Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Dev

Image Credit: Dev

Federated Learning: The Future of Privacy-Preserving Machine Learning

Federated Learning is a decentralized approach to machine learning that allows models to be trained across multiple devices.
Federated learning addresses concerns around privacy, data security, and regulatory compliance.
It enhances privacy by keeping raw data on users' devices, minimizing the risk of data breaches.
Federated learning reduces data transfer costs and enables personalized machine learning models without compromising privacy.

Read Full Article

2 Likes

Socprime

358

Image Credit: Socprime

How to prevent BufferOverflowError

To prevent BufferOverflowError when getting logs from Kafka/in_tail and facing connection issues to OpenSearch/ElasticSearch, you can customize Fluentd buffer in the output.
Set flush_mode to 'interval', flush_interval to a custom time, and overflow_action to 'block' to handle buffer overflow.
Configure retry_max_interval to set the maximum interval for retries and retry_randomize to false for a randomized interval.
For buffering, set chunk_limit_size to a specified value in megabytes to control the size of each chunk.

Read Full Article

21 Likes

Eletimes

151

Image Credit: Eletimes

Harnessing Computer-on-Modules for Streamlined IT/OT Convergence and Enhanced Cybersecurity

IT/OT convergence brings physical (OT) equipment and devices into the digital (IT) world by using the Industrial Internet of Things (IIoT) and big data analytics for higher productivity and efficiency.
aReady.COM, congatec's application-ready offering around computer-on-modules (COMs), provides the perfect building blocks for out-of-the box IT/OT convergence, reducing complexity by seamlessly integrating hardware and software for enhanced performance and flexibility.
With the Cyber Resilience Act, the exposure to cyber threats from OT and IT systems escalates. OEMs must comply with these regulations before entering the EU market, to safeguard against potential risks by secure software updates.
The software should enable remote monitoring of embedded systems with security protocols, sensor and actuator integration, control logic, lifecycle management, and historical data. It should also provide connectivity to prevalent cloud services like AWS, with options for establishing or integrating private on-premises clouds to protect critical business data.
aReady.VT for system consolidation and aReady.IOT for IIoT connection can address the needs for software in IT/OT convergence. aReady.VT enables designers to consolidate multiple systems on one single hardware platform, shortening time-to-market and optimizing overall system functionality. aReady.IOT allows developers to remotely access device information, including serial numbers, software versions, voltages, and temperatures.
The technology that underpins aReady.IOT is built upon the solid foundation established by Arendar, a company that congatec acquired in 2023. Moreover, asembled platform and distributed software building blocks provide reliable real-time machine capabilities, data processing, and optimized maintenance with minimal on-site service.
congatec offers aReady.VT and aReady.IOT in an application-ready or custom-configured package that integrates a pre-configured hypervisor, operating system, and IIoT software, streamlining workflows, supply chain, and warehousing.
The implementation of IT/OT convergence will bring significant efficiencies through cost savings and enhanced reliability.
The emergence of Industry 4.0 and IIoT technology has emphasised the importance of IT/OT convergence, enabling innovation in the core of business operations and becoming essential for organizational success.
By reducing the number of systems, embedded computing applications can achieve significant size, weight, power consumption, and cost savings, optimizing production processes, increasing efficiency, and reducing costs.

Read Full Article

9 Likes

Tech Radar

141

Image Credit: Tech Radar

Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks

The US Treasury Dept. is bringing sanctions against a Chinese cybersecurity firm and one of its employees
The employee is allegedly responsible for over 80,000 Sophos firewall breaches
Many of the targets were part of US critical infrastructure
Sanctions include seizure of US property/assets and blocking entities owned by the firm

Read Full Article

8 Likes

Discover more

Socprime

115

Image Credit: Socprime

Adaptive Replica Selection in OpenSearch

Adaptive replica selection is a mechanism designed to improve query response times and alleviate strain on overloaded OpenSearch nodes.
It ensures that nodes experiencing delays due to issues like hardware, network, or configuration problems do not slow down the overall query process.
Enabling adaptive replica selection prioritizes nodes with better response times and avoids sending shard requests to struggling nodes unless no other replicas are available.
This feature is enabled by default in OpenSearch, but can also be manually activated using the provided API request.

