A naukri.com initiative
Cyber Security News
TechViral
3w
101
Image Credit: TechViral
How to Remove Avast SafePrice from PC
- Avast SafePrice is a free browser extension to help users save money while shopping online.
- It displays best offers, deals, and discount coupons from trusted e-shops when browsing.
- The extension is available for major web browsers like Chrome, Firefox, and Edge.
- Avast SafePrice automatically scans shopping sites for coupons and deals.
- It is not a virus but a component of Avast Antivirus ensuring security while online shopping.
- Avast SafePrice collects anonymous data to find the best prices, not connected to personal data.
- To remove Avast SafePrice from a computer, one can uninstall the extension from the browser's extension manager.
- Alternatively, it can be uninstalled from the Avast Antivirus interface by going to Settings and Components.
- Another method involves removing it from the Control Panel by changing the Avast Antivirus setup.
- Following these steps will help in eliminating Avast SafePrice from the PC.
Read Full Article
6 Likes
Securityaffairs
3w
301
Image Credit: Securityaffairs
Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION
- Palo Alto Networks fixed multiple privilege escalation flaws.
- Unusual toolset used in recent Fog Ransomware attack.
- Cyberattack on United Natural Foods led to bread shortages and bare shelves.
- Apple confirms actively exploited flaw in Messages app.
- Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer.
- Paragon Graphite Spyware hacks two journalists' iPhones with zero-day exploit.
- SinoTrack GPS device flaws allow remote vehicle control and tracking.
- U.S. CISA adds Wazuh and WebDAV flaws to Known Exploited Vulnerabilities list.
- Over 40,000 security cameras exposed to remote hacking.
- INTERPOL dismantles 20,000+ malicious IPs in cybercrime crackdown.
- Roundcube RCE bug exploited on over 80,000 servers.
- Data breach at Texas Department of Transportation exposes 300,000 crash reports.
- Mirai botnets exploit Wazuh RCE, and a China-linked threat actor targets over 70 orgs.
- DOJ aims to seize $7.74M in crypto related to North Korean IT worker scam.
- OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops.
- New Mirai botnet targets TBK DVRs, and FBI warns of BadBox 2.0 botnet affecting millions of IoT devices.
- Over 950K weekly downloads at risk in Gluestack supply chain attack.
Read Full Article
18 Likes
Medium
3w
323
Image Credit: Medium
Moving from Google to Proton. Sort of.
- The transition from Google to Proton includes access to Proton Wallet and Proton Docs on the web client.
- Proton Docs is a Word-like tool that integrates well with Proton Drive.
- Proton Mail, Calendar, and Proton Pass function as expected, with the latter potentially replacing LastPass.
- The VPN is effective, but free UK users are limited to connecting to a server in the Netherlands.
- Adding a spreadsheet tool and an end-to-end notes application could significantly enhance Proton's services.
- Proton is collaborating with Standard Notes, possibly offering discounts to Proton paid plan users.
- While using Obsidian for notes currently, there are considerations for transitioning notes locally.
- A challenge arises with calendar synchronization as Google Calendar and Proton Calendar lack seamless read-write functionality.
- Despite enjoying the Proton experience, the user is not ready to completely abandon their Google account yet.
- The individual plans to continue using Proton over the next few months to assess the overall experience.
- The decision to fully transition from Google will depend on the balance between security and privacy features and potential functional limitations experienced on Proton.
- There is curiosity about others who have made the switch to Proton and how their experience has been.
- The individual is open to either fully embracing Proton or potentially retaining Google depending on the outcomes of their trial period.
- Overall, the user is optimistic about using Proton but acknowledges the possibility of facing challenges with feature disparity compared to Google.
- The user is particularly interested in the future of Proton's services and how they may evolve.
- The potential for smoother integration of Proton's tools with improved features could solidify the decision to fully transition away from Google.
Read Full Article
19 Likes
Dev
4w
31
Image Credit: Dev
See what scira.ai searched for me
- Aniruddha Adak is a polyglot software engineer known for his work in React frontends and AI-driven backend services.
- Raised in Kolkata, he started coding in high school and pursued a B.Tech. in Computer Science.
- Adak focuses on crafting user-centric web experiences, such as developing FolioMotion theme for developer portfolios.
- He is also involved in AI/ML solutions like MarketPulse AI for market intelligence briefs and VocalScribe for audio transcripts.
- Adak actively contributes to open-source projects and engages with the community through platforms like GitHub and Product Hunt.
