menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Cybersecurity-Insiders

1d

read

88

img
dot

Image Credit: Cybersecurity-Insiders

Germany Investigates BadBox Malware Infections, Targeting Over 192,000 Devices

  • Germany has launched an investigation into reports of a significant cyber threat believed to be linked to the BadBox Malware, which has allegedly infected over 192,000 devices across the country.
  • The malware primarily targets devices running outdated or unsupported operating systems, bypassing traditional security features and engaging in activities such as data exfiltration, ad fraud and espionage, ransomware distribution, and acting as a proxy.
  • Experts emphasize the importance of regular device updates, installing reliable security software, being cautious about suspicious apps or downloads, and following best practices for mobile security to protect against such threats.
  • Ongoing investigations aim at mitigating the impact of BadBox and similar malware, highlighting the need for global cooperation in cybersecurity and ongoing education and awareness around digital safety practices.

Read Full Article

like

5 Likes

source image

Dev

1d

read

84

img
dot

Image Credit: Dev

Understanding SSH: Secure Shell Protocol

  • SSH, or Secure Shell, is a network protocol that provides secure remote access to computers over unsecured networks, ensuring encrypted data communications and strong authentication.
  • SSH is widely used by network administrators for secure remote management of systems, executing commands, and transferring files between computers over a network.
  • SSH supports both password and public key authentication, with the latter being more secure. SSH keys consist of a public and a private key, where the public key is shared and the private key is kept secure.
  • SSH uses encryption techniques like symmetric and asymmetric encryption, along with hashing, to secure data transmission and authenticate users and hosts.

Read Full Article

like

5 Likes

source image

Dev

1d

read

15

img
dot

Image Credit: Dev

Advanced CSRF Protection with RSA

  • Advanced CSRF Protection with RSA encryption adds an extra layer of security and prevents unauthorized API usage, stale requests and brute-force attempts.
  • This approach uses RSA asymmetric encryption to verify the integrity of API requests and securely encrypts request metadata like method, URL, and timestamp.
  • The payload containing the encrypted data in the custom header is decrypted on the backend.
  • If the validation passes, only then the API request is processed, or else the request is rejected.
  • The article includes code snippets for client-side implementation (React + Axios) and backend implementation (Node.js + Express).
  • This approach grants three key features such as asymmetric encryption, request freshness, and method & URL validation.
  • The method is applicable to all API interactions and prevents criminals from misusing APIs outside of the browser.
  • The project 'Winzy Social' implemented this approach to enhance the security of API interactions and prevent unauthorized or stale requests.
  • The author encourages readers to try this approach and enhance their application security with encrypted, timestamped CSRF tokens.
  • The code repository and Live Demo are available on GitHub in the article.

Read Full Article

like

Like

source image

Gritdaily

1d

read

263

img
dot

Image Credit: Gritdaily

Whedly Beautelus Aims to Empower Small Businesses to Fight Cyber Threats

  • Whedly Beautelus aims to empower small businesses to fight cyber threats.
  • Whedly provides solutions to protect data and information systems, develop cybersecurity policies, and train employees.
  • His work focuses on creating a safe environment for businesses by evaluating risks, implementing security measures, and conducting research.
  • Whedly emphasizes the importance of cybersecurity awareness and collaboration to address the growing threat landscape.

Read Full Article

like

15 Likes

source image

Tech Radar

1d

read

46

img
dot

Image Credit: Tech Radar

New Androxgh0st botnet targets vulnerabilities in IoT devices and web applications via Mozi integration

  • Researchers have identified an evolution in the Androxgh0st botnet, integrating Mozi's capabilities and targeting IoT devices and web applications.
  • Androxgh0st, initially a web server-targeted attack, can now exploit vulnerabilities in IoT devices using Mozi's advanced techniques.
  • The fusion with Mozi allows Androxgh0st to spread efficiently through vulnerable devices, including routers and connected technology.
  • Androxgh0st has expanded its range of targeted vulnerabilities, attacking major technologies and utilizing brute-force and injection techniques.

