A naukri.com initiative
Cyber Security News
The Fintech Times
2w
230
Zip for Risk Orchestration Mitigates Fraud Risks by Streamlining Financial Verification
- Zip has launched Zip for Risk Orchestration to improve supplier risk management and streamline financial verification.
- Regulations worldwide are reshaping supplier relationship management, creating risks related to fraud, security breaches, and compliance.
- With Zip for Risk Orchestration, businesses can proactively manage risk through AI-driven compliance, audit workflows, and risk scoring.
- Companies like Invesco, Prudential, and Coinbase are already benefiting from Zip's approach to third-party risk.
Read Full Article
13 Likes
Securityaffairs
2w
369
Image Credit: Securityaffairs
France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency
- France’s Autorité de la concurrence fined Apple €150M for abusing its dominance in App Tracking Transparency (ATT) consent practices on iOS and iPadOS between April 26, 2021 and July 25, 2023.
- Apple's ATT framework, though intended for privacy, was found to unfairly disadvantage third-party apps by making their use overly complex and favoring Apple's own services.
- The Autorité ruled that ATT's implementation distorted competition, harming smaller publishers reliant on ad revenue.
- Apple expressed disappointment with the decision, noting that the French Competition Authority did not mandate any specific changes to the App Tracking Transparency (ATT) framework.
Read Full Article
22 Likes
Medium
2w
404
Image Credit: Medium
Breaking Barriers: Nigerian Women Entrepreneurs Thrive with AI and Digital Tools, says Mastercard
- 82 percent of women-led businesses have experienced significant time and cost savings through the use of AI tools.
- 25 percent of women business owners in Nigeria have fallen victim to fraudulent activities.
- 65 percent of women express daily concerns about potential cyberattacks.
- Mastercard has supported over 50 million small businesses worldwide, including 37 million women-led enterprises.
Read Full Article
24 Likes
Cybersafe
2w
39
Image Credit: Cybersafe
WordPress MU-Plugins exploited by hackers for stealthy attacks
- Hackers are exploiting the WordPress Must-Use Plugins (MU-Plugins) directory to inject and execute malicious code on websites undetected.
- MU-Plugins are a special category of WordPress plugins that run automatically on every page load, making them an attractive target for cybercriminals.
- Researchers have identified three primary malware payloads being deployed in the MU-Plugins directory: redirect.php, index.php, and custom-js-loader.php.
- To mitigate these threats, WordPress administrators are advised to regularly update plugins and themes, remove unused ones, and conduct routine security audits.
Read Full Article
2 Likes
Global Fintech Series
2w
280
Image Credit: Global Fintech Series
Global Fintech Series Interview with Jeremy Ung, Chief Technology Officer at Blackline
- Jeremy Ung, BlackLine's CTO, discusses embedded finance importance and fintech's future in a GlobalFintechSeries interview.
- Ung emphasizes the need for unified systems, breaking silos, and actionable intelligence amidst rapid financial changes.
- Exciting trends he mentions include AI-driven agentic experiences, embedded finance, and real-time finance activities.
- Challenges for modern teams lie in data fragmentation, legacy systems, and lack of engineering resources for integrations.
- Collaboration between CFOs and CTOs is crucial, focusing on common data strategies, interoperable systems, and automation.
- Roadblocks to seamless integrations include legacy system incompatibility, data inconsistencies, security issues, and user resistance.
- Tips for evaluating new fintech in 2025 involve defining goals, testing integration capabilities, prioritizing user experience, and iterative implementation.
- AI in fintech is moving towards predictive analytics, agentic experiences, dynamic forecasting, and AI-driven natural language insights, requiring ethical AI frameworks.
- Fintech's future entails less manual work and more strategic decision-making, enabled by AI and efficient data management.
Read Full Article
16 Likes
TechBullion
2w
34
Image Credit: TechBullion
Why Security Should Be a Priority in Every Stage of Software Development?
- Security should be a priority at every stage of software development, from design to deployment, and maintenance. Incorporating security from the start is crucial to protect data, privacy, and reduce vulnerabilities.
- Failing to prioritize security in the development lifecycle can lead to data breaches, financial losses, and reputational damage. Ignoring security initially increases the risks associated with software vulnerabilities.
- Incorporating secure APIs like OAuth2 token-based authentication early on helps to reduce the chances of unauthorized access and data breaches, securing critical information.
- Addressing security early in the software development process reduces long-term costs and avoids unnecessary disruptions. It's 30 times more expensive to fix vulnerabilities later in development.
- Security needs to be added and identified in each stage of the software development lifecycle, starting from requirements gathering and planning to design, development, testing, and deployment.
- Security frameworks like OWASP, ISO/IEC 27001, and NIST help establish a strong foundation for security throughout the software development lifecycle.
- Prioritizing security from the beginning can save both money and time, reducing the risk of post-launch fixes and the impact of data breaches.
- Early integration of security measures simplifies the development process, reduces delays, and ensures compliance with regulations like GDPR and HIPAA.
- Security also builds customer trust, as consumers are likely to stop using services after a data breach. Security is an investment that protects the future and is essential in the evolving landscape of technology.
- The future of software security is expected to be influenced by technologies like artificial intelligence, blockchain, IoT, and cloud security, emphasizing the need for ongoing evolution and integration of security measures.
Read Full Article
2 Likes
Siliconangle
2w
265
Image Credit: Siliconangle
JFrog report finds AI growth driving new software supply chain threats
- An expansion of AI technology across the software supply chain has led to an increase in security threats, according to a report by JFrog Ltd.
- The report identified a combination of security vulnerabilities, including CVEs, malicious packages, secrets' exposures, and human errors, as the top threats to software supply chain integrity and safety.