- Outside of coding, he enjoys Bollywood thrillers and tabletop RPG sessions with friends.
- Aniruddha Adak's approach to software development emphasizes personal authenticity and continuous experimentation.
Read Full Article
1 Like
Tech Radar
4w
354
Image Credit: Tech Radar
Hackers are using Google.com to deliver malware by bypassing antivirus software. Here's how to stay safe
- A new browser-based malware campaign uses Google.com to bypass antivirus defenses.
- The malware is activated during checkout, posing a threat to online payments.
- The malicious script opens a WebSocket connection for remote control, unnoticed by users.
- The attack originates from a compromised ecommerce site referencing a Google OAuth logout URL.
- The script decodes and executes a JavaScript payload under specific conditions.
- Because the script loads from a trusted Google domain, many security filters allow it through.
- The malware dynamically executes payloads using base64 encoding and JavaScript's Function constructor.
- Attackers can run code in real-time in the browser, evading detection by top antivirus programs.
- The malware's obfuscated logic and activation conditions make it hard to detect even for advanced tools.
- Antivirus apps may not flag JavaScript payloads delivered through legitimate OAuth flows.
- Enterprise security tools may struggle to detect this activity if they rely on domain reputation.
- Basic precautions like limiting third-party scripts and monitoring unexpected behaviors can reduce risk.
- Advanced users and cybersecurity teams may use content inspection proxies for anomaly detection.
- Separating browser sessions for financial transactions could help increase security.
- The attack highlights the need to stay vigilant and take steps to enhance browser security.
- The article provides insights on how attackers are exploiting trusted domains to deliver malware and offers tips on staying safe.
Read Full Article
21 Likes
TechCrunch
4w
35
Image Credit: TechCrunch
How to delete your 23andMe data
- DNA testing service 23andMe faced upheaval, being acquired by co-founder Anne Wojcicki's nonprofit for $305 million after bankruptcy protection.
- 1.9 million customers have requested deletion of their genetic data from 23andMe's servers, amounting to around 15% of its user base.
- Over two dozen states have sued against the sale of private data, requiring explicit consent before transfer or sale to a new entity.
- While 23andMe can't delete all genetic data due to partnerships and backups, users can take steps to protect themselves.
- To delete data: Go to Settings, navigate to 23andMe Data, click View, scroll to Delete Data, and select Permanently Delete Data with confirmation via email.
- Users can download their data before removal, but 23andMe may retain essential information required by law or for legal purposes.
- Users can change settings to destroy their stored test samples and revoke permissions for research use within account Preferences.
- Consent for research use can be withdrawn, but the deleted information cannot be erased.
- It's advisable to inform family members to delete their data too, considering the interrelated nature of genetic information.
- It's suggested to prompt friends and family to protect their data as well.
Read Full Article
2 Likes
Medium
4w
39
Escaping the Matrix — Reclaiming Autonomy in the Age of Digital Control
- We are experiencing a decline in personal freedom and autonomy due to the digital control we willingly participate in through our digital footprints.
- Our actions, like searches and purchases, are constantly recorded and analyzed, leading to a digital panopticon.
- To break free, we need to make conscious choices, regain agency, and use tools that prioritize user sovereignty.
- Escaping digital control requires ongoing vigilance, learning, and sacrificing convenience.
- Supporting open-source projects, sharing privacy knowledge, and advocating for stronger privacy laws are crucial in reclaiming autonomy.
- We face the option of being a passive data point or actively defending our digital autonomy.
- Choosing autonomy offers the freedom to think, choose, and exist beyond algorithms in our highly controlled era.
Read Full Article
2 Likes
Medium
4w
190
Image Credit: Medium
Day 63: Bash Scripting — Functions and Modularity
- Bash scripting allows for the use of functions and the source command to create modular tools.
- Functions can be used with the source command to enable modularity, especially in cybersecurity use cases like network reconnaissance and building scanner tools.
- This approach eliminates the need to repeat code in every script, offering efficiency and cleaner code.
- Common utility functions can be placed in a separate file, such as utils.sh, and loaded into the current shell session when running a main script.
- By modularizing code in separate files, functions and variables defined there become accessible and reusable in the main script.
- This design helps in avoiding repetitive logic and promotes code reusability across different scripts.
- Log analysis logic becomes reusable and can be utilized for writing cron jobs or alerting systems by sourcing the necessary functions.
