menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Dev

2w

read

240

img
dot

Image Credit: Dev

[rant] Rust: The Safety Language That Still Isn’t Safe Enough

  • Rust, touted as a safer alternative to C, is struggling to meet the needs of safety-critical systems in practice.
  • Despite its compile-time guarantees and ownership checking, Rust in the embedded world is perceived as a beta test rather than a reliable solution.
  • Engineers are hesitant to fully adopt Rust for critical systems due to concerns about toolchain certification, reliance on unstable features, and prevalent use of 'unsafe' code.
  • While Rust shows potential for improvement, it currently functions more as an experimental language rather than a proven solution for mission-critical applications.

Read Full Article

like

14 Likes

share

3 Shares

source image

Securityaffairs

2w

read

115

img
dot

Image Credit: Securityaffairs

Taking over millions of developers exploiting an Open VSX Registry flaw

  • A critical flaw in Open VSX Registry discovered by Koi Security could allow attackers to hijack the Visual Studio Code extension hub, posing supply chain risks for millions of developers.
  • The vulnerability in the open-source Open VSX Registry, used by over 8,000,000 developers, could enable full control of the extensions marketplace and potentially compromise developer machines.
  • The flaw stemmed from a GitHub Actions workflow running npm install on untrusted extension code, exposing a secret token (OVSX_PAT) that, if stolen, could lead to a complete marketplace takeover.
  • The disclosure timeline outlines multiple proposed fixes before the issue was resolved, highlighting the significant supply chain risk posed by the vulnerability and the importance of vetting and securing software dependencies.

Read Full Article

like

6 Likes

share

1 Share

source image

Lastwatchdog

2w

read

407

img
dot

STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through

  • APIs have become crucial for enterprises, but attackers are targeting them.
  • A10 Networks' Field CISO highlights the growing threats to APIs and the failure of outdated defenses.
  • There is a need for a consolidated approach, including discovery, enforcement, bot defense, and logic-layer protection.
  • The article emphasizes the importance of addressing gaps in business logic exploited by attackers through APIs.

Read Full Article

like

24 Likes

share

5 Shares

source image

Medium

2w

read

21

img
dot

Image Credit: Medium

The Cost of Toxic Beauty Content is Greater Than We Think

  • Dove released a video depicting Mary's destructive journey with media and body image, showing the impact of social media on her self-image and mental health.
  • The video highlights how exposure to unrealistic beauty standards on social media led Mary to develop an eating disorder, along with other mental health issues.
  • Dove aims to challenge traditional beauty standards by promoting inclusivity in its ad campaigns and advocating for safer online environments for children.
  • Studies suggest that reducing social media use can significantly improve body image and overall appearance perception in teens and young adults.

Read Full Article

like

1 Like

share

Share

source image

Medium

2w

read

291

img
dot

Image Credit: Medium

Exposure of Internet Dangers to Young Children

  • Young children are increasingly exposed to the internet with 93 percent of children ages two to four spending time on mobile devices.
  • Parents are advised to start teaching children about internet safety from a young age to raise awareness.
  • Guiding children on internet safety early on can help them recognize and navigate digital dangers by middle school.
  • Educating children about internet dangers early benefits both parents and children, aiding in protecting against scams and promoting online safety.

Read Full Article

like

17 Likes

share

4 Shares

source image

Medium

2w

read

296

img
dot

Image Credit: Medium

Parents: What You Should Know About the Surgeon General’s Advisory on Social Media

  • The US Surgeon General issued an advisory on the impact of social media on young people's mental health, highlighting the risks associated with platforms like TikTok, Instagram, and Snapchat.
  • The advisory recognizes the benefits of social media but warns about symptoms of depression and anxiety, potential addictive properties, and exposure to harmful content, such as self-harm or eating disorder videos.
  • Parents are urged to create a family media plan, educate kids about digital technology impacts, and model responsible online behavior to help protect their children from cyberbullying and predatory behavior.
  • The Surgeon General's advisory empowers parents to take action to address the mental health risks posed by excessive social media use among youth and make the internet safer for children.

Read Full Article

like

17 Likes

share

4 Shares

source image

Hitconsultant

2w

read

158

img
dot

Image Credit: Hitconsultant

Emerging Cyber Threats to AI-Based Diagnostics and Clinical Decision Support Tools

  • AI is transforming healthcare with a projected market value of $613.81 billion by 2034.
  • However, this transformation comes with increased cybersecurity risks that healthcare professionals must address.
  • Emerging cyber threats to AI diagnostics include model manipulation, data poisoning, and fake inputs.
  • Healthcare must conduct AI risk assessments, enhance cybersecurity controls, and train staff on risks.
  • Securing AI systems is crucial to maintain trust, patient safety, and healthcare innovation.

Read Full Article

like

9 Likes

share

2 Shares

source image

Ars Technica

2w

read

163

img
dot

Image Credit: Ars Technica

Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe

  • Microsoft introduces changes to Windows security after CrowdStrike disaster in 2024.
  • A broken CrowdStrike update on Windows caused major outages leading to system repairs.
  • Microsoft's new endpoint security platform will allow security solutions to run outside the kernel.
  • Initiative aims to improve system reliability and reduce impact on devices during security issues.
  • Additional Windows security tweaks like quick machine recovery feature planned for future updates.

