public access to DevHub and engaged law enforcement and cybersecurity experts.

Read Full Article

like

20 Likes

source image

Siliconangle

6d

read

219

img
dot

Image Credit: Siliconangle

Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives

  • Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives
  • Spear phishing campaigns targeting corporate executives are becoming more sophisticated, particularly through mobile devices.
  • Threat actors impersonate trusted business platforms and internal communications to improve the effectiveness of their attacks.
  • Companies are advised to educate employees, prioritize mobile device security, and keep security policies and detection tools updated.

Read Full Article

like

13 Likes

source image

Siliconangle

6d

read

372

img
dot

Image Credit: Siliconangle

Bureau secures $30M to expand risk intelligence platform and global reach

  • Risk intelligence platform startup Bureau Inc. has raised $30 million in funding.
  • The funding will be used to expand the product into new use cases and markets.
  • Bureau offers a unified platform for compliance, fraud prevention, security, and credit risk management.
  • The platform has already found success in banking, fintech, gaming, and e-commerce sectors.

Read Full Article

like

22 Likes

source image

Tech Radar

6d

read

41

img
dot

Image Credit: Tech Radar

Fake Ledger data breach emails used to trick victims into giving up recovery phrases

  • Criminals are impersonating hardware wallet firm Ledger and sending phishing emails to steal cryptocurrency.
  • Victims receive emails claiming their Ledger wallet seed phrase is compromised and are asked to verify it through a phishing website.
  • The phishing website saves and relays the entered seed phrase to the attackers, resulting in permanent loss of funds.
  • The phishing emails are becoming more sophisticated, but clues like email addresses and website redirects can still be red flags.

Read Full Article

like

2 Likes

source image

Securityaffairs

6d

read

368

img
dot

Image Credit: Securityaffairs

Russia-linked APT29 group used red team tools in rogue RDP attacks

  • Russia-linked APT29 group used red team tools in rogue RDP attacks
  • APT29 group used malicious RDP configuration files in phishing emails to compromise systems
  • Targets lacked RDP connection restrictions allowing rogue RDP attacks
  • APT29 group heavily used anonymization layers like VPNs and TOR for the attacks

Read Full Article

like

22 Likes

source image

Medium

6d

read

107

img
dot

Image Credit: Medium

The Illusion of Online Privacy: What Luigi Mangione Can Tell Us About Our Digital Footprint

  • The internet quickly gathered an astonishing amount of personal data about Luigi Mangione before formal charges were even filed.
  • His digital footprint, including social media posts and online activity, contributed to the rapid dissemination of personal information.
  • This situation highlights the normalisation of a lack of privacy and the potential risks of oversharing online.
  • Taking practical steps to minimise exposure and protect data is crucial for maintaining online privacy.

Read Full Article

like

6 Likes

source image

Pymnts

6d

read

310

img
dot

Image Credit: Pymnts

Balancing Convenience and Security in the Age of QR Codes

  • The rise of QR codes in retail can be attributed to their simplicity and convenience.
  • Contactless menus and digital interactions drove the adoption of QR codes across industries even quicker.
  • QR codes offer a tool for elevated customer engagement.
  • However, QR codes also present security risks. The very factors that make QR codes convenient also make them a target for fraudsters.
  • Phishing, scams, and malware infections are the most common threats associated with QR codes.
  • Consumers must be cautious when scanning QR codes in public spaces
  • QR codes are likely to remain an integral part of the retail landscape, but security challenges will persist.
  • Retail locations should regularly inspect QR codes when they are in public places to spot malfeasance.
  • Retailers must take steps to ensure the security of the QR codes they use in-store and online.
  • QR codes should never really be used online, as most are just a visual form of a URL. If you want someone to visit a link, use a link.