- Using source for required functionalities in primary scripts enhances code security, testability, and scalability for various automation tasks.
Read Full Article
11 Likes
TechBullion
4w
398
Image Credit: TechBullion
Pakistan VPN Picks: 5 Best VPN Providers for Secure Browsing in June 2025
- Using a VPN in Pakistan has become essential due to increasing online restrictions, especially on platforms like TikTok.
- Surfshark is identified as the top VPN for TikTok in Pakistan in the June 2025 test, offering speed, security, and affordability.
- NordVPN is recommended as a premium choice, ensuring top-tier security and consistent performance on all networks in Pakistan.
- ExpressVPN and CyberGhost are mentioned as other VPN options that provide valuable benefits for specific user needs.
- Surfshark enables fast and private TikTok access even in environments like school or public Wi-Fi where restrictions may exist.
- NordVPN is highlighted for users seeking high-level security and reliable performance while accessing TikTok in Pakistan.
- Using a VPN helps bypass restrictions on platforms like TikTok by masking the user's IP and routing traffic through unrestricted countries.
- VPN encryption safeguards user data from ISPs, public Wi-Fi surveillance, and government monitoring, ensuring online activity remains private.
- A VPN can prevent slowdowns caused by ISPs targeting TikTok or other video services by concealing user activity.
- With a VPN, users can access and create content from different regions globally, expanding their online reach.
- If facing challenges accessing TikTok in Pakistan or concerned about online tracking, using a VPN is recommended for enhanced privacy and security.
- Surfshark is offering a discounted rate for users to try their services, while NordVPN provides a range of premium features for interested users.
Read Full Article
24 Likes
TechBullion
4w
372
Image Credit: TechBullion
Surfshark vs. ProtonVPN: Which VPN Offers Better Value, Security & Speed in 2025?
- In 2025, Surfshark and ProtonVPN are popular VPN choices known for strong security features and global access.
- Surfshark stands out for its budget-friendly price, support for unlimited devices, and features like CleanWeb and MultiHop.
- ProtonVPN, developed by the creators of ProtonMail, prioritizes privacy and operates from Switzerland.
- Surfshark is recommended for budget-conscious users, families, and frequent streamers, while ProtonVPN appeals to privacy advocates and open-source supporters.
- Surfshark excels in streaming international content with reliable access to platforms like Netflix, Hulu, and BBC iPlayer.
- ProtonVPN's streaming capabilities are more limited, especially on its free plan, making Surfshark a better choice for entertainment access.
- Surfshark is hailed for its value, versatility, and overall functionality, while ProtonVPN is praised for its transparency and commitment to privacy.
- Users looking for a VPN in 2025 can consider Surfshark for streaming and general use, while ProtonVPN is ideal for those valuing privacy and transparency.
- Disclaimer: This article serves as information and does not offer legal, financial, or cybersecurity advice. VPN performance can vary by region, network, and updates.
Read Full Article
22 Likes
Secureerpinc
4w
354
Image Credit: Secureerpinc
Chrome Admin Privileges Cut To Block Risky Extensions
- Future versions of Google Chrome may remove admin privileges to prevent harmful installations through risky extensions.
- Users often add Chrome extensions without realizing the potential security risks associated with malicious software hidden within these extensions.
- Malicious developers can use Chrome extensions to steal data, track browsing activities, or install more dangerous programs.
- Google engineers are implementing changes to de-elevate Chrome browser permissions automatically, limiting the risks associated with suspicious extensions.
- The default behavior for Chrome admin privileges is changing, but users can still adjust user permission settings in the admin console.
- To enhance cybersecurity, organizations are advised to educate their workforce on internet safety, regularly update software, and enable multi-factor authentication.
- Human error and work-related communications contribute significantly to data breaches, making education on recognizing cyber threats crucial.
- Keeping software up to date, including browser updates, enhances protection against cybersecurity threats and improves overall performance.
- Multi-factor authentication adds extra security layers, making it harder for threat actors to bypass login credentials and access sensitive data.
- Proactive cybersecurity measures, such as regular training, software updates, and MFA implementation, can strengthen an organization's defense against cyber threats.
Read Full Article
21 Likes
Hackers-Arise
4w
106
Image Credit: Hackers-Arise
Windows Network Exploitation with Impacket Framework
- Impacket is a Python library that provides low-level access to network protocols essential for network protocol exploitation and lateral movement in hacking/penetration testing.
