menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Wired

3w

read

271

img
dot

Image Credit: Wired

Human Misuse Will Make Artificial Intelligence More Dangerous

  • OpenAI CEO and Elon Musk have different predictions for when artificial general intelligence (AGI) will be achieved.
  • In the meantime, AI poses a significant risk due to human misuse.
  • Unintentional misuses include lawyers relying on AI-generated content without realizing its inaccuracies.
  • Intentional misuses involve the creation and spread of non-consensual deepfakes.

Read Full Article

like

16 Likes

source image

Tech Radar

3w

read

201

img
dot

Image Credit: Tech Radar

Chinese police found using spyware to monitor Android devices

  • Chinese law enforcement is using surveillance tools to collect extensive information from mobile devices.
  • A surveillance tool called EagleMsgSpy is being used to target Android devices.
  • The spyware requires physical installation and collects messages, call logs, audio recordings, and more.
  • There are concerns that these surveillance tools could be exploited by threat actors.

Read Full Article

like

12 Likes

source image

Medium

3w

read

209

img
dot

Should I worry about AI?

  • AI systems can exhibit biases and discrimination if trained on biased data.
  • AI poses privacy concerns due to surveillance and data aggregation for training.
  • There is a growing dependency on AI, which can lead to skill degradation in human workforce.

Read Full Article

like

12 Likes

source image

Tech Radar

3w

read

433

img
dot

Image Credit: Tech Radar

Environmental groups may have been targeted by Exxon lobbyists in hack-and-leak operations

  • A group lobbying on behalf of Exxon Mobil is allegedly being investigated for hack-and-leak operations targeting critics of the oil industry.
  • Over 500 email accounts were attacked in an apparent effort to stifle investigations and lawsuits against Exxon Mobil.
  • Environmental groups are calling for an investigation into the hacking and for greater accountability on Exxon Mobil.
  • Exxon Mobil denies involvement and condemns hacking if it took place; the implicated group denies hacking allegations as well.

Read Full Article

like

26 Likes

source image

Socprime

3w

read

433

img
dot

Image Credit: Socprime

Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version

  • The Secret Blizzard (also known as Turla) hacking group has been observed deploying custom malware in its latest attacks on Ukrainian targets.
  • The group is thought to have used the Amadey bot malware to deploy its own samples of malware on systems connected to the Ukrainian military.
  • The Microsoft threat intelligence team has stated that Secret Blizzard launched a similar campaign in 2022, whilst its most recent attack occurred in the spring of 2024.
  • Microsoft found that Secret Blizzard's malware also deployed a custom reconnaissance tool to target Ukrainian military devices connected to STARLINK IPs.
  • The investigation suggests that Secret Blizzard used the PowerShell dropper to deploy the Tavdig backdoor and a vulnerable Symantec binary for DLL sideloading.
  • Tavdig malware was used to gather user data, network statistics and patch information, it also installed registry keys for KazuarV2 backdoor persistence.
  • The Secret Blizzard hacking group, also associated with Turla, Venomous Bear and Krypton, primarily focuses on government, diplomatic and military organizations.
  • Since February 2022, Turla has been heavily involved in cyberespionage campaigns aimed at Ukraine.
  • Security teams can use the SOC Prime Platform to fight back against the group's evolving tactics.
  • The platform offers the world's largest collection of CTI-enriched detections, as well as automated threat hunting and AI-powered detection engineering services.

Read Full Article

like

26 Likes

source image

Medium

3w

read

341

img
dot

Image Credit: Medium

Startup VCs and Angels: Are You Protecting the Intangibles You’re Investing In?

  • When venture capitalists (VCs) and angel investors put their money into startups, they’re not just buying shares in physical assets. They’re investing in intangible assets like goodwill, intellectual property, and customer trust.
  • Startups that don't prioritize information security are at risk of losing their intangible assets due to cyberattacks, data breaches, or code exposure, potentially rendering them worthless.
  • The gaps in security strategy among startups make them vulnerable to cyberattacks, putting both their future and the investments of VCs and angel investors at risk.
  • Investors should consider factors like phishing simulation success rates, security budget allocation, incident history, compliance with standards, and the frequency of security audits and penetration tests to assess a startup's security readiness.

Read Full Article

like

20 Likes

source image

Tech Radar

3w

read

336

img
dot

Image Credit: Tech Radar

Millions of credit card details leaked online - watch out if you're paying for Christmas

  • Millions of credit and debit card details were recently leaked online, exposing people to wire fraud and identity theft.
  • Researchers discovered an unsecured Amazon S3 bucket containing 5 terabytes of screenshots, including sensitive information entered in fake promotional forms.
  • The exposed data includes full names, billing addresses, email addresses, phone numbers, and credit card details.
  • Law enforcement and Amazon AWS Abuse Team have been notified to secure the data and prevent further access.

Read Full Article

like

20 Likes

source image

Securityaffairs

3w

read

253

img
dot

Image Credit: Securityaffairs

U.S. authorities seized cybercrime marketplace Rydox

  • The U.S. Department of Justice (DoJ) seized cybercrime marketplace Rydox, which facilitated over 7,600 sales of stolen personal data and cybercrime tools.
  • Three Kosovo nationals, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, were arrested in connection with Rydox.
  • Rydox operated since February 2016, generating $230,000 through the sale of over 321,000 products to 18,000 users.
  • The U.S. authorities coordinated with international partners to seize the Rydox domain and servers, along with $225,000 in cryptocurrency.

