Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

TechCrunch

371

Image Credit: TechCrunch

Called your doctor after-hours? ConnectOnCall hackers may have stolen your medical data

ConnectOnCall, owned by Phreesia, a healthcare tech company, has alerted almost a million individuals of a data breach that occurred in May.
The breach involved stolen personal and health information shared between patients and doctor's offices that relied on ConnectOnCall.
Affected information includes patient names, phone numbers, dates of birth, health conditions, treatments, prescriptions, and some Social Security numbers.
Phreesia is notifying 914,138 people, making it the 14th largest healthcare-related data breach in 2024 so far.

Read Full Article

22 Likes

Tech Radar

105

Image Credit: Tech Radar

BADBOX malware hits 30,000 Android devices - make sure you update now

German authorities disrupt major malware operation affecting 30,000 Android devices
BADBOX comes preloaded on Android devices with older firmware, sold as infected
Malware can create fake accounts, spread fake news, engage in ad fraud, and act as a proxy service
Operation most likely originates from China

Read Full Article

6 Likes

Tech Radar

346

Image Credit: Tech Radar

Fake job tasks are costing victims millions, FTC warns

The FTC is warning jobseekers of rising new online scam
'Task' scams ask victims to pay deposits to access paid work
Task scams were virtually non-existent in 2021, but have skyrocketed in recent years
FTC received over 20,000 complaints in the first 6 months of 2024, resulting in $220 million loss for victims

Read Full Article

20 Likes

Tech Radar

409

Image Credit: Tech Radar

Top healthcare company exposes data on millions of patients - find out if you're affected

A Canadian healthcare giant, Care1, exposed a database containing millions of sensitive records.
The database, discovered by security researcher Jeremiah Fowler, contained patient Personally Identifiable Information (PII), eye exams, doctor's comments, and images of exam results.
The database also included spreadsheets with patient information like home addresses and Personal Health Numbers (PHN).
Care1 locked down the database after being notified, but it's uncertain if any unauthorized access occurred prior to the discovery.

Read Full Article

24 Likes

Discover more

TechCrunch

257

Image Credit: TechCrunch

Israeli spyware maker Paragon bought by U.S. private equity giant

Israeli spyware maker Paragon has been acquired by American private equity giant AE Industrial Partners.
The deal was reportedly worth $500 million upfront, with a potential total value of up to $900 million.
Paragon, founded by former Israeli intelligence officers, offers a spyware product called Graphite.
This acquisition follows a trend of Western investment firms investing in Israeli spyware makers.

Read Full Article

15 Likes

Dev

413

Image Credit: Dev

TCP/IP gives wings

The TCP/IP model divides the communication space into four layers: physical layer, channel layer, transport layer, and application layer.
The first two levels are related to physical wires and methods of transmission of electrical impulses.
The transport layer is related to the hardware that supports information systems.
The application layer is where all the programming community is located.

Read Full Article

24 Likes

TechCrunch

384

Image Credit: TechCrunch

BlackBerry sells Cylance for $160M, a fraction of the $1.4B it paid in 2018

Arctic Wolf has acquired Cylance, BlackBerry's cybersecurity business, for $160 million.
BlackBerry had bought Cylance for $1.4 billion in 2018.
Under the deal, BlackBerry will sell Cylance assets to Arctic Wolf for $160 million in cash.
BlackBerry will receive around $80 million at closing and 5.5 million common shares in Arctic Wolf.

Read Full Article

23 Likes

Cybersecurity-Insiders

122

Image Credit: Cybersecurity-Insiders

Kids videos games are acting as espionage points for missile attacks

Cybercriminals are using video games to recruit child players for missile attacks.
Russian cybercrime groups target children, promising rewards like Bitcoin.
Children are asked to send pictures and videos of their surroundings, which are used to pinpoint their location.
The attackers then target the area with missile strikes, causing devastation.

Read Full Article

7 Likes

Tech Radar

Image Credit: Tech Radar

Cl0p ransomware group says it was behind Cleo attacks

Cl0p ransomware group confirms being behind the Cleo attacks.
The group claims to delete all government and healthcare data.
Cl0p was also responsible for the MOVEit cyberattack.
The Cleo attacks targeted organizations through a vulnerability in their managed file transfer products.

Read Full Article

3 Likes

Tech Radar

160

Image Credit: Tech Radar

US set to allow tech giants to control access to AI chips

The US government has imposed strict requirements to block Chinese access to AI chips, empowering companies like Google and Microsoft to act as gatekeepers worldwide.
A small number of US tech firms will be offered 'gatekeeper status' to offer AI capabilities within the cloud in foreign countries, limiting licenses for importing powerful AMD and Nvidia chips.
Exemptions will be granted to 19 allied states, allowing unlimited access to AI chips and capabilities.
The US and China are engaged in a battle to control the semiconductor market, imposing trade sanctions and offering domestic incentives.

