menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

TechCrunch

1w

read

175

img
dot

Image Credit: TechCrunch

FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector

  • The FBI and cybersecurity firms have warned that a hacking group known as Scattered Spider is targeting airlines and the transportation sector.
  • Scattered Spider, comprised mainly of financially motivated English-speaking hackers, uses tactics like social engineering, phishing, and ransomware to steal data.
  • The hackers may target large corporations and their IT providers in the airline ecosystem, putting airlines and associated vendors at risk.
  • Recent intrusions have been reported by Hawaiian Airlines and WestJet, with the latter's cyberattack linked to Scattered Spider. This follows previous attacks on the retail sector and insurance industry.

Read Full Article

like

10 Likes

share

2 Shares

source image

Securityaffairs

1w

read

363

img
dot

Image Credit: Securityaffairs

LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

  • Over 1,000 SOHO devices hacked in China-linked LapDogs spying campaign for espionage.
  • Security researchers uncover ORB network supporting long-term spying ops in U.S. and Asia.
  • ShortLeash malware, targeting various hardware vendors, found hiding in compromised devices.

Read Full Article

like

21 Likes

share

5 Shares

source image

Medium

1w

read

303

img
dot

Objective: To develop a strong foundational understanding of penetration testing by completing the…

  • The article discusses the importance of developing a strong foundational understanding of penetration testing by covering topics such as reporting, types of testing (Black Box, Grey Box, White Box), and practical tests like the ACME assignment.
  • Specific methodologies like OSSTMM, OWASP, NIST Cybersecurity Framework 1.1, and NCSC CAF are highlighted as part of the penetration testing process.
  • A scenario involving exploiting a web server's IP address, gaining access to sensitive information, and escalating privileges from a normal user to root user/administrator is described, culminating in finding the root flag THM{PENTEST_COMPLETE}.

Read Full Article

like

18 Likes

share

4 Shares

source image

Wired

1w

read

379

img
dot

Image Credit: Wired

ICE Rolls Facial Recognition Tools Out to Officers' Phones

  • Immigration and Customs Enforcement (ICE) deploys new facial recognition tool on officers' phones.
  • ICE's mobile app uses biometric data to match faces against government-collected records.
  • Critics raise concerns about potential surveillance-driven profiling and wrongful arrests.
  • US charges group behind data breaches and shutdown of notorious cybercriminal forum Breachforums.

Read Full Article

like

22 Likes

share

5 Shares

source image

Medium

1w

read

52

img
dot

Image Credit: Medium

✉️ Gmail’s AI Spam Filter Is Failing You — Here’s How I Took Back Control of My Inbox in 10 Minutes

  • Gmail's AI spam filter is reportedly failing to block sophisticated spam emails.
  • The author shares a quick process to take back control of the inbox in under 10 minutes.
  • Tips include manually marking strange emails as spam, utilizing Gmail settings filters, and using tools like Labnol and NordVPN for email protection.
  • The article emphasizes the importance of staying vigilant against AI-generated spam and taking proactive steps to safeguard personal data.

Read Full Article

like

2 Likes

share

Share

source image

Medium

1w

read

406

img
dot

Image Credit: Medium

The "Alert Circle" SOC — A Biomimetic Model for Resilient Cybersecurity in Uncertain Environments

  • Adopting biomimetic concepts, the Alert Circle SOC model enhances collective cybersecurity intelligence.
  • Emulating elephant behavior, it integrates various cybersecurity functions for proactive threat detection.
  • This model focuses on distributed sensing, collective cognition, and coordinated protection efforts.
  • It transforms cybersecurity operations from reactive to adaptive by prioritizing threat sophistication.

Read Full Article

like

24 Likes

share

5 Shares

source image

Pymnts

1w

read

61

img
dot

Image Credit: Pymnts

Barbie Gets a Brain: OpenAI Partnership Puts Conversational AI in Mattel Toys

  • Mattel has partnered with OpenAI to integrate artificial intelligence into their iconic toys like Barbie and Hot Wheels, enabling toys to be smarter and more responsive to children's preferences.
  • The collaboration aims to create toys that can remember children's preferences, adapt to their quirks, and offer personalized experiences, but it raises concerns about privacy and data protection.
  • Mattel promises to prioritize safety, privacy, and security in their AI-powered toys, but critics are apprehensive about the potential privacy implications of AI companions for children.
  • The integration of AI in toys opens up possibilities for educational benefits but also raises questions about the impact on children's creativity and ability to engage in unstructured play.

Read Full Article

like

3 Likes

share

Share

source image

Dev

1w

read

265

img
dot

Image Credit: Dev

Trying Out PowerShell for Process Logging — Finally Something That Feels Like Real Scripting 😅

  • The author, Mohammad, shared their experience of switching from Batch files to PowerShell for process logging on Windows.
  • Mohammad wanted to build a script that lists running processes with timestamps and saves the information into a log file.
  • He shared the PowerShell script he wrote for process logging and highlighted key learning points like PowerShell's elegance and the usefulness of Out-File -Append.
  • Mohammad experimented with Task Scheduler to run the script every 10 minutes, noticed spikes in certain processes, and plans to add more functionalities like filters and remote monitoring in the future.

