menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Insider

6d

read

161

img
dot

Image Credit: Insider

The best smoke detectors of 2024, tested and reviewed

  • A reliable smoke detector is essential in any home.
  • The best smoke detectors let you sleep easy knowing your home is protected from fire and carbon monoxide by a reliable, audible alarm.
  • X-Sense SC01 is the top pick for its ease of installation, reliability, and loudness.
  • First Alert PRC710 is the runner-up with a photoelectric sensor to detect smoldering fires and uses different beeps for each type of alert.
  • First Alert SA320 features photosensitive and ionization sensors, which is likely the reason it was the only unit that activated its alarm after a single aerosol spray test.
  • X-Sense Wireless Interconnected smoke detectors are smaller and lighter than typical ones, and still meet UL 217 standards.
  • The Nest Protect is a great option if you're looking for a detector that gives verbal commands and sends notifications to your smartphone.
  • First Alert combination detector features a powerful LED strobe and emits an 85 dB alarm, which is louder than a typical alarm clock and likely to wake even heavy sleepers.
  • Smoke detectors that last 10 years may be a great option if you don't want to change the batteries every year.
  • Interconnected smoke detectors will automatically trigger every alarm if one is activated.

Read Full Article

like

9 Likes

source image

Medium

6d

read

178

img
dot

Image Credit: Medium

McAfee Safe Connect VPN Review: Privacy Assured!

  • McAfee Safe Connect VPN 5-Devices 2025 offers a privacy-assured browsing experience.
  • It operates as an invisibility cloak for online presence and shields personal information from cybercriminals.
  • It automatically turns on when connecting to public Wi-Fi and offers three VPN protocols.
  • Users can connect to almost 50 countries and enjoy reliable 24/7 customer support.
  • Split tunneling allows users to choose which apps to operate with VPN.
  • Bank-grade encryption ensures airtight security and peace of mind with McAfee's no-log policy.
  • Customers get their digital code and activation instructions immediately via email upon purchase.
  • McAfee Safe Connect VPN offers a sense of privacy for browsing critical online forums and trying out new streaming services.
  • Overall, it’s a safety net transforming browsing, banking, and shopping into a serene walk in the park.
  • For individuals seeking freedom, security, and privacy protection online, McAfee Safe Connect VPN is worth the investment.

Read Full Article

like

10 Likes

source image

Tech Radar

7d

read

223

img
dot

Image Credit: Tech Radar

US government urges federal agencies to patch Microsoft 365 now

  • The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive, BOD 25-01, requiring Microsoft 365 cloud environments to meet cybersecurity standards.
  • CISA advises both federal agencies and enterprises in the private sector to follow the directive for enhanced security.
  • The directive includes deploying a custom automation configuration assessment tool, integrating with CISA's monitoring infrastructure, and aligning with secure configuration baselines.
  • CISA also plans to include other cloud providers in future updates of the directive.

Read Full Article

like

13 Likes

source image

Adamlevin

7d

read

348

img
dot

Image Credit: Adamlevin

Scams, Hacks, and AI: What to Expect in 2025

  • Companies and cybercriminals are incorporating AI into their software offerings and services, leading to sophisticated phishing attacks, automated credential stuffing, target profiling, and deepfakes. Expect an escalation between AI-based offense and defense in cybersecurity.
  • Security measures such as firewalls, VPNs, and password managers might protect customer data, but any weaknesses in their defenses could result in wide-scale attacks on the level of the SolarWinds breach.
  • Cryptocurrency wallets will face increased attacks due to the rising value of cryptocurrencies and their transferability and anonymity. Expect more sophisticated crypto schemes to escalate.
  • Children will be targeted on social media platforms, leading to theft, extortion, catfishing, and other potential dangers. Increased attention is needed to protect children online.

Read Full Article

like

20 Likes

source image

Mcafee

7d

read

269

img
dot

Image Credit: Mcafee

Spyware distributed through Amazon Appstore

  • Malicious app called "BMI CalculationVsn" discovered on Amazon App Store.
  • The app steals the package name of installed apps and incoming SMS messages.
  • It engages in harmful behaviors such as screen recording, retrieving installed app information, and intercepting SMS messages.
  • The app is still under development and testing stage.

Read Full Article

like

16 Likes

source image

Cybersecurity-Insiders

7d

read

377

img
dot

Image Credit: Cybersecurity-Insiders

The Birth of Zero Trust: A Paradigm Shift in Security

  • The concept of Zero Trust has revolutionized cybersecurity.
  • Zero Trust challenges the traditional 'castle-and-moat' model of security.
  • Zero Trust advocates for a 'never trust, always verify' approach to security.
  • Key principles of Zero Trust include continuous verification, least privilege access, micro-segmentation, data protection, and enhanced monitoring and analytics.

