Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Tech Radar

Image Credit: Tech Radar

Thousands of Rhode Island citizens have data stolen after social services hit by cyberattack

The RIBridges benefits system in Rhode Island has suffered a cyberattack, potentially exposing the data of thousands of citizens.
Deloitte, the vendor for the system, confirmed that personally identifiable information (PII) and banking information may have been stolen.
The breach likely occurred on December 5 and the system was taken down on December 13.
Affected citizens are advised to remain vigilant, be on the lookout for fraud, and change passwords according to cyber hygiene standards.

Read Full Article

4 Likes

Wired

169

Image Credit: Wired

The Top Cybersecurity Agency in the US Is Bracing for Donald Trump

Donald Trump helped create the US government’s cybersecurity agency during his first term as president. Six years later, employees of that agency are afraid of what he’ll do with it once he retakes office.
CISA, which the Trump administration and Congress created in 2018 by reorganizing an existing DHS wing, became a target of right-wing vitriol after its Trump-appointed director rebuffed the president’s election conspiracy theories in 2020.
The incidents turned a once-obscure agency with bipartisan credibility into a conservative bogeyman.
Now, with Trump returning to office vowing to purge disloyal civil servants and turn DHS into an immigration-crackdown machine, CISA employees are acutely worried about the fate of their still-fledgling agency.
CISA is bracing for change in several areas that were key to US president Joe Biden’s cybersecurity agenda.
CISA employees and Biden administration officials expect the Trump team to kill Biden’s corporate responsibility initiatives.
CISA employees are also watching uneasily to see if Trump officials pressure the cyber agency to water down its draft regulation requiring critical infrastructure operators to report cyber incidents.
CISA is also bracing for changes to its election security mission.
Trump’s victory could also have serious consequences for other CISA missions.
Trump’s promised changes to civil-service rules, which would expose more government workers to politically motivated firings, are also alarming CISA employees.

Read Full Article

10 Likes

Socprime

295

Image Credit: Socprime

How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic'”

If you’ve worked with OpenSearch or Elasticsearch and encountered "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'" warning in your logs, you’re not alone.
This message typically appears when a client makes a request to the cluster but does not include the required Authorization header.
To suppress this warning, you can adjust the logging level for the relevant logger.
After executing the above command, check your logs to confirm the warnings are no longer present.

Read Full Article

17 Likes

Socprime

Image Credit: Socprime

Fluentd: How to Make Nested Hash from Dot-Separated Keys

When a log record has keys like test.test, you can use two methods record_transformer and explode plugin, to process these keys and create a nested structure.
Using the record_transformer method, you need to follow several steps to create nested fields, while the explode plugin can achieve this in one step.
The explode plugin breaks top-level keys with dots into nested structures, allowing easy manipulation of the fields.
To use the explode plugin, you need to install it using the command 'gem install fluent-plugin-explode_filter'.

Read Full Article

3 Likes

Discover more

Silicon

Image Credit: Silicon

Shaping Tomorrow: Top Tech Trends and Opportunities for 2025

The technology landscape of 2025 is poised to bring transformative change, reshaping industries, redefining customer expectations, and creating unprecedented opportunities for businesses and individuals.
AI is redefining the way businesses interact with customers, delivering more personalised and empathetic experiences. AI-driven personalization and quantum computing breakthroughs are expected to dominate the conversation.
The explosion of data, fuelled by AI, presents both opportunities and challenges. Innovations like higher-density hard drives and scalable cloud storage solutions will be critical to addressing this imbalance.
Generative AI, a significant driver of innovation, is set to unlock new efficiencies across industries, particularly in supply chain management, predictive maintenance, and customer service.
AI observability, a relatively new concept, is gaining traction as organisations seek to ensure the accuracy and security of AI systems. AI is also driving more agile and sustainable supply chains.
Upskilling is becoming a necessity as organizations prepare their workforce for an AI-driven future.
Small and medium-sized enterprises (SMEs) are also set to benefit from these advancements.
The demand for effective leadership in an AI-driven world is growing. Future leaders must combine AI literacy with empathy and ethical judgment to build trust and foster innovation.
The technology trends of 2025 highlight a world in transition, where businesses and individuals alike are grappling with the implications of rapid change.
From the explosion of AI to the rise of quantum computing and sustainable energy solutions, the opportunities are vast for those willing to adapt and innovate.

Read Full Article

4 Likes

Tech Radar

380

Image Credit: Tech Radar

Schools are facing greater cybersecurity threats than ever before

74% of parents are confident in school's cybersecurity measures
Only 14% of schools provide mandatory cybersecurity training
Cyberattacks are financially impacting schools, parents, and students
32% of breached schools suffered data theft

Read Full Article

22 Likes

Tech Radar

354

Image Credit: Tech Radar

Deepfakes and AI attacks are worker's biggest security worries

86% of workers in UK SMBs are increasingly concerned about cyber breaches, but only a third say they’re confident in spotting such threats.
63% of workers believe they would be unable to spot a cybersecurity issue, despite increased concern compared with last year.
34% of internet users have experienced scams, fraud, and phishing, whereas 43% have experienced a deepfake in the first half of 2024 alone.
43% of workers have not received any cybersecurity training in the past year.