Read Full Article

9 Likes

Socprime

409

Image Credit: Socprime

UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware

The UAC-0099 hacking collective has been launching cyber-espionage attacks against Ukraine, with a spike in malicious activity observed throughout November-December 2024 targeted at Ukrainian government entities.
The group has been using phishing as an attack vector and spreading LONEPAGE malware.
The continuous rise in cyberattacks against government agencies in Ukraine calls for stronger defense measures against CVE-2023-38831 exploitation and LONEPAGE malware distribution.
The latest CERT-UA alerts focus on UAC-0099's adversary operations that span November and December 2024.
All detections are mapped to the MITRE ATT&CK® framework to enhance threat research, including CTI and other important metadata.
In addition, teams can accelerate IOC packaging and retrospective hunting of the group's TTPs.
The UAC-0099 group has been observed launching cyberattacks against forestry departments, forensic institutions, factories, and public sector agencies.
The group uses phishing emails, containing attachments in the form of double archives with LNK or HTA files. Some archives include an exploit for the known WinRAR vulnerability CVE-2023-38831. Once successfully compromised, the LONEPAGE malware executes on the affected machines, enabling command execution.
Leveraging MITRE ATT&CK helps security teams gain insight into UAC-0099 TTPs used in cyber-espionage campaigns against Ukraine.
The expanding scope of UAC-0099's cyber-espionage campaigns, combined with its shifting methods, tools, and targets, highlights the critical need for improved cyber vigilance to counter the group's adaptability effectively.

Read Full Article

24 Likes

VentureBeat

147

Image Credit: VentureBeat

See how Google Gemini 2.0 Flash can perform hours of business analysis in minutes

Google’s newly released Gemini 2.0 Flash provides business analysts with greater speed and flexibility in defining Python scripts for complex analysis, giving analysts more precise control over the results they generate.
Gemini 2.0 Flash also supports multimodal inputs, including images, video, and audio, as well as multimodal output, including natively generated images mixed with text and steerable text-to-speech (TTS) multilingual audio. It can also natively call tools like Google Search, code execution, and third-party user-defined functions.
VentureBeat wanted to make the prompt request realistic by having the script encompass an analysis of 13 XDR vendors, also providing insights into how AI helps the listed vendors handle telemetry data.
Here is the prompt we gave Gemini 2.0 Flash to execute: Write a Python script to analyze the following cybersecurity vendors who have AI integrated into their XDR platform and build a table showing how they differ from each other in implementing AI.
Within seconds, the script ran, and Colab signaled no errors. It also provided a message at the end of the script that the Excel file was done.
Analysts, by nature, have a high degree of intellectual curiosity. Helping lift that burden will give analysts a chance to do what they enjoy and do best, which is to use their intuition, intelligence, and insight to deliver exceptionally valuable ideas.
The total time needed to get this table done was less than four minutes, from submitting the prompt, getting the Python script, running it in Colab, downloading the Excel file, and doing some quick formatting.
Using Google AI Studio, VentureBeat created the following AI-powered XDR Vendor Comparison Python scripting request, with Python code produced in seconds.
Automation tools in general, and AI tools specifically, can assist business analysts who need to crunch massive amounts of data and succinctly communicate it.
For the many professionals who have worked in a variety of business, competitive, and market analyst roles in their careers, AI is the force multiplier they’ve been looking for to trim hours off of repetitive, monotonous tasks.

Read Full Article

8 Likes

Medium

Image Credit: Medium

We are thrilled to welcome Lionel Klein as a new advisor to our NAEST ICO!

Lionel Klein, an expert in international cybersecurity, has become a new advisor for NAEST ICO.
Lionel is the co-founder of RESILIUM and the future head of the Cyber department at MITEM.
His strategic vision and experience make him a valuable asset to the project.
NAEST aims to revolutionize transportation and travel through an integrated technology platform.

Read Full Article

1 Like

Tech Radar

401

Image Credit: Tech Radar

US government warns water firms to secure infrastructure at risk online

The US government warns water firms to secure their infrastructure at risk online
CISA and EPA urge water and wastewater facilities to protect their Human Machine Interfaces (HMIs) and Water and Wastewater Systems (WWS) from cyberattacks
Unprotected HMIs can be exploited by unauthorized users to view, make changes and potentially disrupt water and wastewater treatment processes
Recent cyberattacks on American Water Works Company and Veolia North America highlight the importance of securing water infrastructure

Read Full Article

24 Likes

Tech Radar

405

Image Credit: Tech Radar

Huge cybercrime attack sees 390,000 WordPress websites hit, details stolen

A cybercrime attack targeting WordPress websites resulted in the theft of login credentials for approximately 390,000 accounts.
The attack involved a malicious package that was uploaded to the NPM package repository, disguised as an XML-RPC implementation, and later introduced malware via updates.
The malware was designed to steal sensitive data, such as SSH keys and bash history, and install cryptojackers on compromised endpoints.
Researchers discovered approximately 68 compromised systems actively mining the cryptocurrency Monero.

Read Full Article

24 Likes

For uninterrupted reading, download the app