Read Full Article

like

22 Likes

source image

Cybersecurity-Insiders

7d

read

410

img
dot

Image Credit: Cybersecurity-Insiders

A Path to Enhanced Security and NIS2 Compliance

  • Zero Trust is a model that presumes that nothing can be trusted by default, whether inside or outside the network, and advocates for continuous verification, strict access controls, and comprehensive monitoring.
  • It is important in modern cybersecurity because the growing cyber threat landscape, new hybrid work paradigms and protection of sensitive data to ensure robust security.
  • Starting your Zero Trust journey includes conducting a security audit, identifying the crown jewels, implementing multi-factor authentication (MFA), applying the principle of least privilege, and micro-segmentation.
  • Zero Trust can lead to significant long-term savings by streamlining the security stack, reducing operational time and increased efficiency.
  • Implementing Zero Trust can help organizations comply more easily with the NIS2 Directive, which requires continuous risk management, enhanced access control policies, incident detection and response, ensuring data integrity and compliance reporting and accountability.
  • Zero Trust can simplify security infrastructure and optimize resources with unified security management, automation of routine tasks and the reduction of human errors.
  • The road ahead for Zero Trust includes regular training and awareness, leveraging technology partnerships, continuous improvement and adaptation, and collaboration and information sharing.
  • Organizations can create a robust defense against today's complex cyber threats by implementing core Zero Trust principles, budgeting for a Zero Trust initiative, and adopting a Zero Trust model to stay ahead.

Read Full Article

like

24 Likes

source image

TechCrunch

7d

read

273

img
dot

Image Credit: TechCrunch

How the ransomware attack at Change Healthcare went down: A timeline

  • A ransomware attack in February on US health tech company Change Healthcare affected at least 100m people, making it one of the largest data breaches of US health and medical data in history.
  • The company processes billing and insurance for hundreds of thousands of medical practices, pharmacies, and hospitals in the US healthcare sector, handling between one-third and one-half of all US health transactions.
  • The hackers broke into the company's system on or around February 12, with Change Healthcare only confirming that a cyber attack was the cause of the outage eight days later.
  • UnitedHealth later confirmed that a Russian-speaking ransomware gang, ALPHV/BlackCat, was behind the attack, with the gang itself also publishing evidence on the dark web.
  • In early March, the gang vanished after a $22m ransom payment, leaving the data behind to form a new extortion racket called RansomHub in April.
  • As of October 24, UnitedHealth confirmed the breach affected over 100m people, while a lawsuit by Nebraska revealed new details of the hack, suggesting the number could rise further.
  • CEO Andrew Witty later admitted that a user account was hacked with a single password that was not protected by multi-factor authentication.
  • Change Healthcare started notifying affected individuals in late June through a law requiring mandatory notice, while the US government upped its bounty to $10m for information on the gang’s location.
  • Affected healthcare providers can also request UnitedHealth notify their patients, while the incident remains one of the biggest data breaches of sensitive US health data.
  • UnitedHealth said the hackers stole sensitive information, including medical data, health information, diagnoses, payment information, test results, imaging, care plans, treatment plans and other personal information.

Read Full Article

like

16 Likes

source image

Cybersecurity-Insiders

7d

read

327

img
dot

Image Credit: Cybersecurity-Insiders

Securing Remote OT Operations: Building a Resilient Framework for the Connected Age

  • As OT environments become more interconnected, there is a need for a robust security framework tailored to remote OT environments.
  • Securing all access points, whether cloud-based, on-premises, or hybrid, ensures safe and reliable operations in any environment.
  • To create a resilient and layered defense against evolving threats, security must be consistently integrated throughout the network
  • Three-quarters of surveyed companies have already encountered challenges due to OT-targeted cyber-attacks.
  • Organizations can reduce potential security risks by restricting remote access to the minimum necessary for each task through the principle of least privilege.
  • Establishing secure temporary access is crucial in OT settings, where unique credentials should be used for each session, and access should be promptly removed.
  • A resilient security framework for remote OT environments must address the unique conditions and constraints of OT networks, especially where legacy equipment and operating systems are prevalent.
  • Securing remote sessions is essential to safeguarding data confidentiality and integrity, particularly for older OT devices that may lack built-in encryption capabilities.
  • Integration of IT and OT practices is essential to create effective security postures.
  • Learning and education are essential for building a resilient framework, equipped with the knowledge needed to support security goals and avoid actions that might increase risk.

