A naukri.com initiative
Cyber Security News
Siliconangle
2w
44
Image Credit: Siliconangle
Bonfy.AI launches with platform to secure AI- and human-generated content
- Bonfy.AI Inc. has launched Adaptive Content Security, a platform designed to protect both AI- and human-generated content by using AI-powered business context and logic to reduce risks like oversharing, IP leakage, and privacy violations more accurately than traditional solutions.
- The platform analyzes and manages content risks from AI tools like ChatGPT and Microsoft 365 Copilot, documents, emails, and communications from platforms such as Slack, eliminating false positives and blind spots associated with traditional data loss prevention tools.
- Bonfy ACS is agnostic to human-readable content, unstructured data, generation techniques, underlying models, and human edits, making it versatile for various applications such as software-as-a-service and custom applications, aiming to keep AI-generated content safe and compliant.
- The platform enforces communication and sharing policies, mitigates risks related to cybersecurity, privacy, compliance, IP protection, and reputation. Bonfy.AI has raised $9.5 million in seed funding and aims to transform content security for both AI and human-generated content.
Read Full Article
2 Likes
Tech Radar
2w
357
Image Credit: Tech Radar
Millions of Brother printers threatened by multiple serious vulnerabilities – enterprise and home printers at risk
- Rapid7 research has identified multiple serious vulnerabilities affecting Brother, Fujifilm, Ricoh, and Toshiba printers.
- Brother printers, commonly used in homes and enterprises worldwide, are particularly at risk with 689 models affected.
- One critical vulnerability with a CVSS score of 9.8 permits attackers to exploit default passwords and potentially compromise connected systems.
- Mitigations and workarounds have been released by Rapid7 and Brother to address these vulnerabilities.
Read Full Article
21 Likes
Pymnts
2w
400
Image Credit: Pymnts
Block Stops $2 Billion in Cash App Fraud by Alerting Customers to Scams
- Block stopped $2 billion in Cash App fraud by warning customers of scams.
- Scammers employ urgent tactics to deceive victims through various schemes, targeting all individuals.
- Advanced technologies and real-time alerts help Block prevent potential P2P fraud scams since 2020.
- Machine learning powers warning features to detect high-risk transactions and protect customers from scams.
Read Full Article
24 Likes
Global Fintech Series
2w
159
Image Credit: Global Fintech Series
Macros Are Undermining Web3 Fairness – And They’re Better Than Bots
- Macros pose a significant threat to Web3 fairness and are hard to detect.
- Unlike bots, macros mimic human behavior, making them challenging to identify.
- Traditional anti-bot measures are ineffective against macros, which exploit user activity.
- Detection requires a shift towards analyzing behavioral patterns collectively for security.
Read Full Article
9 Likes
Tech Radar
2w
400
Image Credit: Tech Radar
Ransomware disruptions contributed to a patient death, NHS finds
- A ransomware attack on a London-based pathology service disrupted blood-testing services and contributed to a patient's death.
- Around 800 operations and 700 outpatient appointments were canceled or rescheduled due to the attack, impacting patient care.
- The cybercriminal group Qilin demanded $50 million from Synnovis for stolen data, which was later published online as the organization reportedly refused to pay.
- The UK's National Health Service (NHS) confirmed the attack, shedding light on the devastating consequences of ransomware attacks on critical services like hospitals.
Read Full Article
24 Likes
Dev
2w
422
Image Credit: Dev
Host Your Own Web Firewall with SafeLine — No Cloud Needed
- SafeLine is an open-source Web Application Firewall (WAF) that can be deployed on your own servers.
- It acts as a reverse proxy, analyzing HTTP/HTTPS traffic to block malicious requests in real time.
- Key features of SafeLine include attack prevention, rate limiting, bot detection, access control, and dynamic response encryption.
- SafeLine offers protection against various web threats and is completely free and open-source, providing control over web traffic security without cloud dependency.
Read Full Article
25 Likes
Securityaffairs
2w
366
Image Credit: Securityaffairs
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog.
- The D-Link DIR-859 Router Path Traversal Vulnerability (CVE-2024-0769) can lead to information disclosure, and hackers are exploiting it to collect account information.
- GreyNoise observed exploitation attempts targeting the D-Link DIR-859 routers, impacting all devices and potentially exposing user credentials.
- CISA orders federal agencies to address the identified vulnerabilities by July 16, 2025, to protect against attacks exploiting the flaws in the catalog.
Read Full Article
22 Likes
Tech Radar
2w
21
Image Credit: Tech Radar
Avast launches another free scam protection tool, but this one is powered by AI - here's what it offers
- Avast has launched a new scam protection tool, Avast Scam Guardian, powered by AI to detect suspicious activities in real time across digital channels.
- The tool is integrated into Avast's free antivirus platform to combat phishing, online fraud, and evolving scam tactics in today's threat landscape.
- A paid version, Scam Guardian Pro, is expected soon with added features like AI protection against scam calls and text messages.
- The release of Avast's Scam Guardian coincides with rising scam trends, with phishing scams increasing by 466% compared to the previous quarter, emphasizing the need for enhanced scam protection.
