menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Tech Radar

6d

read

202

img
dot

Image Credit: Tech Radar

12 Nvidia RTX 5090 GPUs will take 14 days to crack a complex 6-character password but I don't think you should care

  • Cybersecurity firm Hive Systems simulated an attack using 12 Nvidia RTX 5090 GPUs to crack passwords.
  • Short and predictable passwords can be cracked quickly, emphasizing the importance of using longer, unique passwords.
  • The time to crack a password significantly increases with complexity and length, ranging from days to billions of years.
  • Using a password manager and ensuring passwords are at least 12 characters long with a mix of characters is recommended for better security.

Read Full Article

like

12 Likes

share

2 Shares

source image

Neuways

6d

read

45

img
dot

Image Credit: Neuways

Retail security breaches: What’s happened since?

  • Marks & Spencer and Co-op faced major cyber attacks impacting their retail operations, with M&S experiencing a severe ransomware attack leading to website disruptions, stock availability issues, and a data breach involving personal customer information.
  • Co-op also experienced a supply chain breach that disrupted internal systems, led to unauthorized access of personal data, and caused operational challenges, including stock management delays.
  • Both incidents highlight the vulnerability of supply chain connections and the importance of assessing supplier risk, adopting Zero Trust principles, updating incident response plans, conducting regular cybersecurity training, and implementing endpoint detection and response.
  • These breaches emphasize the need for businesses to prioritize cybersecurity measures across their entire ecosystem, including third-party connections, to mitigate the risks posed by modern cyber threats.

Read Full Article

like

2 Likes

share

Share

source image

Tech Radar

6d

read

381

img
dot

Image Credit: Tech Radar

"Meta AI non-compliant with GDPR" – Digital rights group menaces Meta with injunction over EU AI training

  • Austria-based digital rights group noyb has sent a cease and desist letter to Meta over its AI training plans, arguing they are not GDPR-compliant.
  • Meta intends to feed its AI models with public posts and user interactions from May 27, 2025, with an opt-out option, which noyb contests as a violation of GDPR rules.
  • noyb believes Meta should seek opt-in consent under GDPR regulations rather than relying on opt-out mechanisms.
  • The group has threatened Meta with an injunction and potential class actions if the AI training proceeds without changes.
  • Meta's use of the legitimate interest provision in GDPR is questioned by noyb, as it may infringe on users' rights and freedoms.
  • Noyb argues Meta's AI training won't be able to comply with GDPR rights like the right to be forgotten or access to data due to the nature of the database.
  • Meta's dialogue with EU regulators and reference to an EDPB opinion are deemed insufficient by noyb regarding the legality of AI training.
  • Despite warnings from consumer protection groups, Meta plans to start feeding its AI models with EU user data on May 27, prompting concerns and potential legal action.
  • Users are advised to opt out of Meta AI training if they wish to protect their data privacy by filling out objection forms on Facebook and Instagram.
  • noyb continues to advocate for user consent as a solution to GDPR issues around Meta AI training and is evaluating legal actions if necessary.

Read Full Article

like

22 Likes

share

5 Shares

source image

Cybersecurity-Insiders

6d

read

158

img
dot

Image Credit: Cybersecurity-Insiders

Insider Threat fetches $400m loss to Coinbase

  • Coinbase, a major cryptocurrency exchange in the US, faces potential losses of $180-400 million this year due to a recent cyber attack.
  • The breach, attributed to an insider threat, involved the leakage of sensitive data including personal information of customers and employees.
  • Cybercriminals utilized advanced phishing tactics to deceive users into transferring cryptocurrency to fraudulent accounts.
  • Coinbase responded by resetting passwords, reimbursing affected customers, terminating freelance employees involved, and offering a reward for information leading to the attackers' capture.