Read Full Article

like

19 Likes

source image

TechCrunch

7d

read

49

img
dot

Image Credit: TechCrunch

Nebraska sues Change Healthcare over security failings that led to medical data breach of over 100 million Americans

  • The state of Nebraska has sued Change Healthcare over alleged security failings that led to a data breach affecting over 100 million Americans.
  • Nebraska's attorney general claims that Change Healthcare failed to implement proper security measures, resulting in a historic and significant breach of sensitive health information.
  • The breach, linked to the ALPHV ransomware gang, exposed personal, health, and financial data of affected individuals.
  • Nebraska is seeking damages and accountability from Change Healthcare for the harm caused to residents, healthcare providers, and operational disruptions.

Read Full Article

like

2 Likes

source image

Hitconsultant

7d

read

194

img
dot

Image Credit: Hitconsultant

How Cybersecurity Breaches Affect Patient Care and Recovery

  • The healthcare industry has long been built on the promise of providing uninterrupted care across a vast and interconnected ecosystem.
  • Cyberattacks have emerged as major disruptors, threatening sensitive patient information and the very foundation of patient care.
  • In 2023, more than 133 million healthcare records were exposed or stolen due to data breaches.
  • The consequences of cybersecurity incidents in healthcare go beyond the loss of data.
  • The ripple effects of compromised data extend beyond individual patients, impacting the broader healthcare system.
  • To address these threats, healthcare organizations must adopt comprehensive cybersecurity strategies that prioritize both prevention and response.
  • Artificial intelligence (AI) is becoming an increasingly useful tool in healthcare cybersecurity.
  • Healthcare workers also play a critical role in maintaining cybersecurity.
  • The stakes are too high for complacency.
  • Only by adopting a comprehensive, proactive approach to cybersecurity can healthcare providers ensure the uninterrupted care their patients deserve.

Read Full Article

like

11 Likes

source image

Secureerpinc

7d

read

311

img
dot

Image Credit: Secureerpinc

Empower Your Team with Cybersecurity Best Practices Training

  • Providing continuous training in cybersecurity best practices to employees is critical for protecting your business.
  • Training programs should be ongoing to address new threats and remind employees of cybersecurity basics.
  • Topics to cover in training include security policies, incident response procedures, password management, data protection, and threat detection.
  • Phishing awareness is a critical element of cybersecurity training to prevent data breaches.

Read Full Article

like

18 Likes

source image

Infoblox

7d

read

302

img
dot

Image Credit: Infoblox

Uplift Your SecOps Efficiency with Infoblox SIEM Integrations

  • Security Information and Event Management (SIEM) platforms play a crucial role in enterprise security by collecting and analyzing security event data.
  • Challenges faced by SIEM platforms include overwhelming alert volumes, limited contextual information, and lack of DNS-based threat intelligence.
  • Infoblox offers integrations that address these challenges by providing AI-driven insights, network data enrichment, and DNS-based threat intelligence.
  • Benefits of Infoblox SIEM integrations include reducing alert fatigue, accelerating investigations, and gaining proactive DNS threat detection.

Read Full Article

like

18 Likes

source image

Cybersecurity-Insiders

7d

read

302

img
dot

Image Credit: Cybersecurity-Insiders

Cloud Security Report 2024

  • The 2024 Cloud Security Report, based on a comprehensive survey of 927 cybersecurity professionals worldwide, reveals key challenges and trends of cloud security.
  • Majority of organizations (78%) opt for hybrid and multi-cloud strategies to combine flexibility, control, and the unique benefits of various cloud services.
  • Cloud security, resource constraints, and technical challenges present roadblocks to faster adoption of multi-cloud strategies.
  • 95% of respondents advocate for a single platform to streamline security across cloud environments.
  • Microsoft Azure leads the market, with 62% of organizations utilizing its services, followed by Amazon Web Services (AWS) at 54%.
  • 59% of respondents identify security and compliance concerns as primary barriers to faster cloud adoption.
  • A combined 44% perceive the risk of security breaches in public cloud environments to be higher than in traditional on-premises IT environments.
  • An overwhelming 93% of respondents express concern about the industry-wide shortage of qualified cybersecurity professionals.
  • A significant 61% of respondents anticipate an increase in their cloud security budget over the next 12 months.
  • 95% of organizations prefer a unified security platform to consolidate and streamline security management across cloud environments.

Read Full Article

like

18 Likes

source image

Tech Radar

7d

read

319

img
dot

Image Credit: Tech Radar

Targeting citizens based on their political views is illegal, said EU data watchdog

  • The European Data Protection Supervisor (EDPS) has declared that targeting EU citizens based on their political views is illegal.
  • The decision came after the EU Commission was found guilty of illegally targeting citizens with ads using sensitive personal data.
  • The targeted advertisement campaign by the Commission focused on raising awareness of the Child Sexual Abuse Regulation (CSAR) proposal.
  • The EDPS decision aligns with a complaint filed by digital rights group Noyb, stating that the Commission breached GDPR rules.

Read Full Article

like

19 Likes

For uninterrupted reading, download the app