Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Embedded

385

Microchip Enhances TrustMANAGER Platform to Address Evolving Global Cybersecurity Standards for IoT Devices

Microchip Technology upgrades TrustMANAGER platform to meet evolving global cybersecurity standards for IoT devices.
Concern over outdated firmware on IoT devices leading to vulnerabilities addressed by Microchip's enhancements.
TrustMANAGER platform now includes features like secure code signing, FOTA update delivery, and remote firmware management.
Enhancements aim to ensure compliance with the European Cyber Resilience Act imposing strict cybersecurity obligations in the EU.
Microchip aligning with ETSI EN 303 645 for consumer IoT security and ISA/IEC 62443 for industrial automation systems.
ECC608 TrustMANAGER integrates Kudelski IoT’s keySTREAM SaaS for secure key and digital certificate management.
Microchip's WINCS02PC Wi-Fi module achieves RED certification, meeting EU wireless device security directives.
TrustMANAGER offers solutions for security, device lifecycle management, fleet management, and regulatory compliance in IoT.
Fully compatible with MPLAB X IDE, TrustMANAGER is supported by CryptoAuth PRO board and CryptoAuthLib software library.
Trust Platform Design Suite provides educational onboarding and firmware examples for AWS integration.

Read Full Article

23 Likes

Dev

229

Image Credit: Dev

CVE-2021-34473: Microsoft Exchange Server Remote Code Execution Vulnerability

CVE ID: CVE-2021-34473
Vulnerability Name: Microsoft Exchange Server Remote Code Execution Vulnerability
Date Added: 2021-11-03, Due Date: 2021-11-17
Description: Microsoft Exchange Server contains a remote code execution vulnerability
Used in Ransomware Campaigns: Known
Action: Apply updates per vendor instructions
Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-34473
Related Security News: Hackers target over 70 Microsoft Exchange Servers for stealing credentials, various ransomware campaign activities reported, Microsoft's discoveries of global cyber attacks by Sandworm subgroup, and more.
More CVEs Info: Common Vulnerabilities & Exposures (CVE) List

Read Full Article

13 Likes

Dev

259

Image Credit: Dev

Pinning GitHub Actions and using ratchet

Pinning GitHub Actions is important for security to ensure dependencies are locked to specific versions.
The practice of pinning actions is recommended and made easier with tools like Dependabot.
A tool called 'ratchet' assists in pinning dependencies by providing commands like lint, pin, unpin, update, and upgrade.
Usage of ratchet involves running commands in the project directory to manage unpinned versions in GitHub Actions workflows.
Ratchet helps identify and resolve unpinned references, making it clear which dependencies require pinning.
After running 'ratchet pin', the tool generates diff changes to show the pinned versions in the workflow files.
Replacing references with specific commit hashes maintains stability, as demonstrated by the example with 'nosborn/github-action-markdown-cli'.
Verifying commit hashes against the tagged versions ensures the pinned dependencies match the intended versions.
Maintaining pinned versions enhances security and stability but requires diligence in updating dependencies.
Ratchet offers commands like update and upgrade to manage pinned versions efficiently.
Running 'ratchet unpin' can revert back to unpinned versions if needed, providing flexibility in managing dependencies.
Adopting best practices with tools like ratchet can help streamline dependency management in GitHub Actions workflows.

Read Full Article

15 Likes

Securityaffairs

238

Image Credit: Securityaffairs

The U.S. House banned WhatsApp on government devices due to security concerns

The U.S. House banned WhatsApp on government devices due to security concerns.
Concerns include lack of transparency in data protection, encryption absence, and potential security risks.
Similar restrictions on AI tools and other apps were imposed in addition to WhatsApp.
House staff are instructed to remove WhatsApp from their devices and are prohibited from using it.
Approved alternatives to WhatsApp include Microsoft Teams, Wickr, Signal, iMessage, and FaceTime.
Meta disagrees with the U.S. House's decision and highlights WhatsApp's security features.
WhatsApp had addressed a zero-click, zero-day vulnerability in March 2025 exploited by Paragon's Graphite spyware.
Paragon's spyware campaign targeting journalists was blocked by WhatsApp in December 2024.
Meta dismantled a malware campaign via WhatsApp targeting individuals, linked to Paragon.
Threat actors used a "zero-click" exploit to compromise devices without user interaction.

