Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Securityaffairs

137

Image Credit: Securityaffairs

U.S. CISA adds a Fortinet flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet vulnerability to its Known Exploited Vulnerabilities catalog, impacting several Fortinet products.
A critical remote code execution zero-day vulnerability, CVE-2025-32756, in FortiVoice systems was exploited by threat actors to execute arbitrary code.
Attackers scanned networks, erased crash logs, enabled debugging, and captured login credentials after exploiting the vulnerability.
CISA ordered federal agencies to address the identified vulnerability by June 4, 2025, in line with cybersecurity directives to protect networks and infrastructure from potential attacks.

Read Full Article

8 Likes

Socprime

398

Image Credit: Socprime

What Is Generative AI (GenAI)?

Generative AI (GenAI) is gaining prominence in cybersecurity, offering new opportunities for organizations to improve security strategies and defense models by integrating generative AI into workflows.
Generative AI involves ML models creating new content by learning patterns from existing data to generate realistic artifacts at scale, evolving rapidly to handle various tasks efficiently.
Built on deep learning and neural networks, generative AI uses transformer models for tasks like summarization, translation, and code generation, training on large datasets that enable context understanding over long sequences.
In cybersecurity, GenAI is utilized for threat intelligence, alert triage, detection engineering, false-positive reduction, vulnerability management, analysis, summarization, training, and policy drafting.
While GenAI offers productivity gains, human oversight remains vital due to potential inaccuracies and biases in AI-generated outputs, necessitating validation.
GenAI is being used for automating tasks like summarizing threat data, creating detection rules, reducing false positives, prioritizing vulnerabilities, and generating training content efficiently.
Challenges with generative AI include adversaries leveraging AI tools for malicious purposes, introducing new risks and complexities, and necessitating increased cybersecurity resources and regulations.
SOC Prime's AI SOC Ecosystem combines AI-powered solutions to enhance cybersecurity operations, using large language models and ML models to bolster detection engineering and automated threat hunting.
Uncoder AI, a major component of the ecosystem, offers various AI-powered features including generation from threat reports, custom prompts, decision tree summarization, rule optimization, syntax validation, and MITRE ATT&CK tag prediction.
Overall, generative AI is transforming cybersecurity operations by augmenting human expertise, accelerating analysis, and improving defense capabilities across diverse security tasks, while necessitating continuous human validation and oversight.

Read Full Article

23 Likes

Pymnts

137

Image Credit: Pymnts

Digital Wallets Want to Replace Your Apps, Not Just Your Cards

Digital wallets have evolved from niche to powerful tools reshaping global payments, driven by speed, security, and transparency.
Speed is crucial in cross-border payments, with digital wallets offering near-instantaneous transfers, a key factor for adoption.
Security plays a vital role in retaining users, with trust frameworks and transparency being key to future loyalty.
Transparency is emerging as a crucial aspect of digital wallet adoption, providing users with the ability to track payments and ensure accountability.

Read Full Article

8 Likes

Securityaffairs

369

Image Credit: Securityaffairs

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

Kosovo citizen Liridon Masurica (33) extradited to the US for running cybercrime marketplace BlackDB.cc and facing related charges.
BlackDB.cc, an online criminal marketplace active since 2018, offered compromised credentials and PII for sale.
Masurica charged in the US with six fraud-related counts, faces up to 55 years in prison for conspiracy and unauthorized access device usage.
The US Department of Justice seized another cybercrime marketplace Rydox, arresting three Kosovo nationals, including administrators, for facilitating sales of stolen personal data and fraud tools.

Read Full Article

22 Likes

Discover more

Medium

Image Credit: Medium

Do You Really Need a VPN on Your Mac? Here’s the Truth

Using Apple's built-in protection on your Mac may not be sufficient against threats from public networks, advertisers, and ISPs.
A VPN creates an encrypted tunnel between your Mac and the internet, safeguarding your online activity and preventing others from exploiting your data.
It is crucial for everyday Mac users to consider VPNs to address privacy concerns and security gaps.
Without a VPN, activities on unsecured networks like public Wi-Fi can be easily intercepted by hackers, highlighting the importance of encryption for data protection.
VPN technology also helps bypass geo-blocking restrictions, enabling users to access content from anywhere in the world.
In scenarios like using campus Wi-Fi, a VPN can aid in overcoming limitations imposed on access to apps, websites, and streaming services.
When selecting a VPN for your Mac, prioritize providers with stringent privacy policies, strong encryption, kill switches for added security, and reliable performance.
Free VPNs may compromise on security or privacy; opt for trustworthy providers offering transparent terms and limited free plans for basic protection.
Look for VPN services with positive reviews, transparent policies, and user-friendly interfaces to ensure ease of use, especially if you're new to VPNs.
A good VPN should have native Mac apps for straightforward installation and connection, enhancing user experience and privacy.
In conclusion, using a VPN on your Mac is advisable for protecting your data, maintaining privacy, and ensuring a secure online experience.

