Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

TechJuice

Image Credit: TechJuice

Hackers Are Now Deploying Stealthy Remcos Malware via Windows

Hackers are deploying a stealthy Remcos Malware through PIF files, evading detection by antivirus software.
Remcos Malware infiltrates systems, logging keystrokes, intercepting screenshots, delivering payloads, and maintaining persistence.
It spreads through phishing emails and social media, tricking users with disguised files.
Countermeasures include disabling PIF file execution, updating security tools, educating users, and monitoring endpoints.

Read Full Article

1 Like

AllTopStartups

177

Image Credit: AllTopStartups

Professionals Beware: LinkedIn is Sharing 50% of Personal Data With Third Parties

Reports show 85% of consumers delete apps due to privacy concerns; 82% opt out of sharing personal data.
Apps like Facebook, Instagram, and Uber collect significant user data for marketing benefits.
LinkedIn, Uber Eats, Instagram, and Facebook share substantial personal data with third parties.

Read Full Article

10 Likes

Securityaffairs

361

Image Credit: Securityaffairs

CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure

U.S. cybersecurity and intelligence agencies warn of rising Iranian cyber threats, exploiting outdated software and weak passwords, with attacks expected to increase.
Iranian-aligned hacktivists have increased website defacements, data leaks, and may escalate DDoS and ransomware attacks targeting U.S. and Israeli entities.
The ongoing Iran conflict has raised cyber threat levels in the U.S., with potential low-level attacks by pro-Iranian hacktivists and state-linked cyber activity.
The U.S. Department of Homeland Security issued warnings about Iranian cyber attacks following the killing of Iranian military commander Soleimani in 2020.

Read Full Article

21 Likes

VoIP

260

Image Credit: VoIP

Orange Business Unveils New Defense & Security Division

Orange Business has launched a new Defense & Security Division to focus on sovereignty in defense and homeland security sectors.
The initiative aligns with the company's strategy to target verticals with significant sovereignty implications and support defense and security actors in France and Europe.
The Defense & Security Division aims to provide expertise in digital transformation for defense and homeland security industries, offering solutions for connectivity, data hosting, emergency communication systems, AI, and cybersecurity.
Nassima Auvray leads this new division, emphasizing the importance of designing sovereign, resilient solutions, while CEO Aliette Mousnier Lompré highlights the need for specialized expertise in addressing sovereignty and resilience issues.

Read Full Article

15 Likes

Discover more

Medium

214

Image Credit: Medium

How to Prevent Your Social Media from Being Hacked?

Social media platforms are vulnerable to hacking due to weak passwords, open logins, and various access points.
To prevent hacking, users should avoid using obvious passwords like names, phone numbers, or dates of birth. Instead, opt for complex combinations of letters, numbers, and special characters.
It is essential to use unique passwords for each social media account to minimize the risk of multiple accounts being compromised if one is hacked.
Enabling 2-step verification adds an extra layer of security by requiring a code sent to a user's phone or email to log in, even if the password is known to hackers.

Read Full Article

12 Likes

Ubuntu

100

Image Credit: Ubuntu

Update Livepatch Client for the newest kernel module signing certificate

Canonical has generated a new module signing certificate on May 16, 2025, embedded in Ubuntu kernels published after that date, requiring Livepatch Client version 10.11.2 or greater for successful Livepatching of kernels after July 2026.
Canonical Livepatch is a rebootless security updates tool for the Linux kernel, automating patching of high and critical vulnerabilities until the next reboot window, crucial for securing Ubuntu servers.
Livepatch Client, an auto-updating snap package, is classified by channel and revision where system administrators can control the upgrade timelines of the software.
Environments with disabled auto-updates for Livepatch Client will require manual upgrades or intervention to ensure security patching continuity beyond July 2026, while airgapped environments necessitate additional steps for updating.

Read Full Article

6 Likes

Medium

277

Breaking Down Vulnerabilities:

A study on the 'Universal Function Execution & Exploitation Blueprint' is in progress to explore exploitation of functions in any programming language.
The blueprint includes components like Entry Point, Input Handling Layer, Function Call Details, Execution Environment, System-Level Flow, Output Flow, Exploitation Potential, Logging / Monitoring Layer, Testing Strategy, and Post-Exploitation Vector.
Examples provided demonstrate the flow from User Input to Function Output/Side Effect, emphasizing exploitation potential and post-exploitation vectors.
The study covers scenarios, such as handling user input in PHP for functions like passthru(), with potential exploits like running system commands and SQL queries for unauthorized data access.

