A naukri.com initiative
Cyber Security News
Fintechnews
1w
108
Image Credit: Fintechnews
Visa Ramps Up AI-Powered Fraud Prevention During Holiday Shopping Globally
- Visa's fraud prevention system blocked nearly 85% more suspected fraudulent transactions globally this Cyber Monday compared to last year.
- Suspected fraudulent activity surged by 200% worldwide over the holiday weekend, with fraudsters using advanced AI tools to target transactions.
- Visa deployed its own AI and machine learning technologies to detect and prevent fraudulent activity across all shopping platforms.
- Visa has invested $11 billion in technology to combat fraud, including the development of the Visa Account Attack Intelligence Score.
Read Full Article
6 Likes
Pymnts
1w
230
Image Credit: Pymnts
AI Signal Vulnerability May Invite Model Theft
- Researchers have discovered a potential method to extract AI models by capturing electromagnetic signals from computers, posing a threat to commercial AI development.
- The real-world implications and defenses against such techniques remain unclear.
- Hackers targeting AI models can undermine businesses' investments, erode trust, and enable competitors to leapfrog innovation.
- The susceptibility of AI models to attacks may lead companies to invest in improved security measures.
Read Full Article
13 Likes
Digitaltrends
1w
125
Image Credit: Digitaltrends
The massive LastPass hack from 2022 is still haunting us
- A string of attacks following the massive LastPass hack in 2022 resulted in $5.36 million being stolen from 40 users.
- The breach occurred due to weak or reused passwords by users, despite the password vaults being encrypted.
- The hackers stole LastPass' source code and merged it with data from another breach, exploiting a weakness in a remote-access app used by employees.
- The incident emphasizes the importance of using strong and unique passwords on all accounts.
Read Full Article
7 Likes
Siliconangle
1w
117
Image Credit: Siliconangle
CISA releases draft updates to National Cyber Incident Response for public comment
- The U.S. Cybersecurity and Infrastructure Agency has released a draft update to the National Cyber Incident Response Plan that addresses significant changes in policy and cyber operations since the plan was first released in 2016.
- The updates propose enhancements to improve coordination and collaboration across federal, state, and private sector entities in responding to cyber incidents.
- The revised plan emphasizes integrating non-federal stakeholders and streamlines the plan's content to align with practical operational phases of incident response.
- The draft also proposes updated roles, responsibilities, and a structured timeline for regular plan updates to address evolving cyber threats and technological advancements.
Read Full Article
7 Likes
Siliconangle
1w
167
Image Credit: Siliconangle
1.4M records stolen in Texas Tech University Health Sciences Center ransomware attack
- Approximately 1.4 million records related to students, staff, and patients at Texas Tech University's Health Science Center were stolen in a ransomware attack.
- The attack occurred in September, but the university only recently disclosed the incident.
- The stolen data includes personally identifiable information such as names, dates of birth, addresses, Social Security numbers, and medical records.
- Texas Tech University is offering complimentary credit monitoring services to affected individuals.
Read Full Article
10 Likes
TechBullion
1w
113
Image Credit: TechBullion
The Cybersecurity Blueprint for a Borderless World: Zero Trust
- With the explosion of Internet of Things (IoT) devices, the normalization of remote work, and the adoption of multi-cloud infrastructures, Zero Trust Architecture (ZTA) has emerged as the new gold standard for security.
- Zero Trust is grounded in three key principles: assume breach, verify explicitly, and enforce least privilege. And unlike previous security models, Zero Trust assumes every network—whether it’s your home Wi-Fi or the coffee shop hotspot is untrustworthy by default.
- The National Institute of Standards and Technology (NIST) provides foundational guidelines for Zero Trust, advocating for robust identity governance and policy-based access controls.
- Despite the widespread applicability, proactive cybersecurity is still rare. “Too often, vulnerabilities aren’t taken seriously until there’s a breach.”
- Reflecting on recent developments, Zero Trust must evolve alongside emerging technologies. AI-driven attacks and predictive containment are growing more sophisticated in an arms race.
- Still, Zero Trust isn’t foolproof. High implementation costs can put it out of reach for smaller organizations, and insider threats or social engineering can still bypass defences.
- Kumar offers two simple rules for adopting Zero Trust: “Minimize risk, and maximize resilience. Every solution you implement should align with one of these goals,” he says. “It helps to think of Zero Trust more as a mindset than a rigid set of rules.”
- Zero Trust principles extending beyond networking into physical supply chains and emerging technologies like quantum computing. Technologies like Trusted Platform Modules (TPMs) and software-defined perimeters are expected to larger roles in creating highly localized, tamper-resistant security measures.
- “Regardless of how sophisticated the technology, the goal is to deconstruct security into its smallest, least manipulable components,” he explains.
- “Zero Trust is here to stay.”
Read Full Article
6 Likes
Geek Wire
1w
25
Washington state getting $57M to boost digital equity initiatives, add zero-emission school buses
- The Washington State Dept. of Commerce and Sen. Maria Cantwell's office announced grants totaling $57 million for digital equity, high-speed internet, and zero-emission school buses.
- The Washington State Broadband Office will receive $15.98 million to improve digital equity and develop a Broadband Cybersecurity Literacy Program.
- Federal grants of $32.3 million will help five tribes in Washington deploy high-speed internet and support telehealth, distance learning, and digital inclusion.