Read Full Article

21 Likes

Global Fintech Series

359

Image Credit: Global Fintech Series

Deconstructing Digital Wallets: Designing for Interoperability and User Privacy

Digital wallets have transformed payments, identity verification, and asset management into seamless, accessible experiences. They allow users to store and manage digital assets, including money, identification, loyalty cards, and even cryptocurrencies.
Digital wallets often face challenges related to interoperability and privacy. These issues stem from differences in platform design, regulatory requirements, and evolving user expectations.
Interoperability refers to the ability of digital wallets to work seamlessly across platforms, networks, and devices. It is a critical factor in ensuring user convenience and broader adoption.
Achieving interoperability involves technical, regulatory, and business challenges. On the technical front, wallet providers must ensure compatibility across diverse systems, including various operating systems, application programming interfaces (APIs), and payment protocols.
Digital wallets inherently deal with sensitive user information, including financial data, personal identifiers, and transaction histories. Addressing privacy concerns is no longer optional; it's a fundamental design requirement.
To address these privacy challenges, wallet providers must adopt privacy-by-design principles such as end-to-end encryption, decentralization, minimal data collection, user control, and transparency.
Interoperability and privacy are often seen as competing priorities. However, these objectives can coexist when approached thoughtfully. For example, zero-knowledge proofs (ZKPs) can enable interoperability while preserving privacy.
By prioritizing user-centric design and leveraging cutting-edge technologies, wallet providers can strike a balance between interoperability and privacy, delivering solutions that meet both business and consumer needs.
Digital wallets can become more than just a tool—they can serve as a cornerstone of the digital economy, empowering users worldwide.

Read Full Article

21 Likes

Cybersafe

Image Credit: Cybersafe

Clop Ransomware claims responsibility for Cleo Data Breaches

The Clop ransomware gang has claimed responsibility for the recent data breaches targeting Cleo's file transfer platforms.
Cleo, a provider of managed file transfer solutions, had patched a vulnerability (CVE-2024-50623) in October.
However, the patch was incomplete and cybercriminals continued to exploit the flaw to steal data using a JAVA backdoor.
The Clop ransomware group has been increasingly targeting secure file transfer platforms to conduct data theft.

Read Full Article

3 Likes

Socprime

147

Image Credit: Socprime

Essential Dev Tools Commands for Elasticsearch & OpenSearch Administrators

Node and Disk Allocation: Check the distribution of shards and disk usage across nodes.
Field Data Statistics: View memory usage for field data to diagnose performance issues.
Cluster Health Overview: Get a basic summary of cluster health, number of nodes, and shards.
Indices Overview: List indices with storage size and primary store size sorted by index name.

Read Full Article

8 Likes

Medium

393

Image Credit: Medium

Nesa: Redefining AI with Privacy and Security at It’s Core

Nesa is redefining AI to address the balance between innovation and privacy.
Nesa creates a decentralized infrastructure for AI, eliminating vulnerabilities and ensuring private and secure AI inference.
The Nesa team achieved a milestone at NeurIPS with their research on secure and private AI framework.
Nesa's solutions offer a robust framework for privacy and security in AI, setting a standard for the industry.

Read Full Article

23 Likes

Androidauthority

405

Image Credit: Androidauthority

Android and Apple users: Critical RCS messaging protection is still months away despite FBI warning

The Global System for Mobile Communications (GSMA) is working on bringing end-to-end encryption to messaging platforms that support the RCS protocol.
No specific timeline has been provided, with the GSMA planning to update the market in a few months.
As a result, RCS texting between Apple and Android devices will remain vulnerable for an unknown period of time.
The FBI and CISA have issued a warning to Apple and Android users urging them to stop texting each other using the RCS protocol due to the Salt Typhoon hacking group's telecommunication breach.

Read Full Article

24 Likes

Pymnts

342

Image Credit: Pymnts

Why More Connectivity Means More Vulnerability for Cross-Border Payments

The increasing connectivity in the global payments landscape brings both advances and risks.
Credit risk, payment risk, counterparty risk, fraud, security risk, and compliance risk are major threats to trust.
Proactive risk management and compliance are crucial to maintaining trust and safety in the payment ecosystem.
Incremental innovation and a data-driven approach to technology integration are essential in addressing fraud and promoting inclusivity.

Read Full Article

20 Likes

Insider

160

Image Credit: Insider

Cloud security startup Wiz turned down a Google takeover. Now, it plans to ride the AI boom to an IPO.

Cloud security startup Wiz grew rapidly, reaching $500 million in annual recurring revenue in just four years.
Since rejecting a $23 billion Google acquisition, Wiz plans to double its revenue accumulation and go public via IPO.
COVID-19 pushed the mass shift towards cloud services, boosting Wiz's client base.
Wiz specializes in providing cloud security for companies in identifying potential risks with their cloud providers.
AI is a backbone for cloud computing, and its boom has spelled a new era of intensified focus on security and privacy – boosting Wiz's business growth.
Powering inorganic growth by acquiring other security startups like Rafft, Gem, and Dazz, Wiz plans to dominate the cybersecurity industry.
European expansion is a critical move for Wiz, which recently opened its headquarters in London.
Wiz estimates earning 35% of its revenue from Europe, with a market that's more privacy-aware and constrained by security than the USA.
In its bid for global expansion, Wiz is on the hunt for a CFO to fulfill its public debut goal.
Wiz is readying two new products, which it plans to release together with its impending hiring spree.

Read Full Article

9 Likes

Securityaffairs

Image Credit: Securityaffairs

Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise

Researchers discovered multiple flaws in the infotainment systems of Volkswagen Group vehicles that could allow to track them in real-time.
A team of security researchers from cybersecurity firm PCAutomotive discovered 12 vulnerabilities in the MIB3 infotainment systems used in Volkswagen Group cars.
The vulnerabilities include issues with phone book synchronization, contact photo handling, and access restrictions, among others.
Volkswagen Group confirmed that some vulnerabilities have been fixed and others are being addressed to ensure customer safety.

Read Full Article

2 Likes

For uninterrupted reading, download the app