Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

VoIP

260

Image Credit: VoIP

Orange Business Unveils New Defense & Security Division

Orange Business has launched a new Defense & Security Division to focus on sovereignty in defense and homeland security sectors.
The initiative aligns with the company's strategy to target verticals with significant sovereignty implications and support defense and security actors in France and Europe.
The Defense & Security Division aims to provide expertise in digital transformation for defense and homeland security industries, offering solutions for connectivity, data hosting, emergency communication systems, AI, and cybersecurity.
Nassima Auvray leads this new division, emphasizing the importance of designing sovereign, resilient solutions, while CEO Aliette Mousnier Lompré highlights the need for specialized expertise in addressing sovereignty and resilience issues.

Read Full Article

15 Likes

Medium

214

Image Credit: Medium

How to Prevent Your Social Media from Being Hacked?

Social media platforms are vulnerable to hacking due to weak passwords, open logins, and various access points.
To prevent hacking, users should avoid using obvious passwords like names, phone numbers, or dates of birth. Instead, opt for complex combinations of letters, numbers, and special characters.
It is essential to use unique passwords for each social media account to minimize the risk of multiple accounts being compromised if one is hacked.
Enabling 2-step verification adds an extra layer of security by requiring a code sent to a user's phone or email to log in, even if the password is known to hackers.

Read Full Article

12 Likes

Ubuntu

100

Image Credit: Ubuntu

Update Livepatch Client for the newest kernel module signing certificate

Canonical has generated a new module signing certificate on May 16, 2025, embedded in Ubuntu kernels published after that date, requiring Livepatch Client version 10.11.2 or greater for successful Livepatching of kernels after July 2026.
Canonical Livepatch is a rebootless security updates tool for the Linux kernel, automating patching of high and critical vulnerabilities until the next reboot window, crucial for securing Ubuntu servers.
Livepatch Client, an auto-updating snap package, is classified by channel and revision where system administrators can control the upgrade timelines of the software.
Environments with disabled auto-updates for Livepatch Client will require manual upgrades or intervention to ensure security patching continuity beyond July 2026, while airgapped environments necessitate additional steps for updating.

Read Full Article

6 Likes

Medium

277

Breaking Down Vulnerabilities:

A study on the 'Universal Function Execution & Exploitation Blueprint' is in progress to explore exploitation of functions in any programming language.
The blueprint includes components like Entry Point, Input Handling Layer, Function Call Details, Execution Environment, System-Level Flow, Output Flow, Exploitation Potential, Logging / Monitoring Layer, Testing Strategy, and Post-Exploitation Vector.
Examples provided demonstrate the flow from User Input to Function Output/Side Effect, emphasizing exploitation potential and post-exploitation vectors.
The study covers scenarios, such as handling user input in PHP for functions like passthru(), with potential exploits like running system commands and SQL queries for unauthorized data access.

Read Full Article

16 Likes

Discover more

The Fintech Times

265

Image Credit: The Fintech Times

DFSA Warns of Rising AI-Driven Cyber Threats and Calls for Global Regulatory Collaboration

The Dubai Financial Services Authority (DFSA) warns of increasing cyber threats driven by AI and automation tools in its new report.
The report highlights bad actors using AI for reconnaissance and execution, with ransomware attacks and supply chain threats on the rise.
Regulators and financial institutions are urged to prioritize cyber resilience in the face of evolving cyber risks and the reshaping regulatory priorities due to emerging technologies.
The DFSA emphasizes the importance of global regulatory collaboration to address cyber threats and enhance operational resilience amidst rapid innovation in the financial sector.

Read Full Article

15 Likes

Infoq

Image Credit: Infoq

Jakarta EE 11 Delivers One New Specification, 16 Updated Specifications and Modernized TCK

Jakarta EE 11 released with 1 new spec, 16 updated specs and modernized TCK.
Core and Web Profiles were delayed, focusing on TCK modernization to ensure compatibility.
Jakarta EE 11 Platform designed for full Jakarta EE spec set for enterprise apps.
Web Profile targets web app development. Core Profile for microservices, cloud runtimes.
New Jakarta Data 1.0 spec introduced for easy database tech access.

Read Full Article

1 Like

Siliconangle

159

Image Credit: Siliconangle

Object First and Ootbi team up on backup storage for the AI era

Backup storage is crucial for bringing back data swiftly after a ransomware attack.
Object First and Ootbi offer secure storage solutions for AI model data sets.
Agentic AI is on the rise, increasing the need for proper data backup planning.

Read Full Article

9 Likes

Tech Radar

Image Credit: Tech Radar

70% of new hires click on phishing links within the first 3 months of employment - here's how to stay safe

A new report indicates that 70% of new hires are susceptible to phishing attacks within their first 90 days of employment, highlighting a major cybersecurity risk during the onboarding process.
New employees are 44% more likely to fall for phishing attempts compared to longer-tenured colleagues, often due to inexperience, lack of familiarity with internal processes, and eagerness to comply with instructions.
Phishing attacks targeting new hires often exploit their confusion during onboarding, with tactics such as CEO impersonation, fraudulent HR portals, and technical support scams being prevalent.
To address this issue, organizations are advised to implement tailored cybersecurity awareness training programs during the onboarding period, with a focus on adaptive simulations and behavior-based training to reduce phishing risks.