Read Full Article

like

2 Likes

source image

Tech Radar

1d

read

198

img
dot

Image Credit: Tech Radar

TrueNAS device vulnerabilities exposed during hacking competition

  • Security researchers identified vulnerabilities in TrueNAS devices during the Pwn2Own Ireland 2024 event.
  • Multiple teams successfully exploited TrueNAS Mini X devices, showcasing interconnected vulnerabilities between network devices.
  • TrueNAS is implementing updates to secure their products against the discovered vulnerabilities.
  • Users are advised to follow security recommendations to protect their data storage systems.

Read Full Article

like

11 Likes

source image

Dev

1d

read

97

img
dot

Image Credit: Dev

Managing and Securing Access to AWS Resources Using IAM

  • This article explores the basics of AWS Identity and Access Management (IAM), a powerful web service that helps you securely manage access to your AWS resources.
  • The article guides you through the process of creating IAM users, adding them to IAM groups, and applying permission policies to control access to various services in your AWS account.
  • Before starting to use IAM, make sure you have an AWS account, understanding of basic AWS services such as EC2, S3, and IAM, Administrator Access to the AWS Account, and access to the AWS Management Console.
  • To start managing and securing access to AWS resources using IAM, start by signing in to the AWS Management Console.
  • After that, set up IAM users. Created IAM users can have access to AWS resources with a specific set of permissions that define their level of access.
  • Next, create IAM groups that organize the users and apply common permissions to all users within a group, instead of managing individual permissions for each user.
  • By applying Permission policies, IAM policies can be used to enforce different levels of access for various user groups based on their roles.
  • The article validates the set permissions by logging in using Dev-Team users and trying to delete S3 buckets and terminate EC2 instances. This demonstrates how IAM policies can be used to enforce different levels of access for various user groups based on their roles.
  • IAM ensures that you have fine-grained control over who can access your AWS resources and what actions they can perform.
  • By the end of this post, you'll have a solid understanding of how to manage user access efficiently and ensure your AWS environment stays secure.

Read Full Article

like

5 Likes

source image

Dev

2d

read

206

img
dot

Image Credit: Dev

Get Phished by a Public AWS Systems Manager Automation Document

  • A phishing attack targeting AWS users was discovered involving a public AWS Systems Manager Automation Document.
  • The attack used a crafted URL that resembled a legitimate AWS Console link to trick users.
  • By clicking the link, users unknowingly executed a malicious SSM document, leading to unauthorized access, data exfiltration, and malware deployment.
  • Preventative measures include increasing awareness, verifying SSM document owners, implementing enhanced warnings in the AWS Console, and refining permission settings.

Read Full Article

like

12 Likes

source image

Securityaffairs

2d

read

120

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

  • BadBox rapidly grows, 190,000 Android devices infected
  • Romanian national sentenced to 20 years for NetWalker ransomware attacks
  • Sophos fixes critical vulnerabilities in its Firewall product
  • U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

Read Full Article

like

7 Likes

source image

Tech Radar

2d

read

292

img
dot

Image Credit: Tech Radar

Open source machine learning systems are highly vulnerable to security threats

  • Recent analysis reveals that open-source machine learning systems are highly vulnerable to security threats.
  • JFrog's report uncovers 22 vulnerabilities in 15 open-source ML projects, with threats targeting server-side components and privilege escalation within ML frameworks.
  • Specific vulnerabilities include the Directory Traversal flaw in Weave, compromising file access, and the access control issue in ZenML Cloud, enabling privilege escalation.
  • The findings highlight a gap in MLOps security and emphasize the need to integrate AI/ML security with broader cybersecurity strategies.

Read Full Article

like

17 Likes

source image

Hackernoon

2d

read

374

img
dot

Image Credit: Hackernoon

The Cyber Resilience Act: A Field Guide for CTOs and CISOs

  • The Cyber Resilience Act (CRA) establishes comprehensive cybersecurity requirements for products with digital elements, including both hardware and software.
  • The regulation requires standard best practices that most mid to large enterprises already have in place.
  • The CRA applies to all organizations exporting products with digital elements to the EU market.
  • The key dates and timelines for the Cyber Resilience Act (CRA) are: December 10, 2024, when the CRA entered into force and December 11, 2027, for compliance obligations.
  • Sectors most affected include IoT, Critical Infrastructure, and Consumer Electronics sectors.
  • CTOs and CISOs share responsibility for implementing CRA compliance but approach it from distinct perspectives.
  • Effective CRA compliance requires a unified approach between technical and security leadership.
  • Failing to comply with the CRA can result in severe financial penalties, reputational damage, and operational disruptions.
  • To ensure compliance readiness, regular communication is essential between CISOs, CTOs, and compliance officers.
  • Cross-functional training sessions must be conducted to keep all teams informed about CRA updates and best practices.