- Grants totaling $8.4 million were announced for replacing diesel school buses with zero-emission buses to combat air pollution and improve children's health.
Read Full Article
1 Like
TechBullion
1w
41
Image Credit: TechBullion
Strengthen Cyber Resilience: A Checklist for ITOps and SecOps Collaboration
- Half of organizations have experienced a cybersecurity incident in the past year, and majority believe they will likely be disrupted by a cybersecurity incident in the next 12 to 24 months.
- The disconnect between ITOps and SecOps is a barrier to building cyber resilience in organizations. ITOps focuses on maintaining network infrastructure while SecOps focuses on detecting and preventing breaches.
- The lack of understanding and collaboration between ITOps and SecOps hinder cyber resilience efforts.
- Transforming legacy technology and processes is considered the greatest barrier to cyber resilience in large organizations.
Read Full Article
2 Likes
Siliconangle
1w
75
Image Credit: Siliconangle
Ireland’s privacy regulator fines Meta €251M over 2018 cyberattack
- Ireland’s privacy regulator fines Meta €251 million over a 2018 breach that compromised users' data.
- The breach occurred in September 2018 and affected approximately 29 million Facebook users.
- Hackers exploited a code vulnerability to steal user data, including names, dates of birth, and posts.
- Meta was fined for failing to protect user data according to EU's GDPR privacy regulation.
Read Full Article
4 Likes
Digitaltrends
1w
79
Image Credit: Digitaltrends
IPVanish review: an unlimited-device VPN with a few flaws
- IPVanish is a low-cost VPN that supports every platform, including Windows, macOS, Linux, ChromeOS, iOS, and Android.
- IPVanish Essential costs $13 per month, $40 per year, or $53 if you pay for two years of service.
- IPVanish has a nice, modern design with a large map of worldwide servers.
- IPVanish Essential did a good job of hiding my IP address and location without any detectable leaks.
- The best free VPNs safeguard your identity just as well as IPVanish Essential.
- IPVanish offers enough worldwide servers to handle its customer base without any significant slowdowns.
- IPVanish’s privacy policy states clearly that it doesn’t sell or rent your personal information to third parties.
- While it has malware and ad-blocking that work well, neither IPVanish plan matches the robust malware protection of high-quality antivirus software.
- IPVanish Essential offers great value for the price, but there are some issues that make it hard to recommend.
- It’s a good idea to research the best VPNs before selecting a long-term subscription.
Read Full Article
4 Likes
Securityaffairs
1w
12
Image Credit: Securityaffairs
Texas Tech University data breach impacted 1.4 million individuals
- Texas Tech University disclosed a data breach that impacted over 1.4 million individuals following a cyber attack.
- The incident took place in September 2024 and temporarily impacted computer systems and applications.
- Compromised information includes personal, health, and financial data such as Social Security numbers, driver's license numbers, and medical records.
- The Interlock ransomware gang claimed responsibility for the security breach and allegedly stole 2.6 terabytes of data.
Read Full Article
Like
Tech Radar
1w
146
Image Credit: Tech Radar
Almost a million ConnectOnCall users may have had data stolen by hackers
- Healthcare software ConnectOnCall suffered a data breach, potentially affecting over 900,000 patients.
- The breach occurred between February 16 and May 12, 2023, with an unknown third party accessing sensitive patient information.
- Exposed data includes medical records, prescription information, full names, phone numbers, and a small number of social security numbers.
- ConnectOnCall services have been taken offline, and Phreesia is working with law enforcement to determine the impact.
Read Full Article
8 Likes
Pymnts
1w
96
Image Credit: Pymnts
Visa: AI Helped Block 85% More Fraud on Cyber Monday
- Visa's artificial intelligence (AI) and machine learning capabilities blocked 85% more suspected fraud globally on Cyber Monday compared to the previous year.
- Visa's investment of $11 billion in fraud prevention technology over the past five years has paid off in thwarting fraud attempts.
- The Visa Account Attack Intelligence Score, a tool leveraging generative AI, helps detect and prevent fraud in real-time.
- Financial institutions using AI and machine learning experience fewer instances of common fraud compared to those using traditional fraud prevention tools.
Read Full Article
5 Likes
Medium
1w
188
Image Credit: Medium
Verifiable AI: How TEEs and Oasis Network Power Trustworthy Decentralized AI
- By combining GPU-enabled TEEs with the Oasis Network’s privacy-focused infrastructure, developers can create verifiable, privacy-preserving AI models.
- Decentralization addresses transparency and trust issues in AI systems, ensuring trustworthy, transparent, and private AI models.
- GPU-enabled TEEs secure AI computations without compromising performance, protecting sensitive data during training and inference.
- The integration of GPU-enabled TEEs with the Oasis Network enables secure and verifiable AI systems, paving the way for decentralized AI marketplaces.
Read Full Article
11 Likes
Medium
1w
117
Image Credit: Medium
Finding the Perfect Self Hosted Notes App
- Today, the author shares their process for setting up an experiment to find the right self-hosted note-taking app.
- The author values simplicity, Markdown, and owning their data.
- They have narrowed down the options to three popular self-hosted note-taking apps that meet their criteria.
- The post is about the process of testing these apps and inviting readers to follow along.
Read Full Article
7 Likes
For uninterrupted reading, download the app