Read Full Article

14 Likes

Discover more

Cultofmac

333

Image Credit: Cultofmac

How and why to use iPhone Stolen Device Protection

iPhone Stolen Device Protection enhances security for accounts and financial data if the handset is stolen along with its passcode.
Activation of this security feature is discussed along with its importance in deterring criminals.
The feature in iOS 17 and iOS 18 aims to prevent muggers from accessing personal information on stolen iPhones.
Advantages include a wait time and use of Face ID/Touch ID to change the Apple ID passcode, limiting a thief's access.
The protection is active when the iPhone is away from designated locations to avoid inconvenience.
Stolen Device Protection also prevents access to saved passwords, erasing the device, and applying for an Apple Card without Face ID.
Activation involves navigating to Settings > Face ID & Passcode, scrolling to Stolen Device Protection, and enabling the feature.
Deactivating the protection requires Face ID verification and a waiting period to prevent quick changes by unauthorized individuals.

Read Full Article

20 Likes

Tech Radar

303

Image Credit: Tech Radar

Watch out AI fans - cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

Top AI tools like Mistral AI's Mixtral and xAI's Grok are being exploited by cybercriminals to create malicious GenAI tools and malware.
Research warns of the emergence of 'WormGPT,' uncensored Large Language Models (LLMs) used by threat actors for generating malicious code and social engineering attacks.
FraudGPT, an alternative to WormGPT, offers a range of malicious capabilities and is becoming prominent among cybercriminals.
WormGPT encompasses various strains with different purposes, such as keanu-WormGPT, which can generate phishing emails using Grok-powered LLMs.
Threat actors are jailbreaking legitimate LLMs like ChatGPT and Google Bard/Gemini to evade security measures, as identified by researchers.
There is a trend of threat actors recruiting AI experts to develop custom uncensored LLMs for specific attack vectors.
AI's accessibility is lowering barriers for cybercriminals, making cybercrime more common in the future, highlighted by the ease of exploiting existing AI tools.

Read Full Article

18 Likes

Hackersking

415

Image Credit: Hackersking

New Malware FileFix That Exploits File Explorer to Execute PowerShell Commands

A new malware variant named FileFix has been discovered, exploiting a phishing trick to run hidden PowerShell commands through File Explorer.
FileFix uses a fake file-sharing page to lure users into running PowerShell commands disguised as routine file access.
The malware doesn't require malicious downloads, instead relies on a phishing page mimicking trusted platforms to trick users.
By hijacking the clipboard, attackers can execute PowerShell commands when users unknowingly paste a file path into File Explorer.
The exploited PowerShell commands can silently run code or open URLs on the victim's system without detection.
FileFix prevents users from uploading real files by blocking file selection attempts and resetting the input automatically.
To stay safe, users are advised not to paste file paths from unknown sources, avoid sites manipulating clipboard content, and be cautious of copy-pasting commands.
Endpoint protection tools that monitor PowerShell activity are recommended to enhance security against such malware attacks.
FileFix demonstrates a new approach of exploiting human behavior rather than traditional vulnerabilities, emphasizing the importance of vigilance and verifying sensitive actions.

Read Full Article

25 Likes

Hitconsultant

Image Credit: Hitconsultant

The AI Dilemma—A New Arms Race in Healthcare Cybersecurity

Artificial intelligence (AI) is revolutionizing healthcare by enhancing diagnostics, personalizing care, and automating administrative tasks, yet it poses new cybersecurity challenges due to its vulnerabilities exploited by cybercriminals.
AI in healthcare presents an evolving attack surface that outpaces traditional defense mechanisms, with AI-powered attacks reshaping security strategies within healthcare organizations.
The rapid deployment of AI without considering security implications and the reliance on third-party AI integrations create vulnerabilities in healthcare systems, as illustrated by the Change Healthcare ransomware attack.
To combat AI-powered cyber threats, a proactive approach with Managed Detection and Response (MDR) services and advanced Digital Forensics and Incident Response (DFIR) methods is essential.
Healthcare leaders must prioritize AI security, collaborate with AI developers to ensure data security, and establish AI governance frameworks to mitigate AI-driven cyber risks effectively.
Shane Cox, the Director of Cyber Fusion Center at Highspring, emphasizes the importance of AI security in healthcare and advocates for a smarter approach to fighting cyber threats.

