A naukri.com initiative
Cyber Security News
Medium
4w
173
Image Credit: Medium
You Are The Disinformation You Eat
- Media consumption can expose individuals to biased, misreported, or fake information that could be harmful.
- Savvy Cyber Kids stresses the importance of teaching young people how to navigate online information.
- The internet is viewed as a valuable tool that provides learning opportunities and social connections.
- It is essential to create a safe and positive online environment for children to benefit from the internet.
- Parents and caregivers play a crucial role in helping kids develop critical thinking skills.
- Teaching children to identify inconsistencies in fake content and verify information from reputable sources is important.
- Encouraging children to question news coverage regardless of the source can help them become more discerning consumers.
Read Full Article
10 Likes
Medium
4w
0
Image Credit: Medium
Digital Permanence and Bullying
- Social media is a platform for connection but also a breeding ground for cyberbullying, with around 84% of young adults being active users and half reporting being victims of cyberbullying.
- Cyberbullying involves using technology to harm others through threats, blackmail, spreading rumors, and other hurtful actions, leading to negative effects like loss of self-esteem, depression, and academic issues.
- A study involving college students showed that the belief in the impermanence of their digital content led to increased participation in cyberbullying, as they felt they could remain anonymous without consequences.
- Social media platforms like Facebook, Instagram, Snapchat, and TikTok offer features that enable temporary content, making it easier for users to engage in bullying with reduced fear of repercussions.
- Consequences like punishment, retaliation, and disapproval from authorities or peers act as deterrents against cyberbullying, but the potential for anonymity and impermanence of content can fuel bullying behavior.
- Having frequent conversations about bullying and being actively involved in your child's digital life are crucial to helping them navigate and cope with cyberbullying incidents.
Read Full Article
Like
Tech Radar
4w
293
Image Credit: Tech Radar
Fog ransomware attacks use employee monitoring tool to break into business networks
- Fog ransomware utilized a legitimate employee monitoring tool, Syteca, to log keys and retrieve passwords.
- The attack also involved the use of open-source tools for payload dropping and file exfiltration.
- Security researchers from Symantec noted the attack's atypical nature.
- The hackers accessed additional systems by tracking passwords and successfully deploying the encryptor.
- To drop Syteca, Fog ransomware used Stowaway, a multi-hop proxy tool.
- SMBExec, an open-source post-exploitation tool, executed the payload over SMB protocol.
- GC2, an open-source backdoor leveraging Google Sheets and SharePoint, was utilized for C2 and data exfiltration.
- Symantec highlighted the unusual toolset deployed by the attackers in the ransomware attack.
- Fog ransomware first appeared in April 2024 and targeted notable victims like Melexis and EUMETSAT.
- The group initially accessed networks using compromised VPN credentials, then executed malicious activities.
- The attackers demanded victims justify their jobs or pay up during their ransomware campaigns.
- Security experts recommend the use of authenticator apps and password managers for enhanced protection.
Read Full Article
17 Likes
Wired
4w
337
Image Credit: Wired
Here’s What Marines and the National Guard Can (and Can’t) Do at LA Protests
- Actively deployed US Marines in LA to guard federal buildings during protests, alarming legal experts.
- Trump federalized 4,000 California national guardsmen for protest crackdown, sparking legal debate.
- Protests erupted in LA's Westlake area over aggressive ICE raids, resulting in clashes with law enforcement.
- Restrictions limit active-duty forces' actions in civil disturbances, prohibiting certain law enforcement activities.
- Military can assist police with information and expert advice in non-core functions.
- During emergencies, military commanders can act to prevent destruction without prior presidential approval.
- Enforcement of restrictions can vary in chaotic situations; Trump administration has sought to stretch legal limits.
- Marines have limited civil unrest training compared to National Guard; concerns rise over presidential authority.
- Constitutional experts warn against military crackdowns on civilians, fearing erosion of civil liberties.
- Deploying military against civilians blurs law enforcement-military distinctions, risking unchecked presidential power.
Read Full Article
20 Likes
Siliconangle
4w
13
Image Credit: Siliconangle
New AuthZed tools enforce permissions in RAG and Agentic AI systems
- AuthZed Inc. has introduced new support for Retrieval-Augmented Generation and Agentic AI systems to enhance authorization infrastructure for enterprise artificial intelligence.
- The expansion aims to assist engineering teams in ensuring AI systems respect permissions, prevent data leaks, and maintain audit trails.
- AuthZed addresses challenges in authorization as organizations deal with AI products and Agents accessing proprietary data across tenants.
- SpiceDB, AuthZed's open-source permissions system based on Google's Zanzibar, scales for millions of authorization checks per second.
- Jake Moshenko, CEO of AuthZed, highlights that SpiceDB is crucial for providing scalable authorization for AI projects.
