menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Security News

Cyber Security News

source image

Tech Radar

1d

read

536

img
dot

Image Credit: Tech Radar

Your employee logins are more valuable to criminals than ever - here's how to keep them protected

  • Hackers are increasingly targeting employee login credentials with advanced tools that are cheap and easily accessible.
  • Identity-based attacks have surged by more than twofold (156%) since 2023, with more than half (59%) of cyber-incidents in Q1 2025 being attributed to this type of attack.
  • Phishing-as-a-Service platforms like Tycoon 2FA and inexpensive infostealing malware are contributing to the rise in identity-based attacks, allowing hackers to intercept credentials and session data.
  • These obtained credentials are often used in Business Email Compromise (BEC) attacks, where criminals either infiltrate executives' emails or impersonate corporate officers to deceive employees into transferring money or sharing sensitive information.

Read Full Article

like

8 Likes

source image

Tech Radar

1d

read

244

img
dot

Image Credit: Tech Radar

OpenAI is reportedly upping security following rumored foreign threats

  • OpenAI is reportedly boosting its security measures to counter corporate espionage rumors and potential foreign threats.
  • DeepSeek, a Chinese startup, has released a competing AI model using distillation to replicate OpenAI's technology.
  • OpenAI has implemented new security policies restricting employee access, keeping proprietary technologies offline, and enhancing physical security.
  • The company is funding AI security research initiatives and strengthening its cybersecurity teams in response to the increasing threats and challenges.

Read Full Article

like

10 Likes

source image

Siliconangle

1d

read

159

img
dot

Image Credit: Siliconangle

Coralogix and AWS team up to enhance AI observability and threat detection

  • Coralogix and AWS have announced a new collaboration agreement to enhance AI-powered observability and security solutions.
  • The collaboration aims to utilize Amazon Bedrock for advanced monitoring, moving beyond static rules for anomaly detection.
  • Integration of Amazon Bedrock with Coralogix's platform enables proactive anomaly detection and improved system reliability.
  • The partnership also includes solutions for AWS WAF and Amazon CloudFront monitoring, delivering comprehensive threat detection for AWS customers.

Read Full Article

like

9 Likes

source image

Medium

1d

read

45

img
dot

Image Credit: Medium

Is your phone acting weird? Here’s what might be going on.

  • Experiencing significant battery drain on your phone could be a sign of malware, especially if an unfamiliar app is consuming a large portion of the battery.
  • If your phone becomes excessively warm even when not in use, it may indicate malware forcing the processor to work excessively.
  • Sudden spikes in data usage without explanation could be a result of malware uploading data without your knowledge, so monitoring data usage is important.
  • Unexpected behavior like apps launching on their own, random restarts, or strange messages may indicate malware presence on your phone.

Read Full Article

like

2 Likes

source image

Tech Radar

1d

read

198

img
dot

Image Credit: Tech Radar

CitrixBleed 2 exploits are now in the wild, so patch now

  • CitrixBleed 2, a vulnerability in Citrix NetScaler ADC and NetScaler Gateway, is actively being exploited in the wild by threat actors.
  • The flaw allows hijacking user sessions and access to environments. Security researchers warn that the majority of instances remain unpatched.
  • WatchTowr Labs found a significant portion of users had not patched against CitrixBleed 2, urging immediate action as exploitation is ongoing.
  • Citrix is redirecting media inquiries to a blog post stating there is currently no evidence of exploitation, but also stresses the importance of immediate updates due to active exploitation.

Read Full Article

like

11 Likes

source image

Global Fintech Series

1d

read

1.3k

img
dot

Image Credit: Global Fintech Series

Global Fintech Interview with Radha Suvarna, Chief Product Officer of Payments at Finastra

  • Radha Suvarna discusses evolution of payment processing systems and impact of AI.
  • Finastra collaborates on ISO 20022 transition, modern payment infrastructure, and innovation.
  • Payment systems evolving with AI automation, faster processing, and improved customer experiences.
  • Global tech innovations focus on ISO 20022, cloud platforms, and customer-centric solutions.
  • Fintech landscape shifting towards seamless, connected payment ecosystem with advanced technology.

Read Full Article

like

20 Likes

source image

Securelist

1d

read

293

img
dot

Image Credit: Securelist

Approach to mainframe penetration testing on z/OS. Deep dive into RACF

  • Dissecting mainframe penetration testing techniques on z/OS, particularly focused on RACF security package.
  • Deep dive into RACF database structure, internal architecture, and its decision-making logic.
  • Developed utility racfudit, facilitates offline analysis of RACF database, provides insights for security analysis.
  • Exploring RACF profile relationships, user authorization flows within z/OS, and password hashing algorithms.
  • Detailed overview of DES and KDFAES encryption algorithms for RACF password and phrase hashes.

