menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Siliconangle

1d

read

93

img
dot

Image Credit: Siliconangle

Silverfort uncovers critical Netlogon flaw affecting Windows domain controllers

  • A new vulnerability in Microsoft's Netlogon protocol, named 'NOTLogon,' was discovered by Silverfort Inc., allowing low-privilege machines to crash Windows domain controllers remotely.
  • The vulnerability was patched by Microsoft in its July 8 update and does not allow for privilege escalation or credential theft, but can disrupt core Active Directory services.
  • Discovered through AI-assisted methods, the flaw stems from the handling of malformed inputs in the NetrLogonSamLogonEx RPC call, causing domain controllers to crash and trigger reboots.
  • Silverfort recommends organizations to apply the July 2025 security update, audit machine account usage, limit account creation permissions, and segment network access to protect domain controllers.

Read Full Article

like

5 Likes

source image

Tech Radar

1d

read

199

img
dot

Image Credit: Tech Radar

This top security platform is being hacked to carry out malware threats

  • Elastic Security Labs reported Shellter Elite being abused in malware delivery campaigns due to a leaked license.
  • Shellter Project released a patch to address the incidents and prevent future abuse of the commercial pentesting tool.
  • The tool designed for ethical red team operations was used to deploy infostealers and bypass antivirus and EDR defenses.
  • The Shellter Project criticized Elastic Security Labs for not notifying them earlier and vowed to distribute the newest version only to vetted customers.

Read Full Article

like

12 Likes

source image

Dynamicbusiness

1d

read

293

img
dot

Image Credit: Dynamicbusiness

The cybercrime that tricks even security-savvy workers

  • Business email compromise attacks have become a significant threat, costing over $2.7 billion in losses globally, with cybercriminals impersonating trusted colleagues and authority figures to breach corporate defenses.
  • Sophisticated hackers invest time researching targets, creating convincing impersonations using insider knowledge. They use look-alike domains, request credentials, sensitive data, or wire transfers, aiming for significant monetary gain.
  • The most advanced attacks involve infiltrating corporate email systems, monitoring communications to strike opportunistically. There is a risk of facilitating ransomware attacks, spreading malware, and deploying supply chain attacks.
  • Defense against such attacks requires employee education, robust verification procedures for financial transactions, proactive monitoring of the dark web, and immediate actions like enforcing multi-factor authentication for compromised accounts.

Read Full Article

like

17 Likes

source image

Medium

1d

read

165

img
dot

*Indian Computer Emergency Response Team (CERT-In): Securing India's Cyberspace*

  • CERT-In, India's Computer Emergency Response Team, plays a pivotal role in safeguarding India's cyberspace.
  • Key functions include incident response, issuing threat alerts, conducting security drills, collaboration with global entities, and promoting public awareness of cybersecurity best practices.
  • Noteworthy initiatives include Cyber Swachhta Kendra, Mandatory Reporting Rule (2022), and CII Guidelines for critical sectors.
  • Challenges faced by CERT-In include evolving cyber threats, lack of skilled professionals, and the necessity for improved stakeholder coordination.
  • CERT-In collaborates with international cybersecurity agencies and partners in various countries to enhance threat intelligence sharing and cybersecurity practices.
  • The organization's efforts focus on monitoring, collaboration, and awareness to bolster India's cyber resilience in the face of growing cyber threats.

Read Full Article

like

9 Likes

source image

Tech Radar

1d

read

195

img
dot

Image Credit: Tech Radar

Experts flag a huge amount of cyberattacks coming from this unexpected domain

  • Cybersecurity experts from Cofense reveal a significant increase in malicious campaigns using .es domains, with a 19x rise from Q4 2024 to Q5 2025.
  • Credential phishing attacks made up 99% of the malicious campaigns, while 1% were related to remote access trojans, and Microsoft was the most impersonated brand.
  • .es domains, primarily intended for Spanish-speaking audiences, saw approximately 1,400 malicious subdomains across 450 base domains in the first five months of the year.
  • Despite the significant rise in .es domain usage for cyberattacks, common attack vectors remained unchanged, with most attacks impersonating Microsoft and using tactics like spoofed emails to deliver malware.

