A naukri.com initiative
Cyber Security News
Tech Radar
2w
293
Image Credit: Tech Radar
Dodgy Android smartphones are being preloaded with Triada malware
- Counterfeit Android smartphones are being sold with Triada malware pre-installed.
- Kaspersky researchers observed at least 2,600 victims, mostly in Russia, who purchased these smartphones.
- Triada is a sophisticated malware that can steal user accounts, send messages on behalf of the victim, steal cryptocurrencies, and more.
- Over $270,000 in cryptocurrency has already been stolen from these compromised devices.
Read Full Article
17 Likes
Tech Radar
2w
0
Image Credit: Tech Radar
Do I really need antivirus for Windows 11?
- Windows 11 is the new operating system, and the end of life for Windows 10 is approaching, with updates ceasing on October 14, 2025.
- It is advised to upgrade to Windows 11 as Windows 10 will stop receiving critical updates, leaving vulnerabilities unpatched.
- Since Windows is widely used, it is a lucrative target for cybercriminals, and staying updated is crucial for security.
- Windows Defender Antivirus comes pre-installed with Windows 11 and performs well in protecting against malware threats.
- Windows Defender Antivirus lacks additional security features like VPN or parental controls, making it basic in functionality.
- Using a premium antivirus service is recommended as it offers broader device compatibility and additional security tools like password managers.
- Cybercriminals target individuals for various reasons, including forming botnets, stealing data for fraud, or launching ransomware attacks.
- Ransomware attacks have been on the rise, making it important to have robust cybersecurity measures in place.
- Antivirus software can safeguard against a range of cyber threats beyond malware, enhancing overall device and data protection.
- Free antivirus apps and third-party solutions can complement Windows Defender Antivirus to bolster security measures effectively.
Read Full Article
Like
Siliconangle
2w
419
Image Credit: Siliconangle
AI phishing hits its Skynet moment as agents outperform human red teams
- A new report from cybersecurity training services company Hoxhunt reveals that AI-powered phishing agents have surpassed human red teams in crafting effective phishing attacks.
- After two years of development, AI agents created more effective simulated phishing campaigns than human red teams.
- The AI agent, known as JKR, used user-specific context to create and refine highly targeted phishing emails, resulting in significant performance gains.
- As AI-generated attacks become easier to create, behavior-based phishing training and adaptive training platforms are proving more resilient against both human and AI-generated threats.
Read Full Article
25 Likes
Pymnts
2w
237
Image Credit: Pymnts
Oracle Cyberattack Highlights Importance of Securing Enterprise Cloud Environments
- The Federal Bureau of Investigation (FBI) is investigating a cyberattack at Oracle that led to the theft of 6 million records from 140,000 Oracle cloud tenants.
- The growing adoption of hybrid and multi-cloud architectures in enterprises is heightening the challenge of safeguarding data both at rest and in transit.
- Encryption, including end-to-end encryption (E2EE), is essential in offering comprehensive data protection in complex enterprise cloud environments.
- Securing the organizational perimeter in the face of evolving technology and innovation requires a proactive and adaptive approach to security.
Read Full Article
14 Likes
Medium
2w
133
Image Credit: Medium
The Mechanics Behind VPN Encryption
- A Virtual Private Network (VPN) is a crucial tool for protecting sensitive information online by encrypting data and ensuring privacy.
- Connecting to a VPN routes internet traffic through a secure server, masking IP addresses and encrypting data to prevent unauthorized access.
- VPN encryption secures data while using public Wi-Fi, shielding users from potential data breaches and cyber threats.
- By concealing browsing habits and enhancing online privacy, VPNs prevent ISPs and websites from tracking and storing personal data.
- VPN encryption employs protocols to transform data into unreadable code, ensuring only authorized devices can decipher it.
- Tunneling in VPN encryption creates a dedicated pathway for encrypted data, minimizing risks of interception or interference.
- Choosing the right VPN involves considering encryption protocols, tunneling features, and the number of simultaneous connections supported.
- By using a VPN, users can bypass geo-restrictions, access restricted content, and secure multiple devices simultaneously for comprehensive protection.
- Enhancing cybersecurity with VPNs is crucial in today's digital landscape to safeguard personal information and prevent cyber threats.
- As technology advances, the future of VPNs may see improved encryption methods and increased focus on user-friendly privacy features.
Read Full Article
8 Likes
Cybersecurity-Insiders
2w
82
Image Credit: Cybersecurity-Insiders
EvilCorp join with RansomHub to launch global cyber attacks
- EvilCorp, an infamous cybercriminal group, has joined forces with RansomHub, a ransomware-as-a-service provider, to launch global cyber attacks.
- EvilCorp, led by Maksim Yakubets, has a strong presence in developing and underdeveloped countries, making it difficult to track and dismantle their network.
- The partnership with RansomHub allows EvilCorp to expand its reach and launch devastating attacks across public and private sectors globally.
- The growing trend of collaboration among cybercriminal groups poses a significant challenge for businesses and law enforcement agencies, as it makes attacks more sophisticated and harder to trace.