Read Full Article

like

17 Likes

source image

Tech Radar

1d

read

278

img
dot

Image Credit: Tech Radar

Many companies are still failing to budget for cybersecurity

  • Despite increasing cyber threats, a report by ESET reveals that 38% of businesses lack cybersecurity budgets or have no plans to increase them.
  • Small companies are less likely to have cybersecurity budgets compared to larger companies.
  • Reputational damages from cyberattacks can be as damaging as financial losses, as highlighted by recent attacks on M&S and Co-op.
  • ESET Global Cybersecurity Advisor emphasizes the importance of collaborative efforts among industries, cybersecurity providers, and governments to enhance digital defenses.

Read Full Article

like

16 Likes

source image

The Register

1d

read

160

img
dot

Image Credit: The Register

Is your password ecosystem ready for the regulators?

  • Regulators push companies to enhance password security amidst rising credential theft incidents.
  • Frameworks like PCI-DSS enforce strict password complexity rules and multi-factor authentication.
  • NIST recommends longer passwords over complexity, warns against hints, and emphasizes MFA.
  • Specops Password Auditor aids in assessing password security posture and compliance with regulations.

Read Full Article

like

9 Likes

source image

Securityaffairs

1d

read

294

img
dot

Image Credit: Securityaffairs

IT Worker arrested for selling access in $100M PIX cyber heist

  • Brazilian police arrested IT worker João Roque for allegedly aiding a cyberattack that stole over $100 million through the PIX banking system.
  • Roque is accused of selling system access and developing a tool for fund diversion, claiming he only communicated with criminals via phone and changed devices frequently to avoid detection.
  • The cyberattack targeted multiple financial institutions, leading to at least six being impacted, resulting in the market being shaken.
  • Authorities have frozen $270 million, suspended part of C&M's operations to prevent further attacks, and confirmed the company's systems were not the source of the breach.

Read Full Article

like

17 Likes

source image

Semiengineering

1d

read

187

img
dot

Image Credit: Semiengineering

10Base-T1S Ethernet And The Use Of MACsec For Link Security

  • 10Base-T1S is a new standard for 10Mbit/s Ethernet over a single twisted pair.
  • Adoption of T1S in automotive and industrial fields aims for cost-efficiency and standardization.
  • MACsec protocol is crucial for securing T1S physical wires in remote locations.
  • Open Alliance promotes T1S use and works on defining MACsec network security profiles.
  • Efforts are ongoing to ensure efficient MACsec implementation for T1S applications.

Read Full Article

like

11 Likes

source image

Nordicapis

1d

read

80

img
dot

Why API Gateways Shouldn’t Handle Identity Alone

  • API gateways excel at routing, rate limiting, and protocol management in modern architectures.
  • Delegating identity tasks to gateways leads to complexity, limited flexibility, and security risks.
  • Offloading identity to purpose-built providers ensures better scalability, security, and maintainability.

Read Full Article

like

4 Likes

source image

Dev

1d

read

260

img
dot

Image Credit: Dev

XSS Attack Types Explained — and How SafeLine WAF Stops Them

  • Cross-Site Scripting (XSS) is a prevalent web application vulnerability that can lead to data theft, session hijacking, or unauthorized actions by injecting malicious scripts into trusted web pages.
  • The post explains the three main types of XSS attacks: Stored XSS, Reflected XSS, and DOM-Based XSS with real-world examples.
  • SafeLine WAF is an open-source Web Application Firewall designed to defend against XSS attacks by filtering input, escaping user-generated content, and providing real-time detection and blocking.
  • SafeLine WAF ensures the safety of web applications by inspecting and sanitizing user inputs, automatically escaping user-generated content, and detecting suspicious requests to prevent XSS attacks.

Read Full Article

like

15 Likes

source image

Tech Radar

1d

read

184

img
dot

Image Credit: Tech Radar

Get the dunce's cap - experts warn pathetically weak passwords in the education sector leave classrooms at risk

  • A new study by NordVPN reveals that weak passwords in the education sector put schools and universities at risk of cyber attacks.
  • Commonly used passwords like '123456' and 'password' are leaving educational institutions vulnerable to hackers.
  • Hackers are targeting schools and universities to steal personal information for identity theft purposes.
  • Experts recommend using strong passwords with a mix of characters to enhance security in educational settings.

Read Full Article

like

11 Likes

source image

Dev

1d

read

103

img
dot

Image Credit: Dev

How SafeLine WAF Blocks Brute Force Attacks and Protects Your Site

  • SafeLine WAF is a free and open-source Web Application Firewall that defends websites against various threats, including brute force attacks.
  • Key features of SafeLine WAF include protection against SQL injection, XSS attacks, brute force login attempts, command and code injections, among others.
  • SafeLine effectively combats brute force attacks through rate limiting login attempts, real-time monitoring with alerts, and IP blacklisting.
  • The SafeLine WAF provides a comprehensive defense strategy for websites of all sizes, offering strong protection against modern web threats.

Read Full Article

like

6 Likes

For uninterrupted reading, download the app