Read Full Article

like

15 Likes

source image

Silicon

3w

read

8

img
dot

Image Credit: Silicon

Mozilla Drops ‘Do Not Track’ For Upcoming Firefox Browser

  • Mozilla is removing the 'Do Not Track' (DNT) option from its upcoming Firefox 13.5 browser release.
  • Most websites are ignoring DNT requests, making the feature ineffective.
  • Mozilla suggests using the 'Tell websites not to sell or share my data' setting instead.
  • Some browsers like Firefox and DuckDuckGo offer the Global Privacy Control (GPC) option, but Chrome and Edge do not.

Read Full Article

like

Like

source image

Tech Radar

3w

read

113

img
dot

Image Credit: Tech Radar

Skoda security flaws could let hackers remotely track cars

  • Experts have discovered 12 security vulnerabilities in Skoda Superb III cars.
  • The flaws can allow hackers to access GPS and speed information, record conversations, and access the infotainment screen remotely.
  • Over 1.4 million vehicles could be affected, including law enforcement vehicles.
  • Last year, the same model car was found to have similar vulnerabilities.

Read Full Article

like

6 Likes

source image

Tech Radar

3w

read

1.6k

img
dot

Image Credit: Tech Radar

Data breach at Senior Dating website spills info of 765,000 users

  • A data breach has occurred at a senior dating website, exposing the information of 765,000 users.
  • The breach also affected another dating site owned by the same company, with 118,000 users exposed.
  • The compromised data breach was due to a vulnerability in a Google-backed web development platform.
  • Users are at risk of identity theft and are urged to monitor their accounts and be cautious of scams.

Read Full Article

like

9 Likes

source image

Tech Radar

3w

read

249

img
dot

Image Credit: Tech Radar

Many companies have already faced an AI-based security alert

  • A growing number of companies are facing AI-accentuated security threats as the technology becomes more widespread.
  • One-quarter of firms have encountered AI-enhanced security threats, and three-quarters are concerned about them in the future.
  • Despite confidence in security capabilities, more than half of the companies have experienced an API security incident in the past year.
  • API security is now a top priority, with measures being taken to counter AI-enhanced attacks, but there are concerns about the difficulty of securing APIs with AI.

Read Full Article

like

15 Likes

source image

Softwaretestingnews

3w

read

105

img
dot

How Smart Cities are Bridging the Digital Divide With AI

  • Urbanisation is exposing critical gaps that compromise residents’ quality of life, from inefficient essentials to grid and water-management deficiencies.
  • An estimated 14.5m people in the United States alone still lack access to reliable broadband, particularly in low-income or remote communities.
  • Network operators have begun utilizing AI to identify and address the digital divide and improve residents' quality of life.
  • Building a strong data foundation and adopting a citizen-centric approach can help cities make informed decisions about connectivity infrastructure.
  • Municipalities can establish data-driven control rooms and monitor their connectivity infrastructure through AI-driven insights.
  • Sand Technologies’ approach has helped increase broadband coverage, launch innovative services, and save millions of dollars in infrastructure investments.
  • The AI system should be scalable, adaptable and integrate new data sources without requiring complete overhauls.
  • AI-powered scenario planning tools can assist municipalities in anticipating future risks and plan accordingly for the future of smart cities.
  • Smart city AI journey must begin with data and identifying areas where AI, digital twins and other technologies can be applied for the greatest impact.
  • Bridging the digital divide by leveraging AI is a promising early step toward advancing digital equity and realizing society's shared vision of smart-city success.

Read Full Article

like

6 Likes

source image

Eletimes

3w

read

196

img
dot

Image Credit: Eletimes

8 Trends Reshaping Network Security in 2025

  • In 2025, network security will be more dynamic and innovative, transforming the way organizations defend their most valuable assets in the face of an ever-evolving digital world.
  • The future of network security depends on a holistic approach that integrates advanced AI technologies and seamless user experience.
  • 2025 will be the year enterprises will widely adopt a secure browser, marking the start of a new era in secure digital transformation.
  • Governments will invest in modernized and secure systems, including 5G technology, to enable smart cities and support the transition to smarter infrastructure.
  • Attacks will leverage post-quantum cryptography (PQC) to evade security defenses, requiring enterprises to decrypt and inspect all data flowing through their networks.
  • Preventing attacks will require integrated security services to work together as part of a platform, providing defense-in-depth to address the full spectrum of threat vectors.
  • AI-powered copilots will empower cybersecurity professionals to work smarter, filling in the cybersecurity skills gap that continues to outpace supply.
  • Workers will demand high-performance access to critical business technologies from anywhere, which is why we’ll see widespread adoption of single-vendor SASE solutions in 2025.
  • The rise of AI will create AI-specific attacks, which can be prevented through comprehensive solutions like AI Security Posture Management (SPM) and AI Runtime Security.
  • In 2025, enterprises will rely on advanced, AI-powered security protections to defend against user-targeted techniques, like phishing emails, crafted by generative AI (GenAI).

Read Full Article

like

11 Likes

source image

Socprime

3w

read

316

img
dot

Image Credit: Socprime

IBM QRadar: How to Create a Rule for Log Source Monitoring

  • You can create a custom rule to generate an offense or send notifications when logs stop coming from any log source.
  • Go to the Rules Section: Navigate to Offenses > Rules. Click Actions > New Event Rule.
  • Define the Rule Conditions: Steps: In the rule editor, click on Test Group and choose from the drop-down list Log Source Test. Search for and select parameter 'when the event(s) have not been detected by'. Set the 'of these log sources' and 'this many' (e.g., 10 minutes (set in seconds)).
  • Add Response to the Rule: Under the Response tab, choose the response(s) to make when an event triggers this rule.

Read Full Article

like

18 Likes

For uninterrupted reading, download the app