Read Full Article
1 Like
Securityaffairs
2w
25
Image Credit: Securityaffairs
CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices
- A new security flaw in Citrix NetScaler ADC and Gateway, known as 'CitrixBleed 2,' allows attackers to steal session cookies without authentication, resembling a previous vulnerability.
- The vulnerability (CVE-2025-5777) results from insufficient input validation, impacting NetScaler gateways and AAA virtual servers, potentially exposing sensitive information and allowing session token theft.
- This issue affects certain versions of NetScaler ADC and Gateway, requiring users to update to fixed versions to mitigate risks. Another high-severity flaw (CVE-2025-5349) in the management interface also needs attention for security.
- Citrix advises terminating active ICA and PCoIP sessions after upgrading all NetScaler devices to ensure complete risk mitigation. Security researcher Kevin Beaumont identified the similarities between 'CitrixBleed 2' and a previous vulnerability, stressing the importance of addressing these security issues.
Read Full Article
1 Like
Semiengineering
2w
271
Image Credit: Semiengineering
GNN-Based Framework for Hardware Trojan Detection, Including RISC-V Cores
- Researchers from University of Connecticut and University of Minnesota published a paper titled 'TROJAN-GUARD: Hardware Trojans Detection Using GNN in RTL Designs.'
- The paper addresses the increasing risk of hardware trojans (HTs) due to the use of untrusted third-party tools and IPs in chip manufacturing.
- The researchers propose a novel framework utilizing graph neural networks (GNN) tailored for HT detection in large designs like RISC-V cores, with efficient training and inference processes including model quantization.
- The framework achieved a precision of 98.66% and a recall rate of 92.30% in detecting hardware trojans, showcasing its effectiveness and efficiency.
Read Full Article
16 Likes
Semiengineering
2w
288
Image Credit: Semiengineering
Redefining SoC Design: The Shift To Secure Chiplet-Based Architectures
- The semiconductor industry is moving to chiplet-based designs to improve efficiency and scalability.
- Chiplet architectures offer cost efficiency, customization, streamlined configuration management, and ecosystem richness.
- Security in chiplet-based designs is crucial, requiring measures like secure boot and cryptographic trust.
- Post-quantum cryptography readiness and compliance with safety standards are essential for future chiplet security.
- Chiplets are driving innovation in automotive and AI sectors, enabling secure, scalable architectures.
Read Full Article
17 Likes
VoIP
2w
400
Image Credit: VoIP
AT&T Settles $177M for Massive Data Breach Scandals
- AT&T is set to pay $177 million in a settlement to customers affected by two major data breaches in 2019 and 2024.
- The breaches exposed sensitive personal information of millions of users, triggering class-action lawsuits.
- AT&T denies responsibility for the breaches but agreed to the settlement to avoid prolonged litigation.
- Eligible customers could receive up to $5,000 for the 2019 breach and up to $2,500 for the 2024 incident, with final approval expected soon.
Read Full Article
22 Likes
Eletimes
2w
116
Image Credit: Eletimes
Microchip Enhances TrustMANAGER Platform to Support CRA Compliance and Cybersecurity Regulations
- Microchip Technology is enhancing its TrustMANAGER platform with secure code signing and Firmware Over-the-Air (FOTA) update delivery for IoT devices to address cybersecurity challenges.
- The enhancements support compliance with the European Cyber Resilience Act (CRA) by enabling remote management of firmware images, cryptographic keys, and certificates.
- Microchip's TrustMANAGER leverages Kudelski IoT's keySTREAM Software as a Service (SaaS) to provide secure authentication Integrated Circuit (IC) for managing cryptographic keys and certificates.
- The platform offers scalable solutions for secure firmware updates, regulatory compliance, and device lifecycle management for IoT device manufacturers and industrial automation providers.
Read Full Article
7 Likes
Dev
2w
12
Image Credit: Dev
Encrypt & Decrypt Text Securely in the Browser
- The Encrypt & Decrypt tool from Goonlinetools allows users to encrypt and decrypt text securely in the browser using strong AES encryption.
- The tool operates locally in the browser using JavaScript (crypto-js) with no involvement of a server, ensuring data privacy.
- Key features include AES-256 encryption, a simple two-way interface for encryption and decryption, password protection, one-click copy functionality, and being entirely client-side.
- The tool is useful for sending secure messages, testing crypto flows, creating hidden configuration values, and more, and is available at https://goonlinetools.com/encrypt-decrypt/.
Read Full Article
Like
Fintechnews
2w
362
Image Credit: Fintechnews
Mastercard Rolls Out First-Party Trust in APAC and Beyond to Address Friendly Fraud
- Mastercard is extending its First-Party Trust program to Asia Pacific, Canada, Latin America, and the Caribbean to combat first-party or 'friendly' fraud, where customers dispute legitimate transactions.
- The program enhances data sharing between merchants and card issuers to differentiate third-party fraud from disputes raised by cardholders.
- Merchants can share enhanced transaction data to help issuers assess claims accurately and reduce unwarranted chargebacks.
- Mastercard aims to streamline dispute resolution, providing clearer guidelines on compelling evidence and offering chargeback protection to eligible merchants.
Read Full Article
21 Likes
For uninterrupted reading, download the app