Read Full Article

like

22 Likes

source image

The Fintech Times

2d

read

332

img
dot

SIM Farm Fraudsters Caught and Sentenced in the UK Having Stolen £220,000

  • Three fraudsters who operated a SIM farm in the UK have been caught and sentenced following a joint effort by the Dedicated Card and Payment Crime Unit (DCPCU) and the banking industry. Emanuel Oxford-Faparusi, Syrus Johnson-Faparusi, and Uchechukwu Orjih posed as legitimate organizations to deceive banking customers into providing their personal and banking details. They stole a total of £223,183.53 through fraudulent texts and calls between August 2022 and March 2024.
  • Once the victims provided their card details, the fraudsters made fraudulent online purchases, transferred money to controlled accounts, and subsequently withdrew the funds. The perpetrators were sentenced to a combined six years and nine months in prison.
  • During the investigation, the police recovered two SIM farms, multiple computers, and phones containing phishing website templates, smishing software, and around 160,000 sets of personal and financial data.
  • Emanuel Oxford-Faparusi received a 42-month prison sentence, Syrus Johnson-Faparusi received 18 months, and Uchechukwu Orjih received a 21-month sentence suspended for two years. All three individuals were also given Criminal Behaviour Orders for a five-year period.

Read Full Article

like

20 Likes

source image

Securityaffairs

2d

read

243

img
dot

Image Credit: Securityaffairs

US charged Dual Russian and Israeli National as LockBit Ransomware developer

  • Rostislav Panev, a dual Russian-Israeli national, has been charged as a developer of the LockBit ransomware group.
  • Panev was arrested in Israel in August and is awaiting extradition to the U.S.
  • LockBit ransomware group attacked over 2,500 victims worldwide, extracted $500M in ransoms, and caused billions in damages.
  • Panev developed code to disable antivirus software, deploy malware, and print ransom notes for the LockBit group.

Read Full Article

like

14 Likes

source image

TechViral

2d

read

19

img
dot

Image Credit: TechViral

9 Best Ways To Hide & Change Your IP Address (PC, Android & iPhone)

  • An internet protocol (IP) address is assigned to every device connected to the internet and is unique but not static.
  • People hide their IP address to prevent web tracking, avoid leaving a digital footprint, bypass blocked sites on IP addresses,protect privacy and unblock the sites that are blocked on their IP Address.
  • One of the ways to hide your IP address is by using Web Proxies, which act as a mediator between the internet user and the destination website.
  • Another way is to use public Wi-Fi hotspots available in coffee shops, hotels, etc. as your IP address will change based on the router's location.
  • You can also use a VPN program, which is beneficial to hide or alter your IP address. Some of the best VPN programs are Turbo VPN, Betternet, Proton VPN, and TunnelBear, SurfEasy VPN, Hotspot Shield for Androids and iPhones.
  • You can also change your internet IP address by unplugging your modem for at least two hours or using Tor.
  • Opera Browser now offers free unlimited VPN and does not require a sign-in or setup.
  • Other methods of hiding and changing your IP address include using the mobile network and public Wi-Fi.
  • Hiding IP address is very important for privacy protection and to prevent unauthorized activities such as hacking and terrorism.
  • Internet users should always keep their IP address hidden for their own safety and privacy.

Read Full Article

like

1 Like

source image

Medium

2d

read

373

img
dot

Image Credit: Medium

PII in the Age of AI: Balancing Innovation with Privacy

  • Personal Identifiable Information (PII) presents unique challenges and ethical dilemmas in the age of AI.
  • AI systems rely on PII to optimize experiences, but they also amplify risks and raise legal and ethical questions.
  • Challenges include cyberattacks, biased decision-making, lack of transparency, and difficulties in complying with regulations.
  • However, techniques like differential privacy, anonymization, encryption, and prioritizing ethical use of PII offer hope for safeguarding privacy while leveraging AI's capabilities.

Read Full Article

like

22 Likes

For uninterrupted reading, download the app