Read Full Article

Medium

157

Image Credit: Medium

Tails Operating System Explained

Tails OS provides enhanced privacy and security for users concerned about their online activities being monitored.
It is a free, open-source operating system designed to offer anonymity and protect user data from surveillance.
Privacy professionals recommend Tails OS for individuals such as journalists, activists, and those seeking to avoid online tracking.
Tails OS helps users regain personal freedom on the internet by ensuring their online activities remain private and secure.

Read Full Article

9 Likes

Global Fintech Series

Image Credit: Global Fintech Series

Transactix Launches New Era in Canadian Payments

Transactix Financial Inc. introduces the Open Value Network to revolutionize Canadian payments by reducing fees and inefficiencies.
OVN enables immediate and cost-effective transfer of digital value, challenging the high costs associated with traditional financial transfers in Canada.
The platform aims to empower consumers, drive fintech growth, and enhance Canada's economic sovereignty in the digital economy.
OVN advocates for regulatory modernization, showcases innovative technologies to lower costs, and emphasizes economic resilience for Canada.

Read Full Article

2 Likes

Medium

Image Credit: Medium

The Daily Tech Digest: 15 May 2025

The Daily Tech Digest on May 15, 2025 highlighted advancements in AI and Machine Learning, including OpenAI's Safety Evaluations Hub and new versions of GPT models.
Granola, an AI note-taking app, secured $43 million in funding, reflecting investor confidence in AI productivity tools.
Issues with Elon Musk's xAI chatbot, Grok, inserting harmful content emphasized challenges in controlling AI model outputs.
Microsoft introduced GitHub Copilot agent mode for AI-assisted task handling in software development, showcasing AI evolution.
OpenAI considered building data centers in the UAE to expand infrastructure capacity and serve growing market demands.
NVIDIA highlighted Physical AI at GTC Taipei, focusing on industrial autonomy and AI-powered transformation in manufacturing.
Cybersecurity concerns were raised with threats against US judges and the need for vigilance against online harassment and data exploitation.
Microsoft announced layoffs affecting 3% of its workforce, indicating a strategic realignment or cost-reduction effort.
YouTube experimented with ad placement after 'peak' moments to optimize engagement, while Microsoft shut down Bing Search APIs.
Uber introduced fixed-route shuttles, competing in the commuter transit market by offering cost-effective options.

Read Full Article

2 Likes

Cybersecurity-Insiders

232

Image Credit: Cybersecurity-Insiders

Google warns of US retail cyber attacks and M & S insurance payout to cost £100m

Google's Threat Intelligence team has issued a warning for U.S. retailers about potential cyberattacks by Scattered Spider, a sophisticated cybercriminal group.
Scattered Spider, also known as UNC3944, is suspected of targeting major UK retailers with DragonForce ransomware and may expand its operations to the U.S.
Mandiant, in partnership with Google, is offering a cybersecurity playbook to help businesses defend against advanced threats like Scattered Spider.
Marks & Spencer is expected to file a £100 million insurance claim to cover recovery costs after a cyberattack linked to Scattered Spider.
The cyberattack on Marks & Spencer led to operational disruptions, financial losses, and potential damage to the company's reputation and trust with consumers.
The insurance claim payout for the cyberattack on Marks & Spencer is uncertain and depends on factors such as IT infrastructure preparedness.
Cyber insurance considerations include premiums tied to cybersecurity preparedness, potential coverage exclusions for specific cyber risks, and future pricing adjustments.
As cyber threats increase, organizations, especially in retail, must prioritize cybersecurity measures and insurance coverage to mitigate financial impacts.
CIOs and CTOs need to reassess cyber insurance strategies as premiums rise and coverage options change due to evolving cyber threats.
Vigilance in the retail sector is paramount to safeguard customer data and financial transactions from cybercriminals as cyber threats continue to evolve.

Read Full Article

14 Likes

Cryptonews

Safe Enough To Store Trillions: Ethereum’s New Plan To Boost Security and Interest

The Ethereum Foundation has announced the 'Trillion Dollar Security' initiative to strengthen Ethereum's security for safely storing trillions of dollars worth of value on-chain.
The initiative involves identifying and fixing security vulnerabilities, communicating Ethereum's security advantages over other networks, and aiming to secure trillions on the network.
The plan includes mapping the network for security weaknesses, executing fixes prioritized by the mapping, and emphasizing the security benefits of Ethereum to users.
Despite Ethereum's weaker price performance compared to competitors like Solana, Ethereum remains the second largest cryptocurrency by market cap and dominates the DeFi market with over 50% of the total value locked.

Read Full Article

5 Likes

Medium

Image Credit: Medium

Advancing Quantum Machine Learning with Multi-Chip Ensemble Architectures

The Multi-Chip Ensemble VQC framework, developed by researchers like Junghoon Justin Park and others, partitions quantum computations across multiple quantum chips for scalability and noise resilience.
Key benefits of this framework include its validation with standard datasets and robustness under realistic noise models, showcasing potential for practical Quantum Machine Learning (QML) applications.
The framework aligns with industry efforts for scalable quantum architectures, such as Rigetti Computing's multi-chip processor and MIT's modular hardware platform, highlighting the trend towards modular and scalable quantum computing solutions.
The Multi-Chip Ensemble VQC framework is a significant advancement in practical and scalable Quantum Machine Learning, offering a modular approach that addresses challenges of NISQ devices, positioning it as a promising solution for future QML applications.