Read Full Article

6 Likes

Global Fintech Series

221

Image Credit: Global Fintech Series

Safe AI Strategy for Community Financial Institutions: Turning Concepts into Action

The challenge isn’t just about adopting new technology; it’s about harnessing AI’s potential while preserving the very qualities that make CFIs indispensable to their communities.
CFIs integrate AI into their workflows, aligning AI solutions with ethical use, transparency, and security.
Before implementing AI in CFIs, it’s crucial to recognize the risks it brings. These risks span content moderation, bias, ethics, and legal compliance.
Governance, Compliance, and Ethical Stewardship: Establish a strong governance framework to ensure AI systems adhere to financial regulations, maintain ethical standards, and prioritize transparency and accountability in decision-making.
Member Equity, Inclusion, and Bias Prevention: Develop AI systems that promote fairness, inclusivity, and equitable treatment for all members, while preventing biases that could impact diverse groups.
Privacy, Security, and Member Data Protection: Embed strong privacy and security measures into AI systems to safeguard member data, prevent breaches, and safeguard compliance with financial data protection regulations such as GLBA, CCPA, and GDPR.
Transparency, Explainability, and Member Empowerment: Ensure AI operations are transparent and understandable, giving members and staff tools to effectively manage AI interactions.
Continuous Improvement, Monitoring, and Risk Management: Continuously monitor, update, and adapt AI systems and regulations, while proactively managing risks to maintain financial stability.
Successfully implementing AI in Credit Financial Institutions (CFIs) requires more than just a technical solution. It demands a comprehensive, strategic approach that aligns with ethical standards, regulatory requirements, and the mission of serving members fairly.
As we navigate the AI landscape, it’s clear that the future of CFIs doesn’t lie in blindly adopting technology or following industry buzzwords. Instead, success will come from a thoughtful, strategic approach that prioritizes member needs, ethical considerations, and the unique position of community financial institutions.

Read Full Article

13 Likes

Tech Radar

411

Image Credit: Tech Radar

Top file-sharing tools are being hit by security attacks once again

Security researchers Huntress uncover flaw in LexiCom, VLTransfer, and Harmony tools.
Flaw was patched, but the patch did not work effectively.
Hackers are exploiting the vulnerability possibly to steal data.
24 compromised businesses identified, with many others at risk.

Read Full Article

24 Likes

Securityaffairs

256

Image Credit: Securityaffairs

Chinese national charged for hacking thousands of Sophos firewalls

The US has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020.
Tianfeng worked at Sichuan Silence Information Technology Co., faces charges for developing and testing a zero-day exploit used to compromise approximately 81,000 firewalls.
The man and co-conspirators exploited a zero-day vulnerability, tracked as CVE-2020-12271, in Sophos firewalls to deploy malware.
At the end of April 2020, cybersecurity firm Sophos released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.
The hackers exploited the SQL injection flaw to download malicious code on the device that was designed to steal files from the XG Firewall.
Hackers exploited the issue to install the Asnarök Trojan that allowed the attackers to steal files from the XG Firewall and use the stolen info to compromise the network remotely.
The Trojan could steal sensitive data including usernames and hashed passwords for the firewall device admin, and user accounts used for remote access.
Sophos published a series of reports named ‘Pacific Rim‘ that includes details about the operations conducted by Chinese hackers against network devices of different vendors worldwide for over 5 years.
Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access.
The U.S. Treasury’s OFAC has sanctioned Sichuan Silence Information Technology Co. Ltd. and its employee Guan Tianfeng for hacking U.S. critical infrastructure companies.