Read Full Article

like

9 Likes

share

2 Shares

source image

Pymnts

6d

read

119

img
dot

Image Credit: Pymnts

Coinbase Reimburses Customers Following $20 Million Extortion Attempt

  • Coinbase is reimbursing users after a data breach that led to a $20 million extortion attempt.
  • The breach involved cybercriminals convincing Coinbase insiders to copy customer support data to trick customers into handing over their crypto.
  • Coinbase fired the compromised employees, referred them to law enforcement, and plans to press criminal charges.
  • Coinbase is reimbursing customers tricked into sending funds to the attacker, setting up a $20 million reward fund for information leading to the attackers' arrest.

Read Full Article

like

7 Likes

share

1 Share

source image

Siliconangle

6d

read

86

img
dot

Image Credit: Siliconangle

Coinbase suffers data breach, exposing customer information to hackers

  • Coinbase Global Inc. disclosed a data breach where cybercriminals bribed offshore customer service support agents to steal customer data.
  • No passwords, private keys, or funds were exposed, but personal customer information such as names, addresses, phone numbers, email addresses, and limited corporate data were stolen.
  • Attackers did not access login credentials or private keys to move or access customer funds.
  • Coinbase refused a $20 million payoff demanded by the attackers and instead turned it into a $20 million bounty for information leading to the arrest of the criminals; estimated costs for the company range between $180 million and $400 million for reimbursement and expenses.

Read Full Article

like

5 Likes

share

1 Share

source image

Secureerpinc

6d

read

9

img
dot

Image Credit: Secureerpinc

Cybersecurity Investments Protect and Fuel Business Growth

  • Shifts in business landscape such as remote work and cloud computing have led to both opportunities and cybersecurity threats for small and medium-sized businesses.
  • Investing in cybersecurity is crucial as the more advanced technology a business utilizes, the bigger the need for protection.
  • Companies are increasingly recognizing the strategic advantages of cybersecurity investments including greater innovation, business continuity, improved reputation, regulatory compliance, and workforce flexibility.
  • Cybersecurity is essential for businesses of all sizes, with scalable solutions available for securing digital assets, training employees, implementing multi-factor authentication, and creating incident response plans.

Read Full Article

like

Like

share

Share

source image

Tech Radar

6d

read

355

img
dot

Image Credit: Tech Radar

Scattered Spider moves beyond the UK, places crosshairs on US companies

  • Scattered Spider, a ransomware collective, is expanding its target scope beyond UK firms to include US retailers.
  • Google's Threat Intelligence Group warns US retailers to be cautious as Scattered Spider, linked to group UNC3944, is targeting multiple firms after a long hiatus.
  • Scattered Spider operates within a larger hacking community called 'the Com' and engages in various cyberattacks, with previous victims including notable companies like Nike, Twitter, and more.
  • In response to attacks, UK's NCSC has issued guidance for better defense against Scattered Spider, urging the retail sector to enhance security measures.

Read Full Article

like

21 Likes

share

5 Shares

source image

Pymnts

6d

read

161

img
dot

Image Credit: Pymnts

US Banks ‘Prime Candidate for Exploitation’ by Money Launderers

  • Banks in the United States are increasingly being targeted by money launderers connected to drug cartels.
  • Money launderers utilize underground networks to deposit cash from drug sales at US bank branches and ATMs.
  • Incidents like a Chinese network depositing $92 million in cash at major banks have raised concerns.
  • The banking industry is urging the US government to revamp anti-money laundering regulations to combat fraud effectively.

Read Full Article

like

9 Likes

share

2 Shares

source image

Tech Radar

6d

read

359

img
dot

Image Credit: Tech Radar

Largest US steel manufacturer puts production on the backburner after cyber attack

  • Nucor, a major US steel manufacturer, had to halt parts of its operations due to a cyberattack.
  • The company confirmed the unauthorized access of certain IT systems by a third party and took measures to contain the incident.
  • The decision to temporarily stop production operations has raised speculations of a possible ransomware attack.
  • No threat actors have claimed responsibility, and the extent of data breach remains unknown.