Read Full Article

5 Likes

VentureBeat

208

Image Credit: VentureBeat

How CISOs became the gatekeepers of $309B AI infrastructure spending

Enterprise AI infrastructure spending is projected to reach $309 billion by 2027, with success dependent on controlling the infrastructure layer for operational scalability.
Security vendors like Palo Alto Networks, CrowdStrike, and Cisco are seeing significant growth in AI-driven security revenue amid declining traditional infrastructure sales.
The complexity of AI workloads is straining existing infrastructure, with enterprises requiring new approaches to manage AI at scale.
73% of enterprises cite infrastructure inadequacy as the primary barrier to AI adoption, while adversaries are leveraging AI faster than defenses can be deployed.
AgenticOps sees traditional IT operations insufficient for managing AI agents at machine speed, with a focus on unified data access, collaborative environments, and purpose-built models.
Security is becoming an accelerant to AI adoption, with traditional firewalls unable to protect AI workloads effectively.
Silicon-embedded security with nanosecond latency is transforming security measures, significantly outperforming software-defined approaches.
Automated platforms for vulnerability management offer rapid response, reducing breach risk and delivering ROI in under 5 months.
Observability is crucial for AI infrastructure success, with generative UI and real-time interfaces shaping the future.
The AI infrastructure market is consolidating, with Gartner predicting a reduction to fewer than 20 platforms by 2027, emphasizing the need to control the full stack to stay relevant.

Read Full Article

12 Likes

The Register

377

Image Credit: The Register

The vulnerability management gap no one talks about

Many organizations have devices missing EDR, with health issues, or lacking endpoint management tools, but the biggest surprise is that 10-20% of devices have never been scanned for vulnerabilities.
Enterprise vulnerability management platforms may still have significant gaps in visibility due to devices not being on the network or lacking an agent.
The lack of native features to highlight never-scanned devices and the prioritization of scanning efficiency can lead to invisible gaps in vulnerability management.
These gaps can result in incomplete data for patch management, compliance audits becoming hope-based, and executives being uncertain about protection levels.
To pinpoint these gaps, organizations should compare known devices to scanned ones, identify assets lacking authenticated scans, and highlight misconfigurations and agentless devices.
Continuous validation through aggregating data from various systems is crucial to discovering and addressing coverage gaps proactively in vulnerability management.
The article suggests a source-agnostic approach focusing on asset inventories to get an accurate picture of coverage and emphasizes the limitations of platform-native reporting in vulnerability scans.
It recommends organizations to conduct comprehensive inventory audits, implement ongoing monitoring, and understand the limitations of vendor-provided coverage metrics for an effective vulnerability management program.
The gaps in vulnerability management exist, and it's crucial to actively seek and address them before they are exploited by malicious actors.

Read Full Article

22 Likes

Tech Radar

Image Credit: Tech Radar

Major data breach at McLaren Health Care sees 743,000 patients affected - here's what we know

A ransomware attack in July and August 2024 affected McLaren Health Care and Karmanos Cancer Institute, leading to a data breach involving 743,131 individuals' information.
The hackers stole personal data like Social Security numbers, health insurance details, driver's license information, names, and medical data.
Suspicious activity was initially detected on August 5, 2024, and after a nine-month review, the breach was publicly disclosed in May 2025.
McLaren suffered system downtime, resulting in cancellations and rescheduling of surgeries, appointments, and treatments during the breach.
The breach led to the manual handling of appointments and medication information by staff.
McLaren confirmed the breach was due to a ransomware attack by an international group after initially omitting this information.
This is not the first ransomware incident for McLaren, with a prior attack in July 2023 affecting 2.2 million individuals.
Despite no evidence of misuse, affected individuals are offered free credit monitoring for a year and advised to remain vigilant for any suspicious activities on their accounts.

Read Full Article

5 Likes

Global Fintech Series

279

Image Credit: Global Fintech Series

Veriff Report: One in 20 Online Identity Verification Attempts in Financial Services is Fraudulent

Online identity verification fraud in financial services is on the rise, with a 21% increase year-over-year.
One in 20 verification attempts in financial services is now fraudulent.
Over the last year, more than one-third of U.S. consumers have suffered non-refundable financial losses due to fraud.
Veriff's annual report, titled 'The Future of Finance,' combines in-house data with industry perspectives to highlight key insights and future directions.
Deepfake incidents, including fraud, are skyrocketing, making it challenging to distinguish between real and fake content.
82% of consumers demand strong fraud defenses before signing up on financial platforms, with biometrics, especially facial recognition, being the preferred choice for 38% of consumers.
Over 60% of firms have reported increased use of AI in attacks, with 64% of U.S. respondents already using AI in fraud prevention.
89% of senior fraud decision-makers in financial services anticipate a rise in fraud in 2025, primarily driven by AI.
Identity verification, biometrics, and AI are crucial for financial institutions to enhance security and compliance while ensuring customer satisfaction.