Read Full Article

like

18 Likes

source image

Wired

6d

read

323

img
dot

Image Credit: Wired

Congress Again Fails to Limit Scope of Spy Powers in New Defense Bill

  • The US Senate passed the National Defense Authorization Act (NDAA) on Wednesday but stripped the bill of provisions designed to safeguard against excessive government surveillance.
  • The Senate’s 85–14 vote cements a major expansion of a controversial US surveillance program, Section 702 of the Foreign Intelligence Surveillance Act (FISA).
  • Biden’s signature will ensure that the Trump administration opens with the newfound power to force a vast range of companies to help US spies wiretap calls between Americans and foreigners abroad.
  • Senate Democrats made little effort to rein in the program despite concerns about unprecedented spy powers falling into the hands of controversial figures such as Kash Patel.
  • Legal experts began issuing warnings last winter over Congress’s efforts to expand FISA to cover a vast range of new businesses not originally subject to Section 702’s wiretap directives.
  • However, efforts to correct the issue proved to be in vain.
  • Wiretap orders executed under Section 702 are never reviewed by a federal judge.
  • Marc Zwillinger wrote in April that the changes to the 702 statute mean that 'any US business could have its communications [wiretapped] by a landlord with access to office wiring, or the data centers where their computers reside'.
  • FBI director Chris Wray announced plans last week to voluntarily step down at the conclusion of Biden’s term, potentially clearing the way for a Republican-controlled Congress to fast-track Patel’s confirmation.
  • Patel has falsely accused Biden of rigging the 2020 presidential election and has vowed to bring cases 'criminally or civilly' against members of the press.

Read Full Article

like

19 Likes

source image

Securityaffairs

6d

read

215

img
dot

Image Credit: Securityaffairs

Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677

  • Threat actors are attempting to exploit the vulnerability CVE-2024-53677 in Apache Struts.
  • The vulnerability allows attackers to achieve path traversal and remote code execution via file upload exploitation.
  • The root cause of the issue is an incomplete fix for another vulnerability tracked as CVE-2023-50164.
  • Users are recommended to upgrade to the latest version Struts 6.4.0 or greater and use Action File Upload Interceptor.

Read Full Article

like

12 Likes

source image

Tech Radar

6d

read

343

img
dot

Image Credit: Tech Radar

Thousands of SonicWall VPN devices are facing worrying security threats

  • Tens of thousands of SonicWall VPN firewall platforms are vulnerable to different flaws, putting their users at risk of remote exploitation, data breaches, privilege escalation, and more.
  • Cybersecurity researchers found that 430,363 endpoints were exposed to the internet, with almost 120,000 running versions affected by serious vulnerabilities.
  • 20,710 endpoints were running versions of the software that are no longer supported by the vendor.
  • To mitigate the threat, businesses should ensure they run the latest software versions and use supported endpoints.

Read Full Article

like

20 Likes

source image

Siliconangle

6d

read

306

img
dot

Image Credit: Siliconangle

Report: US investigating TP-Link and could ban its routers next year

  • Multiple federal agencies are investigating Chinese router maker TP-Link Technologies Co. for potential cybersecurity risks and anticompetitive pricing practices.
  • The investigations could lead to a ban on TP-Link routers next year.
  • TP-Link has experienced significant growth in the US market, with their share increasing from 20% in 2019 to 65% in 2020.
  • The Defense Department is also investigating TP-Link routers for potential national security vulnerabilities.

Read Full Article

like

18 Likes

source image

VentureBeat

6d

read

120

img
dot

Salesforce drops Agentforce 2.0, brings reasoning AI to enterprise

  • Salesforce has unveiled Agentforce 2.0, an AI platform that enables AI agents to perform deeper reasoning and take autonomous actions within enterprise workflows.
  • The platform introduces the Atlas Reasoning Engine, which enables AI agents to engage in more sophisticated analysis and decision-making.
  • Early results show a 33% improvement in answer accuracy and a 50% decrease in human escalations in customer support queries at Salesforce.
  • Salesforce sees AI agents as a crucial solution for labor shortages and aims to become a digital labor provider, opening up new possibilities for business growth.

Read Full Article

like

7 Likes

source image

TechCrunch

6d

read

364

img
dot

Image Credit: TechCrunch

Tracker firm Hapn spilling names of thousands of GPS tracking customers

  • GPS tracking firm Hapn is exposing names of thousands of customers due to a website bug.
  • The bug allows anyone to log in to view exposed data using developer tools in their web browser.
  • Exposed data includes names and business affiliations of customers but not location data.
  • Hapn has not responded to multiple emails and does not have a system for reporting vulnerabilities.

Read Full Article

like

21 Likes

For uninterrupted reading, download the app