Read Full Article

like

15 Likes

share

3 Shares

source image

The Verge

2w

read

64

img
dot

Image Credit: The Verge

How vulnerable is critical infrastructure to cyberattack in the US?

  • Critical infrastructure in the US, including water, health, and energy systems, is increasingly vulnerable to cyberattacks.
  • Tensions, such as recent events like US bombing nuclear facilities in Iran, raise concerns about the safety of these critical systems, especially in potential conflict scenarios.
  • As battlefields now extend into the digital realm, real-world critical infrastructure becomes a target for cyberattacks.
  • Experts stress the necessity to reassess and improve security measures for critical infrastructure like hospitals, water supplies, and other vital services to defend against potential cyber threats.

Read Full Article

like

3 Likes

share

Share

source image

Hackernoon

2w

read

210

img
dot

Image Credit: Hackernoon

Leeds United And Reflectiz Partner To Share Insights On Proactive Web Security After Cyber Attack

  • Leeds United FC partners with Reflectiz for a webinar on proactive web security after a Magecart attack.
  • The webinar will feature insights from Leeds United's IT and Security Head on their experience with the attack.
  • Reflectiz's VP Sales will provide strategic insights on preventing and mitigating client-side vulnerabilities.
  • The webinar is aimed at IT professionals, cybersecurity experts, and e-commerce managers to enhance online security.

Read Full Article

like

12 Likes

share

2 Shares

source image

VentureBeat

2w

read

180

img
dot

Image Credit: VentureBeat

How runtime attacks turn profitable AI into budget black holes

  • AI's promise comes with hidden security costs at the inference layer, inflating budgets.
  • New attacks on AI's operational side jeopardize ROI and total cost of ownership.
  • Adversaries exploit inference vulnerabilities, driving up cybersecurity budgets and eroding brand trust.

Read Full Article

like

10 Likes

share

2 Shares

source image

TronWeekly

2w

read

248

img
dot

Image Credit: TronWeekly

Crypto Hacks Hit $2.1B in H1 2025, TRM Labs Cites Surge in State-Sponsored Crime

  • TRM Labs reported 75 incidents involving stolen crypto assets worth over $2.1 billion in the first half of 2025, a 10% increase from H1 2022.
  • The Bybit exchange hack accounted for nearly 70% of the total H1 2025 crypto losses, amounting to $1.5 billion.
  • Infrastructure attacks, including seed phrase thefts and private key compromises, made up over 80% of stolen crypto funds in the first half of 2025.
  • State-sponsored cyberattacks, particularly from North Korea-affiliated groups, dominated the 2025 crypto breaches, with $1.6 billion in thefts linked to these activities.

Read Full Article

like

14 Likes

share

3 Shares

source image

TechCrunch

2w

read

167

img
dot

Image Credit: TechCrunch

Prolific cybercrime gang now targeting airlines and the transportation sector

  • Cybersecurity firms have warned that the hacking group Scattered Spider is now targeting airlines and the transportation sector.
  • Scattered Spider, mainly composed of English-speaking hackers, is known for stealing and extorting sensitive data from company networks using tactics like social engineering and phishing.
  • At least two airlines have reported intrusions, with Hawaiian Airlines and WestJet being targeted recently by cyberattacks linked to Scattered Spider.
  • This recent focus on airlines comes after previous cyber attacks by Scattered Spider on the U.K. retail sector, the insurance industry, hotel chains, casinos, and technology companies.

Read Full Article

like

10 Likes

share

2 Shares

source image

Dev

2w

read

240

img
dot

Image Credit: Dev

[rant] Rust: The Safety Language That Still Isn’t Safe Enough

  • Rust, touted as a safer alternative to C, is struggling to meet the needs of safety-critical systems in practice.
  • Despite its compile-time guarantees and ownership checking, Rust in the embedded world is perceived as a beta test rather than a reliable solution.
  • Engineers are hesitant to fully adopt Rust for critical systems due to concerns about toolchain certification, reliance on unstable features, and prevalent use of 'unsafe' code.
  • While Rust shows potential for improvement, it currently functions more as an experimental language rather than a proven solution for mission-critical applications.

Read Full Article

like

14 Likes

share

3 Shares

source image

Securityaffairs

2w

read

115

img
dot

Image Credit: Securityaffairs

Taking over millions of developers exploiting an Open VSX Registry flaw

  • A critical flaw in Open VSX Registry discovered by Koi Security could allow attackers to hijack the Visual Studio Code extension hub, posing supply chain risks for millions of developers.
  • The vulnerability in the open-source Open VSX Registry, used by over 8,000,000 developers, could enable full control of the extensions marketplace and potentially compromise developer machines.
  • The flaw stemmed from a GitHub Actions workflow running npm install on untrusted extension code, exposing a secret token (OVSX_PAT) that, if stolen, could lead to a complete marketplace takeover.
  • The disclosure timeline outlines multiple proposed fixes before the issue was resolved, highlighting the significant supply chain risk posed by the vulnerability and the importance of vetting and securing software dependencies.

Read Full Article

like

6 Likes

share

1 Share

Prev

30
31
32
33
34
35
36
37
38
39
40

Next

For uninterrupted reading, download the app