- The JFrog Security Research Team found a 64% increase in exposed secrets or tokens in public registries, with 27% of them active.
- The report also highlighted concerns over the proliferation of AI and machine learning models, the decrease in binary scanning practices, and persistent issues with open-source security.
Read Full Article
15 Likes
Insider
2w
347
Image Credit: Insider
AI has ushered in a new kind of hacker
- Hackers are using new AI models to infiltrate companies with old tricks.
- Open-source models are gaining popularity, but raise the bar for cybersecurity.
- Researchers found hundreds of malicious models on Hugging Face.
- AI models present new opportunities for hackers to exploit and infect companies.
Read Full Article
20 Likes
Cybersecurity-Insiders
2w
178
Image Credit: Cybersecurity-Insiders
The Unique Challenges of Securing Agentic AI
- The rise of Agentic AI has become one of the most talked about trends in the AI world.
- Autonomous AI agents in the Agentic AI ecosystem pose unique security challenges.
- Challenges include compromised agents, collusion attacks, competitive exploitation, and the spread of malicious behaviors.
- To mitigate these risks, continuous monitoring, secure communication, AI explainability, and novel cybersecurity systems are recommended.
Read Full Article
10 Likes
Securityaffairs
2w
108
Image Credit: Securityaffairs
Hiding WordPress malware in the mu-plugins directory to avoid detection
- Threat actors are hiding WordPress malware in the mu-plugins directory to evade detection and maintain persistence.
- Unlike regular plugins, mu-plugins automatically load on every page load, making them an ideal location for backdoors.
- Attackers are using obfuscated PHP to execute hidden payloads from the mu-plugins directory, enabling them to manipulate website behavior.
- The malware found in the mu-plugins directory includes fake update redirects, webshells, and JavaScript injectors for various malicious purposes.
Read Full Article
6 Likes
Medium
2w
234
Image Credit: Medium
Dmail Network: Pioneering the Future of Web3 Communication
- Dmail Network is a next-generation decentralized email service that prioritizes privacy, security, and user control.
- Dmail leverages blockchain technology to create a secure and censorship-resistant communication network.
- Dmail is expanding its services across multiple blockchain networks to enhance interoperability.
- Dmail plans to introduce enhanced privacy features, decentralized identity verification, and AI-powered email assistance.
Read Full Article
14 Likes
Cybersecurity-Insiders
2w
395
Image Credit: Cybersecurity-Insiders
Why AI Literacy Matters
- AI literacy is about understanding what AI is, how it works, and its impact on the future.
- AI Literacy Day aims to help people learn about AI in a simple and clear way.
- AI literacy enables individuals to make informed decisions about AI usage and understand its ethical implications.
- In the job market, AI literacy is becoming essential as companies integrate AI into their workflows.
Read Full Article
23 Likes
Global Fintech Series
2w
104
Image Credit: Global Fintech Series
AI-Powered Ask Ascend Accelerates Client Tech Integrations
- Ask Ascend is an AI-powered assistant designed to provide quick and accurate answers to technical and operational questions for clients integrating with Apex Ascend.
- Built on Google Cloud's Vertex AI platform, Ask Ascend offers enterprise-level reliability, security, and scalability for accelerated integrations.
- Features include support for Apex Ascend integration, security measures, debugging capabilities, and a broad query range to aid developers and operations professionals.
- Ask Ascend is integrated within workflows and supports global client queries throughout regions like North America, Asia, Africa, and more.
- The AI-powered tool eliminates delays by providing immediate answers, removing the need to wait for subject matter experts to address critical questions.
- Apex Fintech Solutions aims to improve client onboarding with Ask Ascend, even providing access in the sandbox environment before contracts are signed.
- Apex Clearing Corporation, a subsidiary of Apex Fintech Solutions, offers securities products and services to clients across multiple states and territories.
- By leveraging AI technology, Apex empowers clients to accelerate integration processes, ensure security and compliance, and streamline technical troubleshooting.
- The client-centric AI platform assists developers and operations professionals in navigating technical queries and integration processes efficiently.
- Ask Ascend serves as a robust support system, aiding users in accessing API specifications, sample code, and other technical resources with ease.
Read Full Article
6 Likes
Cybersecurity-Insiders
2w
0
Image Credit: Cybersecurity-Insiders
What is the New Jersey Data Protection Act and How does it Affect Businesses?
- New Jersey has passed a new cybersecurity regulation, known as the New Jersey Data Protection Act (NJDPA), which aims to enhance data protection for businesses and individuals.
- The NJDPA applies to companies that handle personal data for 100,000 people or more, or generate revenue from selling or sharing data for 25,000 people or more, even international companies targeting New Jersey.
- Certain sectors, such as banking, telecommunications, and iGaming, are already ahead in terms of data protection and are well-positioned to meet the new requirements.
- The NJDPA encourages businesses to use encryption methods and other security measures to protect user data, and also requires companies to offer opt-out choices to consumers and limit unnecessary data collection.
Read Full Article
Like
Semiengineering
2w
134
Image Credit: Semiengineering
LLM-based Agentic Framework Automating HW Security Threat Modeling And Test Plan Generation (U. of Florida)
- Researchers at the University of Florida have developed ThreatLens, an LLM-driven multi-agent framework for automating hardware security threat modeling and test plan generation.
- The current hardware security verification processes rely on labor-intensive manual efforts, which struggle to scale with increasing design complexity and evolving attack methodologies.
- ThreatLens integrates retrieval-augmented generation (RAG), LLM-powered reasoning, and user feedback to automate threat assessment and generate practical test plans.
- The framework reduces manual verification effort, enhances coverage, and ensures a structured, adaptable approach to hardware security verification.
Read Full Article
8 Likes
For uninterrupted reading, download the app