menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

TechJuice

1w

read

16

img
dot

Image Credit: TechJuice

Hackers Are Now Deploying Stealthy Remcos Malware via Windows

  • Hackers are deploying a stealthy Remcos Malware through PIF files, evading detection by antivirus software.
  • Remcos Malware infiltrates systems, logging keystrokes, intercepting screenshots, delivering payloads, and maintaining persistence.
  • It spreads through phishing emails and social media, tricking users with disguised files.
  • Countermeasures include disabling PIF file execution, updating security tools, educating users, and monitoring endpoints.

Read Full Article

like

1 Like

source image

AllTopStartups

1w

read

177

img
dot

Image Credit: AllTopStartups

Professionals Beware: LinkedIn is Sharing 50% of Personal Data With Third Parties

  • Reports show 85% of consumers delete apps due to privacy concerns; 82% opt out of sharing personal data.
  • Apps like Facebook, Instagram, and Uber collect significant user data for marketing benefits.
  • LinkedIn, Uber Eats, Instagram, and Facebook share substantial personal data with third parties.

Read Full Article

like

10 Likes

source image

Securityaffairs

1w

read

361

img
dot

Image Credit: Securityaffairs

CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

  • U.S. cybersecurity and intelligence agencies warn of rising Iranian cyber threats, exploiting outdated software and weak passwords, with attacks expected to increase.
  • Iranian-aligned hacktivists have increased website defacements, data leaks, and may escalate DDoS and ransomware attacks targeting U.S. and Israeli entities.
  • The ongoing Iran conflict has raised cyber threat levels in the U.S., with potential low-level attacks by pro-Iranian hacktivists and state-linked cyber activity.
  • The U.S. Department of Homeland Security issued warnings about Iranian cyber attacks following the killing of Iranian military commander Soleimani in 2020.

Read Full Article

like

21 Likes

source image

VoIP

1w

read

260

img
dot

Image Credit: VoIP

Orange Business Unveils New Defense & Security Division

  • Orange Business has launched a new Defense & Security Division to focus on sovereignty in defense and homeland security sectors.
  • The initiative aligns with the company's strategy to target verticals with significant sovereignty implications and support defense and security actors in France and Europe.
  • The Defense & Security Division aims to provide expertise in digital transformation for defense and homeland security industries, offering solutions for connectivity, data hosting, emergency communication systems, AI, and cybersecurity.
  • Nassima Auvray leads this new division, emphasizing the importance of designing sovereign, resilient solutions, while CEO Aliette Mousnier Lompré highlights the need for specialized expertise in addressing sovereignty and resilience issues.

Read Full Article

like

15 Likes

source image

Medium

1w

read

214

img
dot

Image Credit: Medium

How to Prevent Your Social Media from Being Hacked?

  • Social media platforms are vulnerable to hacking due to weak passwords, open logins, and various access points.
  • To prevent hacking, users should avoid using obvious passwords like names, phone numbers, or dates of birth. Instead, opt for complex combinations of letters, numbers, and special characters.
  • It is essential to use unique passwords for each social media account to minimize the risk of multiple accounts being compromised if one is hacked.
  • Enabling 2-step verification adds an extra layer of security by requiring a code sent to a user's phone or email to log in, even if the password is known to hackers.

Read Full Article

like

12 Likes

source image

Ubuntu

1w

read

100

img
dot

Image Credit: Ubuntu

Update Livepatch Client for the newest kernel module signing certificate

  • Canonical has generated a new module signing certificate on May 16, 2025, embedded in Ubuntu kernels published after that date, requiring Livepatch Client version 10.11.2 or greater for successful Livepatching of kernels after July 2026.
  • Canonical Livepatch is a rebootless security updates tool for the Linux kernel, automating patching of high and critical vulnerabilities until the next reboot window, crucial for securing Ubuntu servers.
  • Livepatch Client, an auto-updating snap package, is classified by channel and revision where system administrators can control the upgrade timelines of the software.
  • Environments with disabled auto-updates for Livepatch Client will require manual upgrades or intervention to ensure security patching continuity beyond July 2026, while airgapped environments necessitate additional steps for updating.

Read Full Article

like

6 Likes

source image

Medium

1w

read

277

img
dot

Breaking Down Vulnerabilities:

  • A study on the 'Universal Function Execution & Exploitation Blueprint' is in progress to explore exploitation of functions in any programming language.
  • The blueprint includes components like Entry Point, Input Handling Layer, Function Call Details, Execution Environment, System-Level Flow, Output Flow, Exploitation Potential, Logging / Monitoring Layer, Testing Strategy, and Post-Exploitation Vector.
  • Examples provided demonstrate the flow from User Input to Function Output/Side Effect, emphasizing exploitation potential and post-exploitation vectors.
  • The study covers scenarios, such as handling user input in PHP for functions like passthru(), with potential exploits like running system commands and SQL queries for unauthorized data access.