Read Full Article

16 Likes

The Fintech Times

265

Image Credit: The Fintech Times

DFSA Warns of Rising AI-Driven Cyber Threats and Calls for Global Regulatory Collaboration

The Dubai Financial Services Authority (DFSA) warns of increasing cyber threats driven by AI and automation tools in its new report.
The report highlights bad actors using AI for reconnaissance and execution, with ransomware attacks and supply chain threats on the rise.
Regulators and financial institutions are urged to prioritize cyber resilience in the face of evolving cyber risks and the reshaping regulatory priorities due to emerging technologies.
The DFSA emphasizes the importance of global regulatory collaboration to address cyber threats and enhance operational resilience amidst rapid innovation in the financial sector.

Read Full Article

15 Likes

Infoq

Image Credit: Infoq

Jakarta EE 11 Delivers One New Specification, 16 Updated Specifications and Modernized TCK

Jakarta EE 11 released with 1 new spec, 16 updated specs and modernized TCK.
Core and Web Profiles were delayed, focusing on TCK modernization to ensure compatibility.
Jakarta EE 11 Platform designed for full Jakarta EE spec set for enterprise apps.
Web Profile targets web app development. Core Profile for microservices, cloud runtimes.
New Jakarta Data 1.0 spec introduced for easy database tech access.

Read Full Article

1 Like

Siliconangle

159

Image Credit: Siliconangle

Object First and Ootbi team up on backup storage for the AI era

Backup storage is crucial for bringing back data swiftly after a ransomware attack.
Object First and Ootbi offer secure storage solutions for AI model data sets.
Agentic AI is on the rise, increasing the need for proper data backup planning.

Read Full Article

9 Likes

Tech Radar

Image Credit: Tech Radar

70% of new hires click on phishing links within the first 3 months of employment - here's how to stay safe

A new report indicates that 70% of new hires are susceptible to phishing attacks within their first 90 days of employment, highlighting a major cybersecurity risk during the onboarding process.
New employees are 44% more likely to fall for phishing attempts compared to longer-tenured colleagues, often due to inexperience, lack of familiarity with internal processes, and eagerness to comply with instructions.
Phishing attacks targeting new hires often exploit their confusion during onboarding, with tactics such as CEO impersonation, fraudulent HR portals, and technical support scams being prevalent.
To address this issue, organizations are advised to implement tailored cybersecurity awareness training programs during the onboarding period, with a focus on adaptive simulations and behavior-based training to reduce phishing risks.

Read Full Article

5 Likes

Medium

299

Image Credit: Medium

The Smart Fridge, The Love Scam, And The Retired Spy From Lagos

Adanna, a 67-year-old former intelligence agent, uncovered a romance scam targeting her cousin using her smart fridge's logs.
The smart fridge detected a connection from Nigeria while the scammer claimed to be in Dubai, leading Adanna to unveil the scammer's real identity.
The scammer turned out to be a 27-year-old with multiple fake profiles and romantic interests, emphasizing the prevalence of online romance scams.
The story highlights the importance of paying attention to smart device logs, being cautious of online requests for money, and using technology to enhance cybersecurity for all individuals.

Read Full Article

18 Likes

Pymnts

252

Image Credit: Pymnts

Federal Agencies Say Iran-Linked Hackers May Target US Firms

Four federal agencies have warned that hackers linked to Iran could target U.S. organizations, especially those involved in critical infrastructure, following recent events involving Iran's nuclear program.
Despite ongoing negotiations and a declared ceasefire, the agencies believe Iranian hackers might increase distributed denial of service (DDoS) campaigns and conduct ransomware attacks.
These hackers have targeted vulnerable U.S. networks in the past through poorly secured devices, outdated software, and common passwords.
The FBI noted that ransomware remains a top threat to American infrastructure, with a significant number of complaints involving critical infrastructure organizations.

Read Full Article

15 Likes

Wired

413

Image Credit: Wired

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

DOJ reveals North Korean IT worker impersonation scheme, targeting over 80 Americans' identities.
Crackdown operation in US led to indictments of two Americans aiding in the scheme.
Charges include identity theft and funneling money to the Kim regime through fake jobs.
Exposed laptop farms in multiple states used for remote access; ongoing North Korean infiltration concerns.

Read Full Article

24 Likes

Ars Technica

Image Credit: Ars Technica

Drug cartel hacked FBI official’s phone to track and kill informants, report says

The Sinaloa drug cartel in Mexico allegedly hacked the phone of an FBI official investigating Joaquín “El Chapo” Guzmán in order to track and potentially harm informants.
A hacker hired by the cartel exploited the FBI official’s phone to obtain calls, geolocation data, and used Mexico City's camera system to monitor the official through the city.
The FBI has faced widespread technical surveillance threats, with recent advancements in hacking tools making surveillance easier for less sophisticated entities.
The report recommended improving FBI training and response procedures in light of the evolving threats posed by entities utilizing advanced surveillance techniques.

Read Full Article

3 Likes

For uninterrupted reading, download the app