Read Full Article

like

11 Likes

source image

Global Fintech Series

1d

read

211

img
dot

Image Credit: Global Fintech Series

Wanna Strengthens Player Protection with Accertify and PayNearMe Collaboration

  • Accertify's fraud prevention solutions have helped Wanna reduce chargeback losses by 27% since the US launch in March Madness 2024.
  • Wanna is enhancing player protection by using Accertify's fraud solutions and PayNearMe's payment services for its US-based DFS platform, Wanna Parlay.
  • Wanna prioritizes player safety and trust, ensuring a secure gaming environment with the collaboration with Accertify.
  • The collaboration between Accertify and PayNearMe aims to provide comprehensive protection and a seamless experience for players while maintaining efficiency and confidence for operators.

Read Full Article

like

12 Likes

source image

TechDigest

1d

read

403

img
dot

Image Credit: TechDigest

M&S Chairman: cyber attack attempt to destroy retail giant

  • Marks & Spencer Chairman Archie Norman revealed that the cyber attack in April was an attempt to 'destroy' the retail giant by hacker group DragonForce.
  • The attack, involving a 'sophisticated impersonation,' led to online orders being suspended, empty shelves in stores, and is expected to impact profits by around £300 million.
  • M&S notified authorities and the FBI, expects to recover a substantial part through insurance claims, and has intensified cybersecurity efforts after the breach.
  • Despite having legacy systems, M&S plans to accelerate technology investments to enhance cybersecurity, and has increased its cybersecurity team and expenditure.

Read Full Article

like

16 Likes

source image

TechCrunch

1d

read

395

img
dot

Image Credit: TechCrunch

Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack

  • Marks & Spencer chairman declined to disclose whether the company paid hackers following a ransomware attack earlier this year.
  • Chairman Archie Norman mentioned that they are not discussing details of their interaction with the threat actor, citing law enforcement and public interest reasons.
  • Norman stated that nobody at Marks & Spencer directly communicated with the ransomware group DragonForce, attributed to the attack.
  • In May, Marks & Spencer reported a data breach with customer information stolen, leading to disrupted operations. Recovery efforts are expected to continue until October or November.

Read Full Article

like

22 Likes

source image

Securityaffairs

1d

read

139

img
dot

Image Credit: Securityaffairs

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog.
  • CISA included vulnerabilities such as MRLG buffer overflow, PHPMailer command injection, Rails Ruby on Rails path traversal, and ZCS SSRF in the catalog.
  • The vulnerabilities pose risks of memory corruption, arbitrary code execution, file content disclosure, and SSRF, affecting various software versions.
  • Federal agencies are required to address these vulnerabilities by July 28, 2025, in alignment with a security directive to mitigate the risks of known exploited vulnerabilities.

Read Full Article

like

8 Likes

source image

Tech Radar

1d

read

18

img
dot

Image Credit: Tech Radar

One of the biggest security threats to Apple systems just got a major upgrade - here's what we know

  • Atomic Stealer (AMOS), a dangerous infostealer malware on macOS, has been upgraded with a backdoor and persistence mechanism.
  • The new variant allows attackers persistent access, survives reboots, and enables deployment of other malware on compromised devices.
  • AMOS has been used in major hacking campaigns, extracting various data, bypassing macOS security features, and being distributed via fake apps and malicious websites.
  • Security experts warn that AMOS malware campaigns have expanded globally, affecting over 120 countries, including the US, France, Italy, UK, and Canada.

Read Full Article

like

1 Like

source image

Siliconangle

1d

read

18

img
dot

Image Credit: Siliconangle

New Barracuda backup tool extends Microsoft Entra ID data retention

  • Barracuda Networks Inc. has launched Barracuda Entra ID Backup Premium to protect Microsoft Entra ID environments from data loss.
  • The solution offers centralized visibility, backup status monitoring, and long-term data retention for single and multi-tenant environments.
  • Barracuda Entra ID Backup Premium helps organizations mitigate the risk of data loss in Microsoft Entra ID environments and provides fast recovery capabilities.
  • The software-as-a-service solution requires no installation and offers features like advanced search, real-time monitoring, and role-based access control for efficient identity protection management.