Read Full Article

like

9 Likes

share

2 Shares

source image

Tech Radar

2w

read

266

img
dot

Image Credit: Tech Radar

Cybercriminals are abusing LLMs to help them with hacking activities

  • AI tools are being used and abused by cybercriminals in hacking activities.
  • Hackers are exploiting legitimate LLMs and training their own AI models, such as WormGPT and FraudGPT.
  • Jailbroken and uncensored LLMs are being manipulated outside normal constraints for malicious tasks.
  • As AI technology advances, criminals are expected to continue leveraging LLMs to enhance cyber attacks.

Read Full Article

like

16 Likes

share

3 Shares

source image

Siliconangle

2w

read

130

img
dot

Image Credit: Siliconangle

It’s an agentic world. We just live in it.

  • Companies are heavily investing in AI agents with varied offerings and billions in funding.
  • The AI battle extends into dominating industry verticals with legal and medical startups thriving.
  • Google intensifies AI efforts with new models, protocols, and acquisitions, while rifts emerge in partnerships.
  • Salesforce claims half of company work is AI-driven, facing mixed reactions, as AI continues to transform industries.

Read Full Article

like

4 Likes

share

1 Share

source image

TechBullion

2w

read

416

img
dot

Image Credit: TechBullion

Ouinex Prepares to Launch Globally: Bridging Crypto and Traditional Finance for All Traders

  • Ouinex, a crypto and derivatives platform aiming to bridge traditional finance and digital assets, is set to launch globally after months of research and development.
  • Led by CEO Ilies Larbi, Ouinex provides stock derivatives tradable through digital assets, aiming to onboard over 50k traders by the latter half of 2025.
  • The platform offers unique features like a proprietary No-CLOB execution model, allowing for minimal slippage, and enables traders to use crypto as collateral for various financial instruments.
  • With a focus on transparency and security, Ouinex plans to provide low fees for traders using $OUIX token, advanced trading tools, and seamless access to global markets from a crypto wallet.

Read Full Article

like

25 Likes

share

5 Shares

source image

Tech Radar

2w

read

373

img
dot

Image Credit: Tech Radar

Microsoft Entra ID vulnerability allows full account takeover – and takes barely any effort

  • Semperis has discovered a critical vulnerability in Microsoft's Entra ID, nOAuth, affecting 10% of SaaS applications globally.
  • The flaw allows attackers to perform full account takeovers with minimal effort, bypassing key security measures like MFA and zero-trust architecture.
  • Over 15,000 SaaS apps out of 150,000 globally could be impacted, posing a significant threat to data security and privacy.
  • SaaS vendors are advised to promptly patch affected apps to mitigate the risk of exploitation, as prevention and detection measures are currently challenging.

Read Full Article

like

22 Likes

share

5 Shares

source image

Tech Radar

2w

read

291

img
dot

Image Credit: Tech Radar

Hackers claim to be selling 61 million Verizon records online, but it might not be what it seems

  • A dataset containing 61 million 'Verizon USA' records has been posted online, with details dating as recent as 2025.
  • Sensitive information such as names, dates of birth, tax IDs, addresses, and phone numbers are included in the exposed data, raising concerns of identity theft.
  • Verizon responded stating that the data is old and not affiliated with the company, reducing the impact on customers.
  • Data breaches like this are becoming more common, emphasizing the need for heightened cybersecurity measures to protect personal information.

Read Full Article

like

17 Likes

share

4 Shares

source image

Tech Radar

2w

read

47

img
dot

Image Credit: Tech Radar

This new malware has developed a spooky way to tell AI-based detection methods to ignore it

  • A new malware was discovered that attempted to communicate with an AI-based malware detection tool by injecting prompts disguised as innocent instructions.
  • The malicious file included natural language code that prompted the AI to classify it as benign, marking a shift in tactics to bypass AI-based security solutions.
  • Although the attempt to evade detection failed, this incident highlights a potential new trend in malware evasion techniques.
  • Researchers at Check Point identified the malware using prompt injection and emphasized the importance of detecting and understanding emerging evasion methods to enhance cybersecurity defenses.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

2w

read

158

img
dot

Image Credit: Securityaffairs

OneClik APT campaign targets energy sector with stealthy backdoors

  • A new APT malware campaign named OneClik, likely associated with a China-linked actor, has been discovered targeting the energy sector using stealthy ClickOnce and Golang backdoors.
  • The campaign utilizes advanced evasion techniques, such as “living off the land” tactics, and deploys Golang backdoors through .NET loaders exploiting Microsoft ClickOnce. Communication is obscured behind AWS services to evade detection.
  • The malware campaign abuses Microsoft’s ClickOnce technology to deliver malware through phishing emails, installing the backdoor RunnerBeacon that communicates with C2 servers to execute commands, escalate privileges, and move laterally.
  • The OneClik campaign cleverly uses AWS services to mask its traffic, making detection challenging. The backdoor design resembles Cobalt Strike's Go variant, suggesting a sophisticated and stealthy approach in targeting the energy sector.

Read Full Article

like

9 Likes

share

2 Shares

Prev

30
31
32
33
34
35
36
37
38
39
40

Next

For uninterrupted reading, download the app