Read Full Article

15 Likes

Insider

Image Credit: Insider

How much do health insurance companies spend on executive security? It might be less than you think.

Health insurance companies appear to spend less on executive protection compared to high-profile CEOs like Mark Zuckerberg or Elon Musk.
The death of UnitedHealthcare CEO, Brian Thompson, highlights that even executives who aren't as high-profile or famous as others may not always have bodyguards with them.
The amount companies pay for executive security varies widely, with some CEOs known for having multimillion-dollar security packages while some have more modest protection services worth hundreds of thousands of dollars.
Walmart CEO Doug McMillon and McDonald's CEO Chris Kempczinski, for example, appear to have individual security expenses of less than $25,000 for 2023, according to company filings.
Typically, company-paid security costs are disclosed in annual corporate filings called proxy statements, and include a breakdown of the salary, benefits, bonuses, and other perks provided for top executives' total compensation packages.
UnitedHealth Group appear to allocate less expense on executive protection as some of the Big Tech giants, and don't specify any personal security cost for CEO, Brian Thompson, in last year's filings.
Other insurance companies, including CVS (owner of Aetna), Cigna, Humana, and Elevance (owner of Anthem), also do not specify personal security costs in their proxy statements, while Kaiser Permanente is a nonprofit and not subject to the same reporting requirements.
Different executives may have their own personal preference for the level of security they require, which is very much driven on the executives' preference.
Elon Musk, the world's wealthiest person, has spoken out about personal security concerns in recent years and has more than one bodyguard in his security team.
Executives at health insurance companies, who may not be as recognizable as someone like Musk or Zuckerberg, may consider reviewing executive protection costs following Thompson's death.

Read Full Article

4 Likes

Cybersecurity-Insiders

1.7k

Image Credit: Cybersecurity-Insiders

Apple iPhone Users Warned About Data-Stealing Vulnerability in TCC Feature

Apple iPhone users are being alerted to a critical security flaw that could potentially allow hackers to steal sensitive data.
The vulnerability exists within the Transparency, Consent, and Control (TCC) feature of Apple's operating system.
The bug, known as the 'TCC Bypass,' enables attackers to bypass security prompts and gain unauthorized access to iCloud data.
Apple has released a patch (iOS 18.2) to address the vulnerability, but users need to ensure they install the update to maintain device security.

Read Full Article

3 Likes

Dynamicbusiness

Image Credit: Dynamicbusiness

Cyber trouble? Here’s free help for small businesses

The Australian Government has launched the Small Business Cyber Resilience Service to protect small businesses from cyber threats.
The free service offers customized cyber security plans, actionable recommendations, recovery assistance, case management support, and referrals to additional resources.
Eligible businesses include those with 19 or fewer full-time employees, registered in Australia, actively trading, and holding a valid ABN.
The service aims to empower small businesses in navigating the digital landscape, staying ahead of threats, and recovering effectively from cyber incidents.

Read Full Article

Mcafee

314

Image Credit: Mcafee

The Stealthy Stalker: Remcos RAT

McAfee Labs has identified a significant rise in the Remcos RAT threat in Q3 2024.
The malware is often delivered through phishing emails and malicious attachments, allowing cybercriminals to remotely control infected machines and compromising sensitive data.
In a technical analysis of two Remcos RAT variants, highly obfuscated PowerShell scripts are executed to download and inject multiple files into a legitimate Microsoft .NET executable, eventually leading to the installation of the Remcos payload.
In variant 2, the Remcos RAT comes from an Office Open XML document, which is downloaded from a spam email attachment and imported using the CVE-2017-11882 Equation Editor vulnerability.
The VBS script from variant 2, which is highly obfuscated, launches PowerShell using Base64 encoded strings as the command.
Once the assembly “dnlib.dll” is loaded, it calls a method VAI from a type dnlib.IO.Home within the loaded assembly.
Organizations can better protect their systems and sensitive data from Remcos RAT by implementing robust defenses such as regular software updates, email filtering, and network monitoring.
By staying vigilant and informed about emerging threats like Remcos RAT, organizations can safeguard against future cyberattacks.
IOCs and detections for each variant are also provided in the article.
References to the original source of the article are given at the end of the blog post.