Read Full Article

like

1 Like

source image

Siliconangle

1d

read

132

img
dot

Image Credit: Siliconangle

Morphisec warns of Iran-backed ransomware campaign driven by political motives

  • Morphisec Inc. warns of the resurgence of Pay2Key ransomware operation linked to Iran's Fox Kitten APT group, now rebranded as Pay2Key.I2P, utilizing RaaS model and Mimic ransomware techniques.
  • Pay2Key.I2P has amassed $4 million from over 50 attacks within four months, with affiliates incentivized through an 80% profit share, particularly targeting adversaries of Iran for financial and ideological reasons.
  • The ransomware group employs advanced evasion techniques, including a multi-stage attack chain, with recent expansions to target Linux systems and incorporate obfuscation methods to evade detection.
  • While profit remains a motive, Morphisec emphasizes Pay2Key.I2P's ideological agenda, positioning the campaign as a tool of cyber warfare against Western targets aligned with Iran's geopolitical stance.

Read Full Article

like

7 Likes

source image

Siliconangle

1d

read

280

img
dot

Image Credit: Siliconangle

Sonatype report finds 188% spike in open-source malware in the second quarter

  • Sonatype Inc. reported a 188% increase in open-source malware in the second quarter of 2025, with 16,279 newly discovered malicious packages across popular ecosystems.
  • Data exfiltration was the primary threat, with 55% of malicious packages designed to steal sensitive data. Malware targeting data corruption more than doubled during the quarter, now representing over 3% of all malicious packages.
  • Cryptomining malware decreased to 5% of packages, indicating a shift towards more impactful outcomes like credential theft and espionage. The Lazarus Group, a North Korea-linked APT, was associated with 107 malicious packages.
  • Sonatype's Open Source Malware Index noted a rise in advanced nation-state actors using open-source software for cyber espionage and financial crimes. The report is based on the company's proprietary detection systems monitoring npm, PyPI, and Maven Central.

Read Full Article

like

16 Likes

source image

Siliconangle

1d

read

286

img
dot

Image Credit: Siliconangle

Splunk uncovers surge in social engineering through fake CAPTCHA attacks

  • Splunk Inc. warns of a surge in social engineering campaigns using fake CAPTCHA systems to deliver malware without relying on software vulnerabilities.
  • These attacks, dubbed 'ClickFix' and 'FakeCAPTCHA,' trick users into self-infecting their systems by exploiting familiarity with verification systems and using clipboard manipulation techniques.
  • The attacks lure victims to malicious websites resembling Google's reCAPTCHA or Cloudflare CAPTCHA pages, prompting users to trigger hidden JavaScript that downloads and executes second-stage payloads.
  • To combat this threat, Splunk researchers have introduced open-source tools like ClickGrab and PasteEater, along with detection queries to help organizations monitor for FakeCAPTCHA activity.

Read Full Article

like

13 Likes

source image

Medium

1d

read

311

img
dot

Image Credit: Medium

ChatGPT: Help or Risk?

  • ChatGPT, an AI tool by OpenAI, has become essential in daily life for tasks like writing emails, asking questions, and content creation, with around 180 million users globally.
  • While beneficial, users need to heed safety and privacy precautions while using ChatGPT to avoid mishaps like the accidental uploading of sensitive data that led Samsung to ban such AI tools in 2024.
  • Samsung's decision to ban ChatGPT stemmed from fears of data security breaches and unintended data sharing as seen with an employee uploading sensitive company code to the platform.
  • Users are urged to use AI tools like ChatGPT responsibly and securely to prevent data mishandling and unauthorized sharing, emphasizing the importance of data privacy awareness.

Read Full Article

like

18 Likes

For uninterrupted reading, download the app