Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Medium

283

Image Credit: Medium

5 Ways Asset Identification Supports Stronger Cybersecurity Practices

Asset identification is crucial for building a robust cybersecurity posture in today's digital landscape.
Asset identification involves discovering, tracking, and understanding all digital and physical assets within an environment.
Five ways asset identification strengthens cybersecurity defenses are eliminating Shadow IT, prioritizing vulnerability management, enhancing incident response, strengthening compliance, and optimizing security controls.
Comprehensive asset identification is an ongoing process that allows organizations to move beyond reactive measures and build a resilient digital environment.

Read Full Article

15 Likes

Medium

Why Smart People Are Secretly Using VPNs (And You Should Too)

A VPN acts as a personal digital tunnel on the internet, hiding your IP address and encrypting data for secure browsing.
By using a VPN, you can access geo-blocked content, protect your online activities from ISPs, government surveillance, and hackers.
Traveling or living in regions with internet restrictions becomes easier with a VPN by bypassing location-based restrictions.
Public Wi-Fi networks can be risky, but a VPN encrypts your communication for secure browsing and protects sensitive information.
Free VPN services are often unreliable and may compromise privacy by collecting and selling user data.
Choosing a reputable VPN provider with no-log policies, high ratings, and global server network is essential for privacy and security.
Activating a VPN on public networks and for accessing geo-blocked content enhances security and provides entertainment opportunities.
Using a VPN for anonymous browsing, legal entertainment access, and protecting sensitive data is recommended for digital privacy.
VPN usage is legal in most countries, including Indonesia, and should be used responsibly for privacy protection.
Selecting a VPN should involve research, reading privacy policies, and testing services to ensure data protection without compromising privacy.

Read Full Article

3 Likes

TechCrunch

304

Image Credit: TechCrunch

Pro-Israel hacktivist group claims reponsibility for alleged Iranian bank hack

Pro-Israeli hacktivist group Predatory Sparrow claims responsibility for hacking and taking down Iran’s Bank Sepah.
The group accuses Bank Sepah of financing Iran’s regime’s activities with the people's money, including supporting terrorist proxies and military programs.
Iran International reports widespread banking disruptions with several Bank Sepah branches closed, and customers unable to access their accounts.
Pictures of ATMs in Iran displaying error messages were posted, indicating some form of disruption.
Attempts to verify the cyberattack independently were unsuccessful as Bank Sepah Iranian email addresses returned errors, and affiliates in the U.K. and Italy did not respond.
Predatory Sparrow, the alleged perpetrator, did not respond to requests for comment.
The conflict between Israel and Iran has escalated with attacks on each other’s countries, stemming from Israel targeting Iranian nuclear facilities and military assets.
The group has a history of cyberattacks in Iran, believed to have had tangible effects on Iranian entities according to cybersecurity experts.
The group's past hacks allegedly caused an explosive fire in an Iranian steel plant and disrupted gas stations, affecting citizens.

Read Full Article

18 Likes

TechCrunch

220

Image Credit: TechCrunch

Pro-Israel hacktivist group claims responsibility for alleged Iranian bank hack

The pro-Israeli hacktivist group Predatory Sparrow claimed responsibility for hacking Iran's Bank Sepah.
The group accused Bank Sepah of circumventing sanctions to finance terrorist activities and nuclear programs.
Reports indicate widespread banking disruptions in Iran, with Bank Sepah branches closed and customers unable to access their accounts.
TechCrunch could not independently verify the cyberattack, and Bank Sepah affiliates did not respond to requests for comment.
The conflict escalates between Israel and Iran as cyberattacks and bombings target each other's countries.
The identity of Predatory Sparrow remains unknown, but cybersecurity experts believe they have been successful in previous attacks.
John Hultquist from Google's Mandiant noted that the group has shown tangible effects in Iran through past cyber attacks.
Former NSA and Biden administration official Rob Joyce highlighted Predatory Sparrow's attacks on Iranian steel plants and gas stations.
These attacks allegedly caused an explosive fire in a steel plant and disruptions at gas stations in Iran.

