A naukri.com initiative
Cyber Security News
The Verge
2d
145
Image Credit: The Verge
Madison Square Garden’s surveillance system banned this fan over his T-shirt design
- A fan, Frank Miller, was banned for life from Madison Square Garden and its properties over a T-shirt incident from 2021 he claims he wasn't involved in.
- The ban notice was handed to Miller at Radio City Music Hall, part of MSG, before a concert.
- Miller suspects he was identified through facial recognition technology used by MSG.
- The incident may have involved a T-shirt design relating to a controversy with 1990s Knicks star Charles Oakley and MSG CEO James Dolan.
- Despite not wearing a controversial shirt at the event, Miller was informed of his ban at Radio City.
- Miller, a graphic designer based in Seattle, had not purchased tickets himself for MSG events prior to this incident.
- Even though he could appeal the ban, Miller deemed it not a priority for him.
- The experience has prompted Miller to raise awareness about unexpected denials based on collected data and surveillance.
- Others have faced similar situations, including a New Jersey attorney denied entry at Radio City due to being on an attorney exclusion list.
- Miller emphasizes the need to be conscious of surveillance practices and how they can impact access to events and venues.
Read Full Article
8 Likes
Silicon
2d
121
Image Credit: Silicon
EU To Invest €1.3bn in AI, Cybersecurity, Digital Skills
- The European Union plans to invest €1.3 billion in AI, cybersecurity, and digital skills.
- The funding will be allocated to deploy critical technologies that are strategically important for the future of Europe and the continent's tech sovereignty.
- The areas of focus include AI, cloud and data, cyber resilience, and digital skills.
- The EU aims to improve the availability of generative AI applications, support digital innovation hubs, boost cyber resilience, and develop digital skills in the workforce.
Read Full Article
7 Likes
Tech Radar
2d
94
Image Credit: Tech Radar
Thousands of websites have now been hijacked by this devious, and growing, malicious scheme
- A website hijacking campaign has compromised over 150,000 websites.
- The attackers use iframe injections to display a full-screen overlay in the visitor's browser.
- The overlays impersonate legitimate betting websites or serve fake gambling pages.
- Web admins are advised to audit their code, block malicious domains, and monitor logs for unexpected outgoing requests.
Read Full Article
5 Likes
Medium
2d
354
How AI is Changing the Cybersecurity Game: The Rise of Autonomous Threat Detection
- AI-driven cybersecurity solutions enable proactive threat hunting and real-time incident response.
- Agentic AI, used by companies like Microsoft, CrowdStrike, and Darktrace, operates autonomously without human intervention.
- AI platforms reduce response times and detect abnormal behavior to prevent data exfiltration.
- Challenges faced by AI in cybersecurity include deepfake phishing, data quality, privacy concerns, and responsible AI governance.
Read Full Article
21 Likes
Siliconangle
2d
385
Image Credit: Siliconangle
Report warns that browser-native ransomware is a growing threat to enterprise data
- A new report warns about the rise of browser-native ransomware, posing a threat to enterprise data protection.
- Browser-native ransomware operates within the browser and does not require any downloads, targeting the victim's digital identity.
- The attacks leverage AI agents to automate the majority of the attack sequence, making social engineering and interference from attackers minimal.
- The report advises enterprises to reconsider their browser security strategy and invest in a browser-native solution to combat the next generation of ransomware attacks.
Read Full Article
23 Likes
TechCrunch
2d
342
Image Credit: TechCrunch
Mozilla patches Firefox bug ‘exploited in the wild’, similar to bug attacking Chrome
- Mozilla has patched a security bug in Firefox for Windows that was being exploited in the wild.
- The bug, tracked as CVE-2025-2857, has a similar pattern to a bug that Google patched in Chrome.
- Exploiting the bug allows users to escape Firefox's sandbox, affecting other browsers with the same codebase.
- Kaspersky researcher confirmed that the root cause of the Chrome bug also affects Firefox.
Read Full Article
20 Likes
Medium
2d
129
Image Credit: Medium
Signal Is Encrypted — So What’s the Big Deal About the War Plan Leak?
- Signal is a messaging app popular for its encryption and use of end-to-end encryption.
- Encryption protects messages during transmission, but not before or after.
- Potential vulnerabilities include screenshots, keyloggers, spyware, insider leaks, and stolen or hacked devices.
- For national security purposes, governments use purpose-built secure systems.
Read Full Article
7 Likes
Socprime
2d
3
Image Credit: Socprime
CoffeeLoader Detection: A New Sophisticated Malware Family Spread via SmokeLoader
- CoffeeLoader is a new sophisticated malware that evades security protection by using advanced evasion techniques and Red Team methods spread via SmokeLoader.
- With over 1 billion malware strains circulating and 300 new malware pieces daily, early detection of emerging threats is crucial.
- SOC Prime Platform offers detection algorithms against CoffeeLoader attacks, compatible with various security solutions and mapped to the MITRE ATT&CK framework.
- Security professionals can hunt for IOCs using Zscaler research and Uncoder AI to transform IOCs into custom queries for SIEM or EDR platforms.
- CoffeeLoader, discovered in September 2024, is designed to download and execute secondary payloads stealthily using unique GPU-based packing techniques.
- The malware samples are packed, with CoffeeLoader mimicking ASUS's legitimate Armoury Crate utility using a packer called Armoury.
- CoffeeLoader establishes persistence via Windows Task Scheduler and uses varied evasion tactics like call stack spoofing, sleep obfuscation, and Windows fibers.