Read Full Article

5 Likes

Medium

299

Image Credit: Medium

The Smart Fridge, The Love Scam, And The Retired Spy From Lagos

Adanna, a 67-year-old former intelligence agent, uncovered a romance scam targeting her cousin using her smart fridge's logs.
The smart fridge detected a connection from Nigeria while the scammer claimed to be in Dubai, leading Adanna to unveil the scammer's real identity.
The scammer turned out to be a 27-year-old with multiple fake profiles and romantic interests, emphasizing the prevalence of online romance scams.
The story highlights the importance of paying attention to smart device logs, being cautious of online requests for money, and using technology to enhance cybersecurity for all individuals.

Read Full Article

17 Likes

Pymnts

252

Image Credit: Pymnts

Federal Agencies Say Iran-Linked Hackers May Target US Firms

Four federal agencies have warned that hackers linked to Iran could target U.S. organizations, especially those involved in critical infrastructure, following recent events involving Iran's nuclear program.
Despite ongoing negotiations and a declared ceasefire, the agencies believe Iranian hackers might increase distributed denial of service (DDoS) campaigns and conduct ransomware attacks.
These hackers have targeted vulnerable U.S. networks in the past through poorly secured devices, outdated software, and common passwords.
The FBI noted that ransomware remains a top threat to American infrastructure, with a significant number of complaints involving critical infrastructure organizations.

Read Full Article

15 Likes

Wired

412

Image Credit: Wired

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

DOJ reveals North Korean IT worker impersonation scheme, targeting over 80 Americans' identities.
Crackdown operation in US led to indictments of two Americans aiding in the scheme.
Charges include identity theft and funneling money to the Kim regime through fake jobs.
Exposed laptop farms in multiple states used for remote access; ongoing North Korean infiltration concerns.

Read Full Article

24 Likes

Ars Technica

Image Credit: Ars Technica

Drug cartel hacked FBI official’s phone to track and kill informants, report says

The Sinaloa drug cartel in Mexico allegedly hacked the phone of an FBI official investigating Joaquín “El Chapo” Guzmán in order to track and potentially harm informants.
A hacker hired by the cartel exploited the FBI official’s phone to obtain calls, geolocation data, and used Mexico City's camera system to monitor the official through the city.
The FBI has faced widespread technical surveillance threats, with recent advancements in hacking tools making surveillance easier for less sophisticated entities.
The report recommended improving FBI training and response procedures in light of the evolving threats posed by entities utilizing advanced surveillance techniques.

Read Full Article

3 Likes

Siliconangle

Image Credit: Siliconangle

Cato Networks raises $359M in funding for its SASE platform

Cato Networks has secured $359 million in late-stage investment led by Vitruvian Partners and ION Crossover Partners, with participation from existing investors, valuing the company at $4.8 billion.
The company provides a SASE platform for over 3,500 organizations offering cloud-based network infrastructure to connect remote locations and secure data traffic between them.
Cato's platform includes features to block unnecessary connections within a company's infrastructure to prevent malware spread and uses AI models to scan for threats.
The funding will be used to expand networking capabilities, enhance cybersecurity tools, grow customer-facing teams, and partnerships, as the CEO plans further evolution of network security.

Read Full Article

2 Likes

Tech Radar

189

Image Credit: Tech Radar

Thousands of organizations have a new, unexpected 'employee' onboard - and it could be their single biggest security risk

Browser AI Agents, a new automated tool for interacting with the web, have emerged as a significant security risk in organizations.
SquareX research suggests that these agents are more susceptible to cyberattacks than human employees due to their inability to recognize suspicious URLs and security risks.
Browser AI Agents lack critical thinking capabilities, making them vulnerable to basic cyberattacks, such as granting malicious apps access to sensitive data.
As Browser AI Agents operate with the same privileges as users, they can unknowingly provide attackers with access to internal systems, emphasizing the need for enhanced security measures.

Read Full Article

11 Likes

Securityaffairs

202

Image Credit: Securityaffairs

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Citrix NetScaler vulnerability CVE-2025-6543 to its Known Exploited Vulnerabilities catalog.
CVE-2025-6543 is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway, potentially leading to Denial of Service.
Affected versions include NetScaler ADC 13.1-FIPS, 14.1, and earlier versions, requiring prompt mitigation to protect against attacks exploiting the flaw.
CISA has issued directives for federal agencies to address the vulnerabilities by July 21, 2025, following a similar inclusion of other Citrix vulnerabilities in the past.

Read Full Article

12 Likes

For uninterrupted reading, download the app