Read Full Article

13 Likes

Discover more

Tech Radar

176

Image Credit: Tech Radar

A key Asus Windows tool has a worrying security flaw - here's how to stay safe

Asus has released a patch for CVE-2025-3464, a high-severity authentication bypass flaw affecting Armoury Crate.
The vulnerability could lead to full device compromise by allowing unauthorized driver access.
A security researcher discovered that the driver authenticates requests using a hardcoded SHA-256 hash.
Threat actors could exploit the flaw to obtain SYSTEM privileges on a Windows device.
The vulnerability, tracked as CVE-2025-3464, has a severity score of 8.4/10.
All versions between 5.9.9.0 and 6.1.18.0 of Armoury Crate were vulnerable.
Asus recommends users update to the latest version of Armoury Crate to secure their devices.
The flaw does not appear to have been exploited, but users are urged to update as a precaution.
Armoury Crate is a centralized hub for managing Asus and ROG hardware, offering performance control and updates.
Users can update Armoury Crate via Settings > Update Center > Check for Updates > Update.
Asus found that a threat actor must have system access beforehand to exploit the vulnerability.
Asus confirmed that the flaw has been patched to prevent unauthorized driver access.
The authentication bypass flaw could allow threat actors to gain full device takeover.
The vulnerability does not currently show signs of exploitation in the wild.
Asus suggests immediate updating of Armoury Crate to protect against possible abuse.

Read Full Article

10 Likes

Amazon

400

Image Credit: Amazon

Secure your Express application APIs in minutes with Amazon Verified Permissions

Amazon Verified Permissions has released @verifiedpermissions/authorization-clients-js, an open source package for implementing external fine-grained authorization for Express.js web application APIs swiftly using Verified Permissions.
Developers can save time and effort by using this package to reduce custom integration code up to 90%, enhancing application security.
Externalizing authorization helps simplify audits, maintainable code, and security model evolution by decoupling authorization logic.
One method is using Cedar, an open-source SDK for creating and enforcing authorization policies, as described with a Pet Store example.
Verified Permissions offers a managed service for Cedar, simplifying policy governance, scalability, and auditing.
The article details steps for implementing authorization in Express with Verified Permissions, including creating policies, connecting to an OIDC provider, and authorizing API access.
The integration architecture involves using AWS CLI, setting up identity providers, creating policies, and calling Verified Permissions for authorization.
Developers can test the application to verify access control rules based on user groups and ensure proper authorization functioning.
The @verifiedpermissions/authorization-clients-js package facilitates Express developers in securely integrating with Verified Permissions, leading to simplified audits and enhanced productivity.
The Cedar Analysis CLI tool aids in analyzing and verifying authorization policies, offering further insight for developers.
The packages are open source under the Apache 2.0 license on GitHub and NPM, providing resources for developers to improve security and permissions management.

Read Full Article

24 Likes

Tech Radar

321

Image Credit: Tech Radar

Whole Foods supplier targeted by cyberattack says it is making ‘significant progress’ towards recovery

United Natural Foods Inc (UNFI) is recovering from a cyberattack suspected to be ransomware.
The company is working on restoring electronic ordering systems and increasing operational capacity.
They are using alternative processes to ensure customers still receive their products.
The total impact of the attack is not fully known, and no group has claimed responsibility yet.
UNFI's whole network was shut down to prevent more devices from being compromised.
The attack has heavily affected UNFI's primary distribution partner, Whole Foods.
Retailers in 2025 have faced substantial financial losses and reputational damage due to cyberattacks.
Customers are advised to consider using identity theft protection software to secure their data.