- It employs HTTPS for C2 communication, domain generation algorithms, and certificate pinning if primary C2 channels fail.
- CoffeeLoader, spread through SmokeLoader, shares similarities with it in behaviors like scheduled tasks for persistence and utilizing low-level Windows APIs.
- While a new SmokeLoader version shares some evasion features with CoffeeLoader, the relation between the two remains unclear.
Read Full Article
Like
TechJuice
2d
358
Image Credit: TechJuice
NIC Karachi Cohort 13 Welcomes 40 Startups from 618 Applicants
- NIC Karachi has announced its 13th Cohort, selecting 40 startups from 618 applicants.
- Over 30% of the selected startups in Cohort 13 are led by female entrepreneurs.
- The batch includes startups from diverse sectors such as FinTech, Cybersecurity, AI, Industrial Automation, and HealthTech.
- Selected startups will receive mentorship, funding opportunities, and industry connections through NIC Karachi's incubation program.
Read Full Article
21 Likes
Global Fintech Series
2d
106
Image Credit: Global Fintech Series
Can Blockchain Address the Critical Pain Points of Modern Fintech?
- Blockchain technology is disrupting the financial industry by offering innovation, efficiency, and security on a global scale.
- Blockchain's impact on fintech includes reducing operational costs, enhancing security, and providing transparency.
- Global spending on blockchain in finance is expected to exceed $18.7 billion by 2024, emphasizing its growing importance.
- Blockchain addresses fintech pain points by offering security, transparency, and operational efficiency.
- The technology enables faster, secure transactions, reduces fraud, and enhances operational transparency.
- Blockchain's core advantages in fintech include enhanced security, greater transparency, boosted efficiency through automation, and advancing financial inclusion.
- Key challenges faced by fintech companies include fraud risks, inefficiencies, lack of financial inclusion, regulatory compliance, centralization, and slow processes.
- Blockchain technology improves data security, increases trust and transparency, promotes financial inclusion, streamlines payments, and enables new crowdfunding models.
- Fintech industry's adoption of blockchain is reshaping financial services, with opportunities for improved processes and security.
- Blockchain's versatility allows fintech companies to create digital tokens, loyalty programs, and streamline transactions independently.
Read Full Article
6 Likes
Arstechnica
2d
185
Image Credit: Arstechnica
Gemini hackers can deliver more potent attacks with a helping hand from… Gemini
- Researchers have developed a method to create computer-generated prompt injections against Gemini with higher success rates.
- Indirect prompt injections have emerged as a powerful means for attackers to exploit large language models.
- These prompt injections can divulge confidential information and deliver falsified answers.
- Black-box nature of closed-weights models like Gemini makes it challenging for attackers to devise working prompt injections.
Read Full Article
11 Likes
Tech Radar
2d
248
Image Credit: Tech Radar
Solar grids could be hijacked and even potentially disabled by these security flaws
- Solar inverters produced by Sungrow, Growatt, and SMA have been found to have 46 vulnerabilities.
- These vulnerabilities could potentially lead to remote code execution, denial of service, device takeover, and access to sensitive information.
- Concerns have been raised about the possibility of hijacking solar grids and damaging the electrical grid.
- The manufacturers have released patches for all the disclosed vulnerabilities.
Read Full Article
14 Likes
Tech Radar
2d
74
Image Credit: Tech Radar
Microsoft Stream classic domain hijacked, causing spam across SharePoint
- An old Microsoft Stream domain, microsoftstream.com, was recently hijacked and used in a spam campaign.
- Users with SharePoint sites that contained embedded videos experienced the malicious content.
- Microsoft has taken action to prevent access to the impacted domains.
- The hijacked domain could have been used for more harmful activities, but the attackers in this case opted for a spam campaign.
Read Full Article
4 Likes
Cybersecurity-Insiders
2d
264
Image Credit: Cybersecurity-Insiders
Generative AI providers rewriting the rules of automated traffic – F5 report
- Generative AI has led to a surge in automated bot traffic, outnumbering human users for web content requests.
- A report by F5 analyzed 207 billion web transactions, showing significant growth in web scrapers used by LLM providers.
- Over half of web page requests were automated, with a notable increase in content scraping.
- Industries like healthcare, hospitality, and entertainment were targeted most by bot traffic.
- Certain industries, like technology and entertainment, faced higher rates of account takeover attacks.
- Despite high bot traffic levels, most industries saw a decline in automated activity compared to the previous year.
- Mitigation efforts against bots had varied impacts, resulting in decreased automated activity in some cases.
- The rise of generative AI has presented challenges for organizations to combat evolving bot traffic patterns.
- Industries need to adapt and strengthen defenses to deter sophisticated automated traffic.
- An increase in bot traffic post-mitigation doesn't imply breach success, but rather persistent attempts to access data.
Read Full Article
15 Likes
Insider
2d
220
Image Credit: Insider
Europe says 'emerging threats' mean people should stockpile enough supplies for 72 hours. Here's what experts suggest.
- The European Union has advised citizens to stockpile 72 hours' worth of supplies in case of 'threats and crises'.
- This is part of a strategy to enhance Europe's response to emerging threats.
- Experts suggest stockpiling supplies to last much longer than 72 hours.
- Supplies recommended include water, non-perishable food, hygiene items, first aid kits, and essential documents.
Read Full Article
13 Likes
For uninterrupted reading, download the app