Read Full Article
4 Likes
TechCrunch
2w
393
Image Credit: TechCrunch
This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one
- The stealthy Android spyware app identified by TechCrunch requires a password to uninstall, making it difficult for users to remove.
- The spyware relies on overlay access to display a password prompt during uninstall attempts.
- Resetting an affected device into 'safe mode' can temporarily disable the spyware, allowing for its removal without the password.
- Spyware apps are part of the growing ecosystem of phone monitoring tools, often used for illegal surveillance purposes.
- Identifying spyware involves checking for nondescript apps like 'System Settings' or unauthorized device admin apps.
- The article provides steps to remove spyware by deactivating the device admin app and uninstalling the spyware from Android settings.
- Removing the spyware may alert the installer, so precautions like changing passcodes and securing accounts are advised.
- It's essential to have a safety plan before removing spyware as it may warn the app installer.
- Exiting safe mode and securing the device post-spyware removal are crucial steps to prevent future surveillance.
- Resources like the National Domestic Violence Hotline and the Coalition Against Stalkerware provide support for victims of abuse.
Read Full Article
23 Likes
Tech Radar
2w
276
Image Credit: Tech Radar
GenAI bots could well be scraping your web apps, researchers warn
- New research from Barracuda reveals the existence of 'gray bots' that scrape data from websites.
- These bots are designed to extract large amounts of data, likely for training AI models or collecting web content.
- While not malicious, gray bots have a questionable approach and can be highly aggressive.
- They pose risks to data privacy and can disrupt web applications and obscure website analytics.
Read Full Article
16 Likes
Tech Radar
2w
315
Image Credit: Tech Radar
Microsoft adds hotpatching support for Windows 11 enterprise users as it looks to end unnecessary downtime for work devices
- Microsoft has added hotpatching support for Windows 11 Enterprise version 24H2.
- Hotpatch updates allow OS security updates to be installed without rebooting, reducing downtime for users.
- To be eligible, companies need an x64 CPU (AMD64 or Intel) and an active Microsoft subscription.
- Arm64 devices will gain support for hotpatching at a later date.
Read Full Article
18 Likes
Infoblox
2w
43
Image Credit: Infoblox
Unlocking the Power of Infoblox Integration with Cribl for Scalable Network and Security Operations
- The certified integration for Cribl by Infoblox is transforming the handling of network and security data.
- Infoblox addresses the challenge of data overload and provides enhanced visibility, compliance, and operational efficiency.
- The certified integration for Cribl offers granular control over Infoblox data, filtering out unnecessary logs and providing additional context.
- Benefits of the integration include cost savings, accelerated threat detection, and unified visibility for network and security teams.
Read Full Article
2 Likes
Socprime
2w
298
Image Credit: Socprime
UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
- UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
- CERT-UA observed a surge in cyber-espionage operations targeting Ukraine using DarkCrystal RAT.
- At least three cyber-espionage attacks were discovered using the WRECKSTEEL malware and spear-phishing emails containing malicious links or attachments.
- SOC Prime Platform provides detection algorithms and Uncoder AI for threat hunting and defense against UAC-0219 threats.
Read Full Article
17 Likes
Tech Radar
2w
120
Image Credit: Tech Radar
Old Stripe APIs are being hijacked for credit card skimmer attacks
- Researchers have discovered that old Stripe APIs are being hijacked by cybercriminals to process fraudulent credit card payments on compromised ecommerce websites.
- At least 49 ecommerce sites have been compromised so far, and the actual number of victims is expected to be higher.
- Attackers inject malicious JavaScript code into the compromised websites, overlaying the legitimate checkout page with a fake one to harvest payment information.
- To mitigate the risk, users are advised to migrate to the newer Stripe API as the deprecated one is being exploited by cybercriminals.
Read Full Article
7 Likes
Securityaffairs
2w
164
Image Credit: Securityaffairs
Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
- An international operation led by Europol has shut down Kidflix, a child sexual abuse material (CSAM) streaming platform.
- The platform had 1.8 million users and was seized by German and Dutch authorities.
- The operation identified 1,393 suspects, arrested 79, and protected 39 children.
- Kidflix allowed users to stream CSAM videos and used cryptocurrency-based payments.
Read Full Article
9 Likes
Siliconangle
2w
414
Image Credit: Siliconangle
Red-teaming startup Yrikka launches with pre-seed funding to secure critical AI systems
- Yrikka AI Inc. has launched its publicly available API after closing a $1.5 million pre-seed funding round.
- The startup's API aids in red-teaming efforts to identify vulnerabilities in AI systems.
- Yrikka's AI agents perform red-teaming by simulating attacks and prompt injection attacks on AI systems.
- The AI agents enable faster and more scalable AI model validation and continuous performance monitoring.
Read Full Article
24 Likes
Tech Radar
2w
267
Image Credit: Tech Radar
Verizon security flaw could allow hackers to view entire call history
- A bug in the Verizon Call Filter app's API allowed hackers to view incoming call logs of other users.
- The bug was discovered in February 2025 and fixed in March 2025.
- The Call Filter app offers features like spam detection, caller ID, and personal block lists.
- The security flaw could be used as a surveillance tool against high-profile targets.
Read Full Article
16 Likes
For uninterrupted reading, download the app