Read Full Article

19 Likes

Amazon

101

Image Credit: Amazon

Improve your security posture using Amazon threat intelligence on AWS Network Firewall

AWS customers often rely on third-party threat feeds and scanners with limited visibility to protect AWS workloads against active threats, leading to delayed responses.
Active threat defense in AWS Network Firewall uses Amazon threat intelligence through MadPot to automatically block malicious traffic and update rules for immediate protection.
Network Firewall with active threat defense offers streamlined operations, rapid protection updates, and deep threat inspection for collective defense.
Users can easily enable the active threat defense managed rule group within Network Firewall to protect against various types of threats.
Considerations include the use of TLS inspection for HTTPS traffic, mitigating false positives, and managing stateful rule group limits.
The post emphasizes the importance of leveraging AWS Network Firewall active threat defense to enhance cloud workload security.
Prerequisites include creating a firewall policy and a firewall before setting up the active threat defense managed rule group.
Customers can utilize active threat defense with AWS Network Firewall in all Regions where Network Firewall is available.
Pricing details for active threat defense can be found on the AWS Network Firewall pricing page.
The active threat defense managed rule group enhances security by automatically blocking threats using Amazon threat intelligence.

Read Full Article

6 Likes

Dev

191

Image Credit: Dev

Mastering Kubernetes Security: A Practical Guide to Hardening Your Clusters

Securing Kubernetes environments is crucial for organizations using containerized applications, necessitating a robust defense strategy.
Key Steps for Securing Kubernetes Clusters:
1. Secure Image Building: Start with minimal base images, use multi-stage builds, run containers as non-root users, and remove unnecessary components.
2. Vulnerability Scanning in CI/CD: Integrate tools like Trivy and Clair to scan images for vulnerabilities before deployment.
3. Code Example: The provided Dockerfile showcases a secure multi-stage build for a Go application using Alpine as the base image.
To scan the image, use Trivy to identify and address any vulnerabilities found.

Read Full Article

12 Likes

The Register

Image Credit: The Register

Redefining identity security in the age of agentic AI

Agentic AI systems are transforming cybersecurity by operating autonomously and adapting continuously without human input.
Enterprises scaling their AI deployments need to evolve identity security to maintain control, manage risks, and uphold trust.
Unlike traditional AI, agentic AI systems operate independently, coordinate with other agents, and optimize outcomes without human-defined boundaries.
Autonomous AI agents in healthcare, finance, and emergency response sectors handle tasks independently, shifting focus from assistance to autonomous execution.
The shift to autonomous AI necessitates dynamic identity models that accommodate machine-led decision-making at scale to counter evolving security risks.
Threat actors exploit AI's autonomy by mimicking human identities, bypassing controls, and elevating privileges, making autonomous systems vulnerable to attacks.
Identity security approaches need to evolve to address the rising sophistication of machine agents, scrutinizing every action for potential risks.
Key priorities in identity security for AI include lifecycle governance, contextual authorization, traceability, and just-in-time access to limit exposure in case of compromise.
Delinea proposes an identity-first security strategy for AI, emphasizing automated policy enforcement, least-privilege principles, and regulatory compliance for machine identities.
Organizations should inventory machine identities, define behavioral boundaries, adopt least privilege models, go beyond authentication, and continuously audit AI agent activity to enhance security.
Agentic AI is already influencing core business operations, and organizations embedding identity into their AI strategies will be better equipped to defend against threats and drive responsible AI innovation.

Read Full Article

1 Like

Secureerpinc

343

Image Credit: Secureerpinc

Phishing Scam Mimics Google Program To Hack Facebook Accounts

Cybercriminals are using Google AppSheet to send phishing emails that mimic Facebook login pages.
The phishing emails are sent from an official-looking address, tricking users into providing their 2FA codes and login credentials.
Companies can combat social engineering attacks by raising awareness among staff about phishing strategies like spear phishing, clone phishing, smishing, and whaling.
Fostering a culture of vigilance is important to identify red flags in phishing emails, such as unusual sender addresses, generic greetings, spelling errors, and urgent language.
Strict login protocols with strong passwords and multi-factor authentication can help enhance security for company accounts.
Investing in cybersecurity tools like spam filters, secure gateways, firewalls, and antivirus software can minimize risks and detect potential threats.
Recent phishing scam incidents serve as a reminder for businesses to take proactive measures in cybersecurity to prevent devastating cyberattacks.