Read Full Article

like

16 Likes

source image

The Fintech Times

1w

read

265

img
dot

Image Credit: The Fintech Times

DFSA Warns of Rising AI-Driven Cyber Threats and Calls for Global Regulatory Collaboration

  • The Dubai Financial Services Authority (DFSA) warns of increasing cyber threats driven by AI and automation tools in its new report.
  • The report highlights bad actors using AI for reconnaissance and execution, with ransomware attacks and supply chain threats on the rise.
  • Regulators and financial institutions are urged to prioritize cyber resilience in the face of evolving cyber risks and the reshaping regulatory priorities due to emerging technologies.
  • The DFSA emphasizes the importance of global regulatory collaboration to address cyber threats and enhance operational resilience amidst rapid innovation in the financial sector.

Read Full Article

like

15 Likes

source image

Infoq

1w

read

25

img
dot

Image Credit: Infoq

Jakarta EE 11 Delivers One New Specification, 16 Updated Specifications and Modernized TCK

  • Jakarta EE 11 released with 1 new spec, 16 updated specs and modernized TCK.
  • Core and Web Profiles were delayed, focusing on TCK modernization to ensure compatibility.
  • Jakarta EE 11 Platform designed for full Jakarta EE spec set for enterprise apps.
  • Web Profile targets web app development. Core Profile for microservices, cloud runtimes.
  • New Jakarta Data 1.0 spec introduced for easy database tech access.

Read Full Article

like

1 Like

source image

Siliconangle

1w

read

159

img
dot

Image Credit: Siliconangle

Object First and Ootbi team up on backup storage for the AI era

  • Backup storage is crucial for bringing back data swiftly after a ransomware attack.
  • Object First and Ootbi offer secure storage solutions for AI model data sets.
  • Agentic AI is on the rise, increasing the need for proper data backup planning.

Read Full Article

like

9 Likes

source image

Tech Radar

1w

read

92

img
dot

Image Credit: Tech Radar

70% of new hires click on phishing links within the first 3 months of employment - here's how to stay safe

  • A new report indicates that 70% of new hires are susceptible to phishing attacks within their first 90 days of employment, highlighting a major cybersecurity risk during the onboarding process.
  • New employees are 44% more likely to fall for phishing attempts compared to longer-tenured colleagues, often due to inexperience, lack of familiarity with internal processes, and eagerness to comply with instructions.
  • Phishing attacks targeting new hires often exploit their confusion during onboarding, with tactics such as CEO impersonation, fraudulent HR portals, and technical support scams being prevalent.
  • To address this issue, organizations are advised to implement tailored cybersecurity awareness training programs during the onboarding period, with a focus on adaptive simulations and behavior-based training to reduce phishing risks.

Read Full Article

like

5 Likes

source image

Medium

1w

read

299

img
dot

Image Credit: Medium

The Smart Fridge, The Love Scam, And The Retired Spy From Lagos

  • Adanna, a 67-year-old former intelligence agent, uncovered a romance scam targeting her cousin using her smart fridge's logs.
  • The smart fridge detected a connection from Nigeria while the scammer claimed to be in Dubai, leading Adanna to unveil the scammer's real identity.
  • The scammer turned out to be a 27-year-old with multiple fake profiles and romantic interests, emphasizing the prevalence of online romance scams.
  • The story highlights the importance of paying attention to smart device logs, being cautious of online requests for money, and using technology to enhance cybersecurity for all individuals.

Read Full Article

like

18 Likes

source image

Pymnts

1w

read

252

img
dot

Image Credit: Pymnts

Federal Agencies Say Iran-Linked Hackers May Target US Firms

  • Four federal agencies have warned that hackers linked to Iran could target U.S. organizations, especially those involved in critical infrastructure, following recent events involving Iran's nuclear program.
  • Despite ongoing negotiations and a declared ceasefire, the agencies believe Iranian hackers might increase distributed denial of service (DDoS) campaigns and conduct ransomware attacks.
  • These hackers have targeted vulnerable U.S. networks in the past through poorly secured devices, outdated software, and common passwords.
  • The FBI noted that ransomware remains a top threat to American infrastructure, with a significant number of complaints involving critical infrastructure organizations.

Read Full Article

like

15 Likes

source image

Wired

1w

read

413

img
dot

Image Credit: Wired

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

  • DOJ reveals North Korean IT worker impersonation scheme, targeting over 80 Americans' identities.
  • Crackdown operation in US led to indictments of two Americans aiding in the scheme.
  • Charges include identity theft and funneling money to the Kim regime through fake jobs.
  • Exposed laptop farms in multiple states used for remote access; ongoing North Korean infiltration concerns.

Read Full Article

like

24 Likes

source image

Ars Technica

1w

read

54

img
dot

Image Credit: Ars Technica

Drug cartel hacked FBI official’s phone to track and kill informants, report says

  • The Sinaloa drug cartel in Mexico allegedly hacked the phone of an FBI official investigating Joaquín “El Chapo” Guzmán in order to track and potentially harm informants.
  • A hacker hired by the cartel exploited the FBI official’s phone to obtain calls, geolocation data, and used Mexico City's camera system to monitor the official through the city.
  • The FBI has faced widespread technical surveillance threats, with recent advancements in hacking tools making surveillance easier for less sophisticated entities.
  • The report recommended improving FBI training and response procedures in light of the evolving threats posed by entities utilizing advanced surveillance techniques.

Read Full Article

like

3 Likes

For uninterrupted reading, download the app