- It implements Windows protocols like SMB, MSRPC, LDAP, and Kerberos, offering granular control over protocol communication.
- Impacket tools like psexec.py and wmiexec.py enable remote code execution on Windows systems using legitimate protocols, allowing blending with normal network traffic to evade detection.
- To install Impacket, one can clone from the GitHub repository, set it up in a Python virtual environment, and verify the installation.
- Usage examples such as running psexec.py for remote code execution, leveraging PSExec utility, and using various methods like PowerShell for evasion are discussed.
- Credential harvesting with tools like secretsdump.py, extraction of Windows credentials including password hashes and Kerberos tickets, and pass-the-hash authentication methods are highlighted.
- Additional evasion techniques, process name obfuscation, execution through different interpreters, and saving output to files for credentials are explored.
- Impacket offers various utilities for LDAP enumeration, Kerberos-based attacks, and Active Directory exploitation, making it a sophisticated penetration testing framework.
- Impacket is recommended as an essential tool for hackers due to its capabilities, with mastering the utilities providing access to advanced penetration testing functionalities.
- The post concludes by suggesting upgrading to a Member Gold subscription for access to a comprehensive library of advanced courses.
Read Full Article
6 Likes
Medium
4w
116
Image Credit: Medium
How How Artificial Intelligence Will Change the Finance Industries
- AI is changing the finance industry by improving client services and operational efficiencies.
- Bank of America's AI 'Erica' has facilitated over 1.5 billion interactive experiences through its banking app.
- AI in banking enables interactive conversations, automation of processes like loan approvals and credit scoring, reducing time and potential human error.
- AI systems in banking also assess customer behaviors and provide recommendations for financial behaviors like budgeting or investing.
- The investing and wealth management sectors have experienced a digital transformation with the rise of robo advisors using machine learning algorithms.
- Robo advisors are projected to reach over $2 trillion in global assets under management by 2027, offering low-cost personalized portfolio management.
- AI allows institutional investors to analyze large amounts of market data, news articles, and sentiment simultaneously, improving decision-making efficiency.
- AI plays a crucial role in fraud prevention by identifying normal and suspicious behaviors rapidly, reducing fraud loss and false positives.
- AI-powered fraud detection systems have shown detection rates 50% higher than traditional systems, aiding institutions in compliance with regulations.
- Financial professionals need to consider risks such as algorithmic bias, privacy data reliability, and governance frameworks as AI roles evolve.
- Despite risks, AI is expected to create a more secure, responsive, and inclusive financial ecosystem for both institutions and individuals.
Read Full Article
6 Likes
Medium
4w
44
Image Credit: Medium
Don't Get Hooked This Summer: Spot a Phishing Scam Before It Spots You
- Phishing scams are a major concern during the summer when people are relaxed and more likely to fall for traps set by cybercriminals.
- Phishing involves cybercriminals pretending to be someone trustworthy to steal information like login credentials or personal details.
- Scammers use techniques like fake travel deals, urgent emails, free vacation offers, and HR scams to lure victims.
- To spot a phishing scam, people should double-check sender information, look out for spelling errors, avoid providing personal information, and not click on suspicious links.
- It's advised to report phishing attempts, verify directly with sources, update software regularly, and enable multi-factor authentication for added security.
- Staying vigilant and cautious online is crucial to avoid falling prey to phishing scams during the summer or any time of the year.
Read Full Article
2 Likes
TechCrunch
4w
399
Image Credit: TechCrunch
Anne Wojcicki’s nonprofit reaches deal to acquire 23andMe
- Genetic testing company 23andMe, after facing challenges including a cyberattack and bankruptcy, has a deal to be acquired by Anne Wojcicki's nonprofit.
- Wojcicki's nonprofit TTAM Research Institute made a $305 million bid that was accepted over Regeneron's $256 million offer.
- The acquisition includes plans to notify customers, maintain privacy policies, and set up a Consumer Privacy Advisory Board.
- Wojcicki expressed excitement about continuing 23andMe's mission to empower individuals with genetic information.
- The acquisition is subject to bankruptcy court approval and facing legal obstacles, including objections from 28 state attorneys general.
- The privacy policies of 23andMe and the consent for selling genetic data are under scrutiny.
- There are concerns regarding consumer trust as interim CEO Joseph Selsavage revealed that 15% of customers requested data deletion post-bankruptcy.
Read Full Article
24 Likes
For uninterrupted reading, download the app