Read Full Article

like

21 Likes

share

5 Shares

source image

Lastwatchdog

6d

read

252

img
dot

GUEST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

  • Small businesses are increasingly targeted by cybercriminals due to their lack of cybersecurity expertise and resources.
  • The dark web offers easy access to cybercrime-as-a-service tools, making it cheaper and simpler to launch attacks on small businesses.
  • AI-powered tools are being used to scale attacks, tailor phishing lures, write malware, and evade detection, posing a significant threat to small businesses.
  • To protect themselves, small businesses should prioritize employee training, use AI-powered security tools, invest in cyber insurance, and consider partnering with managed service providers.

Read Full Article

like

15 Likes

share

3 Shares

source image

VentureBeat

6d

read

202

img
dot

Image Credit: VentureBeat

You.com’s ARI Enterprise crushes OpenAI in head-to-head tests, aims at deep research market

  • You.com has launched ARI Enterprise, claiming it outperforms OpenAI in head-to-head tests and excels in accuracy on independent benchmarks.
  • ARI achieved 80% accuracy on the FRAMES benchmark, surpassing major competitors.
  • This advanced research platform offers 4x greater depth and breadth and connects to internal corporate data sources.
  • ARI Enterprise provides 35% more insights and facts per research project, with enhanced integration capabilities.
  • Early adopters include venture capital firms, consulting agencies, and research institutions.
  • The platform's interactive approach involves collaboration with users to refine research plans and guide analysis.
  • Founder Richard Socher emphasizes ARI's role in augmenting analysts' efficiency, not replacing them.
  • You.com believes ARI Enterprise democratizes access to high-quality research and transforms professional roles.
  • The company raised $99 million to challenge Google's search dominance and has reported significant revenue growth.
  • ARI Enterprise changes how businesses process information, offering comprehensive, verified analysis in minutes.

Read Full Article

like

12 Likes

share

2 Shares

source image

Tech Radar

6d

read

285

img
dot

Image Credit: Tech Radar

SAP NetWeaver woes worsen as ransomware gangs join the attack

  • Multiple ransomware operators are targeting a severe vulnerability in SAP NetWeaver Visual Composer, enabling unauthorized actors to upload malicious executables.
  • Around 1,200 SAP instances were reported to be at risk from this vulnerability, CVE-2025-31324.
  • Ransomware families like BianLian and RansomEXX, along with Chinese state-sponsored actors, have been identified in exploiting the flaw.
  • SAP quickly released a patch for the bug but multiple attacks were observed in the wild, emphasizing the critical nature of the security issue.

Read Full Article

like

17 Likes

share

4 Shares

source image

Arstechnica

6d

read

372

img
dot

Image Credit: Arstechnica

Spies hack high-value mail servers using an exploit from yesteryear

  • Threat actors, possibly supported by the Russian government, hacked high-value mail servers globally by exploiting XSS vulnerabilities.
  • XSS vulnerabilities allow attackers to execute malicious code in browsers through programming errors in webserver software.
  • The exploits originated from a bug class widely exploited in the past and primarily involve the execution of JavaScript.
  • The Kremlin-linked hacking group Sednit gained access to email accounts by targeting vulnerabilities in mail server software like Roundcube, MDaemon, Horde, and Zimbra.

Read Full Article

like

22 Likes

share

5 Shares

source image

TechCrunch

6d

read

364

img
dot

Image Credit: TechCrunch

Coinbase says customers’ personal information stolen in data breach

  • Crypto giant Coinbase confirms data breach where customer data, including personal information and government-issued ID documents, were stolen.
  • Hacker obtained customer account information and demanded $20 million ransom, which Coinbase refuses to pay.
  • The hacker accessed customer names, addresses, phone numbers, Social Security numbers, bank account details, and government IDs.
  • Less than 1% of Coinbase's customers were affected by the breach, with estimated incident remediation and reimbursement costs between $180 million to $400 million.

Read Full Article

like

21 Likes

share

5 Shares

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app