Read Full Article

18 Likes

Nordicapis

327

Image Credit: Nordicapis

Why APIs Need Better Identity and Access Management

Identity-based breaches account for 80% of cyberattacks with more than one-third of data breaches involving internal actors. Comprehensive identity and access management (IAM) policies, like a common identity platform leveraging OpenID Connect and OAuth standards, are essential in regulating access.
API unsecuritization remains a risk-level threat because IAM is not efficient or robust enough. Inconsistent or weak processes undermines organizational integrity against the risk of non-compliance penalties or unapproved data access.
Zero trust architectures mitigate credential theft risks and unauthorized access; multi-factor authentication, real-time threat identification and reporting can further strengthen IAM policies.
Least privilege mechanisms for access control, as well as granular access control and JWTs will be relevant for IAM and APIs for the foreseeable future.
Unfortunately, even with advanced IAM policies, vulnerabilities, such as the recent 2023 OAuth vulnerability, may go unaddressed by an organization without a comprehensive and proactive approach to risk mitigation.
Employees have inappropriate access to sensitive data. About 70% may obtain insufficient access after leaving organizations.
IAM seeks to balance compliance and security risks for all stakeholders. Cloud-based IAM solutions, a common identity platform leveraging OpenID Connect and OAuth standards, hardware keys, and passwordless authentication methods are replacing on-premise solutions.
APIs need a robust IAM system and modern access control like a common identity platform to integrate with API management tools. OAuth's access token can match passwordless authentication to regulate usage control policies.
IAM is essential in the API space with robust mechanisms like multi-factor authentication, least privilege, granular access control, and JWTs being relevant for the foreseeable future.
As identity and access management continues to evolve, so will the methods employed by cyber criminals. Organizations cannot afford to rest on their laurels and must constantly review and improve identity and access management policies to maintain organizational integrity and customer trust.

Read Full Article

19 Likes

Cybersecurity-Insiders

393

Image Credit: Cybersecurity-Insiders

Pros and Cons of Differentiating Cloud Security Tools

As organizations increasingly migrate their operations to the cloud, securing sensitive data and ensuring privacy have become top priorities.
Differentiating cloud security tools involves selecting distinct security solutions tailored to the specific requirements of various cloud providers or use cases.
Pros of Differentiating Cloud Security Tools.
Tailored Security Solutions: Optimized Performance for Each Cloud Platform, Better Integration with Platform-Specific Features, Specialized Security Features, and Flexibility in Security Strategy.
Improved Threat Detection: Enhanced Threat Intelligence.
Cons of Differentiating Cloud Security Tools.
Increased Complexity: Management Overhead and Lack of Centralized Visibility.
Higher Costs: Increased Costs for Multiple Solutions and Overlapping Features.
Integration Challenges: Inconsistent Security Policies and Integration Difficulties with Existing Infrastructure.
Resource Intensive: Dedicated Expertise Needed and Increased Incident Response Times.

Read Full Article

23 Likes

Securityaffairs

Image Credit: Securityaffairs

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

A large-scale fraud campaign has been uncovered in the UAE where cybercriminals impersonate law enforcement, particularly Dubai Police, to defraud consumers.
Scammers target victims through phone calls, phishing, smishing, and vishing activities, asking them to pay non-existent fines online for traffic violations or license renewals.
The fraudulent activities have increased during the winter holidays and particularly around the UAE National Day celebrations, resulting in financial losses for victims.
UAE authorities have warned residents against sharing financial details over the phone and highlighted that official institutions will never request this information through phone calls.

Read Full Article

5 Likes

For uninterrupted reading, download the app