Read Full Article

20 Likes

Qad

348

Image Credit: Qad

The Evolving Imperative of IT Investment

IT has evolved into a crucial driver of competitive advantage, requiring a reevaluation of strategies and priorities.
Challenges include delivering more with fewer resources and the risk of not updating legacy systems.
Businesses are increasingly reliant on digital infrastructure, integrating IT systems into every aspect of operations.
Cybersecurity concerns have grown with the rise of cyberattacks, emphasizing the need for proactive security measures.
IT downtime costs are significant, highlighting the importance of investing in reliable systems and recovery plans.
Southwest Airlines faced operational disruptions due to outdated IT systems, showcasing the risks of underinvestment.
IT investment is a strategic imperative to mitigate financial losses, reputational damage, and operational disruptions.
Regular testing of Disaster Recovery plans and vulnerability assessments are essential for robust IT infrastructure.
Compliance requirements and the potential for undetected breaches add complexity and risk to IT systems.
QAD's Adaptive Applications in the cloud offer a comprehensive solution to support strategic business objectives.
Organizations can mitigate risk and secure their future by embracing an evolutionary IT approach.

Read Full Article

20 Likes

Tech Radar

Image Credit: Tech Radar

After hitting top retail stores, experts warn this infamous criminal gang is now going after US insurance giants

The Scattered Spider cybercrime gang has shifted focus from attacking retailers to targeting insurance companies in the US.
Google Threat Intelligence Group (GTIG) researchers have detected multiple intrusions in the US, with a particular emphasis on the insurance industry.
Scattered Spider, a cybercriminal organization part of 'the Com,' is known for targeting industries sequentially and has now set its sights on the insurance sector.
The gang recently targeted high-end retailers in the UK and engaged in social engineering, SIM swapping, and ransomware attacks against US companies.
Insurance organizations are advised to be vigilant against social engineering schemes aimed at their help desks and call centers.
Recent cyberattacks reported by Erie Insurance and Philadelphia Insurance Company align with Scattered Spider's modus operandi, although not confirmed.
The cybercriminals typically initiate attacks with fake helpdesk calls to gain device access before deploying the DragonForce ransomware.
Defending against ransomware involves raising awareness among employees about phishing and social engineering tactics.

Read Full Article

5 Likes

AWS Blogs

405

Image Credit: AWS Blogs

Verify internal access to critical AWS resources with new IAM Access Analyzer capabilities

AWS IAM Access Analyzer introduces new capability to verify access to critical AWS resources, aiding security teams in ensuring access control.
The feature provides visibility into internal access within AWS organizations, supplementing external access analysis.
It helps regulated industries like financial services and healthcare verify access to sensitive data stores such as Amazon S3 buckets.
The automated reasoning feature evaluates various policies and generates findings for internal access to resources like S3 buckets and Amazon RDS snapshots.
Users can utilize Amazon EventBridge to notify teams of new findings and strengthen access controls.
The tool simplifies access review and management, aiding compliance teams in demonstrating access control audit requirements.
To utilize the capability, users can enable IAM Access Analyzer in the AWS Management Console and create an analyzer with specific settings.
Zone of trust settings determine the scope of analysis, evaluating IAM roles and users either within the organization or specific account.
After setting up the analyzer and selecting resources for analysis, IAM Access Analyzer generates daily findings on access granted within the organization.
The tool categorizes access into public, external, and internal access, providing a resource-centric view for easy analysis and management.
IAM Access Analyzer ensures policies comply with least-privilege requirements and provides detailed information on IAM actions and conditions.

Read Full Article

24 Likes

TechCrunch

180

Image Credit: TechCrunch

As grocery shortages persist, UNFI says it’s recovering from cyberattack

UNFI is making progress in recovering from a cyberattack that occurred almost two weeks ago, causing grocery shortages across North America.
The company is working on restoring its electronic ordering systems used by customers like grocery stores and supermarkets.
UNFI has not disclosed the nature of the cyberattack but mentioned shutting down its network to contain the incident.
Whole Foods, a major grocery chain affected, is experiencing shelf shortages due to the UNFI outages.
Various grocery stores have reported disruptions in supplies, with some still facing issues in ordering from UNFI.
The Defense Commissary Agency's stores, serving military personnel, have also been impacted by the UNFI cyberattack.
UNFI has not provided a timeline for recovery from the cyberattack.

Read Full Article

10 Likes

For uninterrupted reading, download the app