Read Full Article

16 Likes

Designveloper

173

Image Credit: Designveloper

Invisible Fences: Behavioral Bot Detection That Actually Works

Invisible fences are used for behavioral bot detection to distinguish between human visitors and code.
Modern bots have become sophisticated, mimicking human behavior like randomizing HTTP headers and mouse moves.
Behavioral fingerprinting utilizes various micro-signals to create robust user profiles.
Monitoring behavioral cues such as hover duration and cursor speed can help differentiate between human users and bots.
Behavioral fingerprinting involves temporal cadence, spatial motion, and entropy across events to detect automation.
Implementing a layered defense strategy involves different levels of challenges based on the risk score.
Measuring micro-interactions like scroll patterns and mouse movements helps in identifying bots.
Training the detector model involves data clustering, balancing datasets, and refreshing features regularly.
Security measures should be balanced with user experience to avoid impacting genuine users.
Behavioral analytics offer a nuanced approach to bot control, creating an adaptive invisible barrier for protection.
Constant monitoring, model updating, and user-friendly security measures are vital for effective bot detection.

Read Full Article

10 Likes

Dev

216

Image Credit: Dev

Understanding Load Shedding

Load shedding is a defensive strategy that selectively rejects non-essential requests to prevent system overload.
It ensures essential services remain available during spikes in demand by preventing resource exhaustion and degraded performance.
Load shedding works by prioritizing critical functionality, preventing total outages, and improving user experience.
The shedding logic in code involves a middleware that monitors active requests and selectively rejects non-essential ones.
Key decisions include the canShed flag to differentiate essential and non-essential services, and the use of atomic operations for thread safety.
Essential services always respond, while non-essential ones are rejected when load exceeds a preset limit.
A demo showcasing load shedding involves simulating traffic spikes and tracking active requests to demonstrate prioritization.
Real-world applications include e-commerce platforms, cloud APIs, social media platforms, and financial systems, where load shedding is vital for maintaining critical functions.
Advanced considerations for load shedding include dynamic adjustment of thresholds, retries for shed requests, and the use of circuit breakers for faster failure handling.
Load shedding is crucial for handling traffic surges, prioritizing critical functions, and gracefully degrading non-essential features to ensure system resilience.
The article provides a practical demo in Go and JavaScript to illustrate load shedding in action, offering insights into implementing this technique to keep services resilient under pressure.

Read Full Article

13 Likes

Tech Radar

112

Image Credit: Tech Radar

Meta hits back after US House staffers banned from using WhatsApp over security fears

The US House's Chief Administrative Officer (CAO) has banned WhatsApp from all government devices used by congressional staffers over security concerns.
Concerns cited include lack of transparency in data protection and absence of stored data encryption, raising potential security risks.
The ban applies to all versions of WhatsApp, including mobile app, desktop app, and web browser versions.
Staffers with WhatsApp on House-managed devices will be contacted to remove the app.
Meta disagrees with the ban, emphasizing WhatsApp's end-to-end encryption for user messages.
The CAO mentions that other communication platforms like Microsoft Teams, Wickr, Signal, iMessage, and FaceTime are still viable alternatives.
WhatsApp ban is a result of concerns over user data protection and potential security risks.
US Congress workers have been asked to remove WhatsApp from their devices.
The ban comes after the Scottish government also prohibited WhatsApp use, favoring other messaging apps.
Meta expressed strong disagreement with the House Chief Administrative Officer’s ban.
The ban on WhatsApp aligns with previous tech restrictions for US government workers, such as Chinese platforms and certain AI tools.
The ban is not related to geopolitical tensions but stems from data protection and encryption concerns.
Concerns over lack of transparency and stored data encryption led to the decision to ban WhatsApp.
Other CAO-approved apps like Microsoft Teams, Wickr, Signal, iMessage, and FaceTime are considered safer alternatives.
The news follows a trend of banning certain apps within government settings to address security and data protection concerns.

Read Full Article

6 Likes

For uninterrupted reading, download the app