Read Full Article

1 Like

Idownloadblog

178

Image Credit: Idownloadblog

Security researcher shares PoC for CVE-2023-41992 local privilege escalation bug

Apple patched a security vulnerability (CVE-2023-41992) in iOS & iPadOS 16.7 discovered by Bill Marczak, which allowed local privilege escalation.
iOS security researcher @karzan_0x455 shared a proof of concept for the CVE-2023-41992 vulnerability showing how it can be exploited.
The proof of concept demonstrates the local privilege escalation bug, providing insights for potential hackers to create exploits, jailbreaks, or TrollStore installation methods.
While the bug may not lead to immediate jailbreaks due to additional security bypass requirements, it could be valuable for future projects like alternative installation methods up to iOS & iPadOS 17.0.

Read Full Article

10 Likes

Cybersecurity-Insiders

299

Image Credit: Cybersecurity-Insiders

Data Protection Market: Endless Possibilities to Ensure a Secure Future

The average cost of a data breach is projected to exceed USD 4 million by 2025, having already hit approximately USD 4.86 million globally in 2024.
Data protection is crucial in safeguarding individual rights, fostering trust in digital interactions, and maintaining personal integrity.
The market for data protection is estimated to grow to USD 1.12 trillion by 2037, from USD 158.77 billion in 2024, driven by increased awareness of data integrity and cybersecurity threats.
With the rise of remote work, strong data protection measures are necessary, as breaches related to remote work cost USD 173,073 on average per occurrence.
Organizations are adopting Zero Trust Architecture (ZTA) to enhance cybersecurity, especially in response to the surge in remote work and cyber threats targeting SMBs.
The shift to cloud computing has necessitated robust data protection strategies, with over 75% of data breaches in 2023 originating from data stored on the cloud.
Stringent data privacy laws worldwide, such as the Digital Personal Data Protection Act in India and GDPR in the EU, emphasize the importance of safeguarding data from breaches and illegal access.
Businesses are focusing on complying with data privacy regulations to maintain trust, protect assets, and ensure sustainability amidst increasing concerns over data breaches.
Data protection remains a top priority for all businesses to uphold data confidentiality, integrity, and individual rights, amidst evolving regulations and technological advancements.
The global data protection market is poised for substantial growth in response to the evolving cybersecurity landscape and heightened focus on data privacy and security.

Read Full Article

18 Likes

Medium

366

Image Credit: Medium

The 2025 Tech Renaissance: Beyond the Buzzwords

Agentic AI, capable of autonomous decision-making, is transforming various sectors like manufacturing, finance, and healthcare by ensuring efficiency, reduced errors, and handling complex tasks independently.
The fusion of AI and robotics in smart manufacturing is enhancing efficiency, reducing costs, and enabling quick adaptations to design changes, with advanced industrial robots now operating autonomously.
AI's role in healthcare diagnostics and patient care is expanding rapidly, with the AI healthcare market projected to reach $148.4 billion by 2029, offering benefits like enhanced diagnostic accuracy and quicker preclinical research.
Businesses face challenges in digital transformation, cybersecurity threats are evolving with advanced defenses like AI-driven threat detection and post-quantum cryptography, and AR/VR technologies are innovating collaboration and design processes in various industries.

Read Full Article

22 Likes

Medium

341

Image Credit: Medium

How to Design a Privacy Risk Framework for AI Systems

The proposed PIA-AIA framework acts as a guide for organizations to manage privacy risks and ensure algorithmic accountability, integrating PIA with AIA for a more holistic view of AI's impact on personal data and human rights.
The framework incorporates principles from COBIT 2019, focusing on governance and information & technology management practices.
Privacy frameworks like FIPP, GAPP, Privacy by Design (PbD), and HCER-AI emphasize protecting data, governance, transparency, and ethical AI development.
PIA assesses privacy impact in projects involving personal data, while AIA evaluates social impact of algorithms, focusing on fairness, transparency, and accountability.
The PIA-AIA framework reframes privacy and algorithmic assessments as part of a continuous risk management cycle, ensuring ongoing oversight and governance.
Integration of PIA and AIA helps organizations align privacy and AI efforts with legal requirements and business goals, leading to improved user trust and operational optimization.
The dynamic and iterative risk management approach within the framework addresses emergent risks and involves stakeholder engagement for transparency and accountability.
The framework includes phases such as understanding the I&T environment, privacy threshold analysis, context establishment, risk assessment, risk mitigation, communication, consultation, monitoring, and review.
Risks are classified into ethical, performance, and implementation categories, allowing for clearer accountability, response strategies, and strategic prioritization.
A use case involving AI for early prediction of type 2 diabetes risk demonstrates the application of the framework in a primary care setting.

Read Full Article

20 Likes

For uninterrupted reading, download the app