A naukri.com initiative
Cyber Security News
TechCrunch
1w
131
Image Credit: TechCrunch
ICEBlock, an app for anonymously reporting ICE sightings, goes viral overnight after Bondi criticism
- ICEBlock, an iPhone app that allows users to anonymously report sightings of U.S. Immigration and Customs Enforcement (ICE) agents, gained popularity after criticism from U.S. Attorney General Pam Bondi.
- ICEBlock surged in popularity after Bondi's comments, reaching one of the top spots in the U.S. app store rankings, with about 20,000 users primarily in Los Angeles.
- The app enables users to report ICE sightings within a five-mile radius, providing notifications when ICE agents are nearby, while ensuring user anonymity and not storing any user data.
Read Full Article
7 Likes
Pymnts
1w
915
Image Credit: Pymnts
Standard Chartered Faces Lawsuit Related to Decade-Old 1MDB Scandal
- Standard Chartered is facing a lawsuit in Singapore by liquidators attempting to recover funds from Malaysia's 1MDB scandal.
- The lawsuit alleges that Standard Chartered enabled fraud against 1MDB over 10 years ago.
- Kroll is seeking to recover $4.5 billion stolen from 1MDB, claiming Standard Chartered facilitated intrabank transfers to conceal the money movement.
- The financial scandal, involving major money laundering and misappropriation of funds, has resulted in legal actions by authorities and led to the downfall of high-profile individuals.
Read Full Article
3 Likes
Dev
1w
350
Image Credit: Dev
Reference Architecture for Team AI Productivity
- Exploration of team AI productivity architecture for secure, convenient organization-wide AI chat interactions.
- Discussion on components like web chat portal, model provider, management layer, persistence layer.
- Integration of context layer for providing additional knowledge and capabilities to AI systems.
- Importance of securing AI chat provider to prevent potential attacks and leveraging curated models.
Read Full Article
21 Likes
Tech Radar
1w
242
Image Credit: Tech Radar
Microsoft 365 and Google Workspace could put sensitive data at risk because of a blind spot in default email behavior
- Experts warn that emails with sensitive data are being delivered unencrypted without notification in Microsoft 365 and Google Workspace.
- Microsoft 365 sends emails in plain text when encryption fails without alerting users, while Google Workspace uses insecure TLS versions without warning senders or rejecting messages.
- Default email behaviors in these platforms undermine encryption, posing serious compliance risks, especially for healthcare organizations sending Protected Health Information.
- Despite warnings against outdated TLS protocols, both platforms continue to expose data, risking compliance violations and potential data breaches.
Read Full Article
14 Likes
Medium
1w
8
Image Credit: Medium
Your Watch is Watching You. But Who’s Watching Your Watch?
- A security report revealed Bluetooth vulnerabilities in COROS watches that could compromise user safety.
- The report raised concerns about privacy and security for athletes who rely on GPS watches for safety during activities.
- The vulnerabilities highlighted in the report could allow attackers within Bluetooth range to exploit the watches without authentication.
- The findings serve as a warning for the wearable tech industry as a whole, emphasizing the importance of prioritizing security in devices marketed for safety and performance.
Read Full Article
Like
Securityaffairs
1w
163
Image Credit: Securityaffairs
A sophisticated cyberattack hit the International Criminal Court
- The International Criminal Court (ICC) is investigating a sophisticated cyberattack that was recently detected and contained.
- The ICC confirmed that the cyberattack was discovered and addressed by its defense systems, marking the second attack of this nature in recent years.
- The ICC stresses the importance of notifying the public and States Parties about cyber incidents and seeks ongoing support for its pursuit of justice and accountability.
- Technical details about the cyberattack were not disclosed, and it remains uncertain whether a data breach occurred. The ICC is an international tribunal headquartered in The Hague, Netherlands.
Read Full Article
9 Likes
Siliconangle
1w
91
Image Credit: Siliconangle
New Cloudflare feature lets websites charge AI developers for content access
- Cloudflare introduces a new pay per crawl feature allowing website operators to charge AI developers for content access.
- Website operators define a fee for AI bots accessing their content; Cloudflare aims to prevent unauthorized data scraping and hacking attempts.
- Cloudflare uses public key cryptography to verify AI crawler requests and block malicious activity within the pay per crawl feature.
- Apart from this new feature, Cloudflare also introduced additional AI-focused capabilities like default blocking of AI crawlers and selective blocking of crawlers from pages with ads.
Read Full Article
5 Likes
Siliconangle
1w
122
Image Credit: Siliconangle
AI game changer? Cloudflare lets websites charge AI developers for content access
- Cloudflare has introduced a new pay per crawl feature that allows website operators to charge AI developers for accessing their content.
- Website operators can set a flat fee for AI bots to access their content, with the ability to customize settings for specific crawlers if needed.
- Cloudflare's pay per crawl feature uses public key cryptography to verify AI crawl requests and prevent malicious activities like impersonation.
- The company also launched other AI-focused capabilities, including default blocking of AI crawlers and a setting to only block crawlers from accessing pages with ads.
Read Full Article
7 Likes
Ars Technica
1w
146
Image Credit: Ars Technica
US critical infrastructure exposed as feds worn of possible attacks from Iran
- Hackers affiliated with the Iranian government are likely to target industrial control systems at critical infrastructure in the US, particularly those manufactured by Israel-based companies, as retaliation for recent military actions.
- The Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center, and the National Security Agency issued a joint advisory warning US companies, especially those in the Defense Industrial Base, of the heightened risk of cyber attacks from Iran.
- Recent incidents showed hackers compromising Israeli-made control systems used in water facilities, affecting at least 75 devices, including 34 in US-based water facilities, exposing vulnerabilities like default passwords or lack of password protection.
- Security firm Censys revealed that devices from Israeli and other manufacturers like Unitronics, Orpak SiteOmat, Red Lion, and Tridium Niagara framework are not properly secured, with exposed devices increasing in number, emphasizing the importance of implementing strong passwords for protection.
Read Full Article
8 Likes
Pymnts
1w
204
Image Credit: Pymnts
Mastercard Launches Program to Support Cybersecurity Startups
- Mastercard has launched a new program called 'Security Solutions' under its Start Path initiative to support cybersecurity startups.
- The program aims to assist startups in cybersecurity, fraud mitigation, digital identity, and payment resiliency.
- Startups like OneID, Scamnetic, Spec, VanishID, and Shield-IoT have joined the program to provide innovative security solutions.
- Mastercard's EVP Johan Gerber emphasized the importance of security for digital commerce in a continually evolving threat landscape.
Read Full Article
12 Likes
Medium
1w
384
Image Credit: Medium
Suzanne Alipourian-Frascogna: Bridging Cybersecurity and Product Management in the Digital Era
- Cybersecurity has become crucial in the digital era, requiring secure products that balance innovation and protection.
- Suzanne Alipourian-Frascogna epitomizes effective cybersecurity product management, embedding security throughout the product lifecycle.
- She excels at balancing usability and security, collaborating across teams to ensure products are both robust and user-friendly.
- Suzanne's metric-driven approach and mentorship efforts highlight her commitment to proactive cybersecurity measures and leadership in the field.
Read Full Article
23 Likes
Medium
1w
188
Image Credit: Medium
The Data Protection Triad: A Comprehensive Analysis of Anonymization, Cryptography, and…
- Anonymization, cryptography, and pseudonymization are key pillars of data protection strategies.
- Anonymization severs link between data and individual permanently, while cryptography ensures confidentiality.
- Pseudonymization bridges reversible separation. Understanding each method's strengths is crucial for data protection.
- Article delves into details, comparisons, legal aspects, and evolving technologies within data protection.
- Understanding and implementing hybrid data protection approaches are vital in modern security frameworks.
Read Full Article
11 Likes
Medium
1w
234
Image Credit: Medium
Easy, Fast & Secure: The New Onboarding Experience on Teep Mobile
- Teep Mobile introduces a faster, seamless onboarding experience that eliminates long forms and verification processes.
- The new onboarding process allows users to register in less than a minute, set up their profile with a phone number and a few taps, and access virtual wallet and account services immediately.
- Teep Mobile enhances security with the addition of biometric login features such as fingerprint and PIN access, ensuring secure and convenient account access.
- The platform's strong commitment to data security includes end-to-end encryption, multi-factor authentication, compliance with data protection regulations, and secure biometric data handling.
Read Full Article
14 Likes
Securityaffairs
1w
413
Image Credit: Securityaffairs
Esse Health data breach impacted 263,000 individuals
- A cyberattack on healthcare provider Esse Health in April 2025 exposed data of 263,000+ patients, including SSNs and medical info.
- The breach, discovered on April 21, affected electronic medical records and phone systems.
- Stolen data included names, Social Security numbers, medical, and insurance info, impacting 263,601 people.
- Esse Health is enhancing security measures to prevent future incidents and offering free identity protection to affected individuals.
Read Full Article
24 Likes
Tech Radar
1w
104
Image Credit: Tech Radar
This popular Windows software used by millions has a serious security vulnerability - here's what you need to know
- A serious security vulnerability in the iconic file archiving tool WinRAR could allow attackers to run arbitrary code on affected systems.
- The vulnerability (CVE-2025-6218) was discovered by a researcher working with Trend Micro’s Zero Day Initiative and allows files to be placed in unintended directories, such as the Windows Startup folder.
- RARLAB has released WinRAR version 7.12 to address the critical security flaw in the way WinRAR handles file paths within archives.
- Windows users are urged to update WinRAR to version 7.12 promptly to mitigate the risk of exploitation and improve file safety.
Read Full Article
6 Likes
For uninterrupted reading, download the app