- AuthZed enables RAG systems to control access to proprietary knowledge bases and restrict unauthorized data retrieval.
- Teams using AuthZed can enforce access control, pre-filter documents, post-filter search results, and synchronize permissions in real time.
- For Agentic AI, AuthZed's model aligns agent capabilities with user permissions, integrating functionality control, permission inheritance, and autonomy oversight.
- AuthZed, backed by venture capital, has raised $15.9 million, including a recent $12 million round in April 2024, with investors like General Catalyst Group Management and Y Combinator Management.
- The company emphasizes the importance of securing and scaling enterprise AI using their authorization solutions.
Read Full Article
Like
VentureBeat
4w
364
Image Credit: VentureBeat
Red team AI now to build safer, smarter models tomorrow
- AI models are increasingly under attack, with a high percentage of enterprises facing adversarial model attacks.
- To address this challenge, integrating security into model building is crucial.
- Continuous adversarial testing throughout the Software Development Life Cycle (SDLC) is essential.
- Red teaming is emphasized as a core component in protecting large language models (LLMs) during DevOps cycles.
- Microsoft's guidance on red teaming for LLMs provides valuable methodology, aligned with NIST's AI Risk Management Framework.
- Regulatory frameworks like the EU's AI Act mandate rigorous adversarial testing, making continuous red teaming essential.
- Leading companies integrate red teaming from early design to deployment to enhance security.
- Traditional cybersecurity approaches are insufficient against AI threats, necessitating new red teaming techniques.
- Structured red-team exercises simulate AI-focused attacks to uncover vulnerabilities and enhance security.
- To counter evolving AI threats, continuous adversarial testing combining human insights and automation is vital.
- DevOps and DevSecOps must work together to enhance AI security by adopting high-impact strategies.
- Organizations should embed adversarial testing into all stages of model development.
- Balancing automation with human expertise is key to robust AI security.
- Red teaming ensures trust, resilience, and confidence in AI-driven future.
- Cybersecurity roundtables at VentureBeat's Transform 2025 will focus on red teaming and AI-driven cybersecurity solutions.
Read Full Article
21 Likes
Tech Radar
4w
88
Image Credit: Tech Radar
Trend Micro patches several worrying security flaws, so update now
- Trend Micro has patched critical vulnerabilities in Apex Central and Endpoint Encryption PolicyServer products.
- The vulnerabilities included six remote code execution and authentication bypass flaws.
- No evidence of abuse has been reported, but users are urged to apply the latest fixes.
- The fixed vulnerabilities are listed under CVE-2025-49212, CVE-2025-49213, CVE-2025-49216, CVE-2025-49217, and CVE-2025-49219.
- There are no workarounds available, and users must update to TMEE version 6.0.0.4013 and Apex Central Patch B7007.
- Failure to update leaves systems vulnerable to potential exploitation by threat actors.
Read Full Article
5 Likes
Tech Radar
4w
1.1k
Image Credit: Tech Radar
NHS recruitment firm had major security bugs which could have exposed entire systems
- A cyberattack on NHS Professionals, a private company owned by the Department of Health and Social Care, resulted in the theft of its Active Directory data in May 2024.
- The breach was not publicly disclosed, and attackers used a compromised Citrix account to gain initial access.
- Attackers stole a valuable ntds.dit file and moved laterally in the network using RDP and SMB share access.
- It's unclear how the attackers escalated their privileges up to the domain admin level.
- NHS Professionals provides temporary staff to NHS trusts and has over 190,000 healthcare professionals registered.
- The cyberattack is suspected to be linked to Scattered Spider and may have been an attempted ransomware attack.
- A lack of multi-factor authentication on domain accounts was a primary reason for the security breach.
- The organisation also lacked endpoint detection and response solutions, allowing attackers to move undetected.
- NHS Professionals confirmed no disruption to services and no compromised data or information.
- The company worked with NHS England, the Department of Health and Social Care, and the Information Commissioner's Office to investigate the cyberattack.
- NHS Professionals emphasized commitment to high cybersecurity standards and compliance with information governance requirements.
Read Full Article
19 Likes
Dev
4w
1.6k
Image Credit: Dev
Cybersecurity Audit Checklist: The Risk of Free Online Tools
- Developing a cybersecurity audit checklist is crucial for safeguarding company data by accounting for online tools used by employees.
- Employees often utilize free online tools to boost productivity, potentially exposing the organization to security threats.
- Data breach risk mitigation involves considering data transfer in and out of software platforms alongside employee tool usage.
- Common tools like language translation services can inadvertently compromise sensitive data security within multinational companies.
- Free online translation tools may lack security measures, jeopardizing confidential information during data uploads and translations.
- Employees may unknowingly expose data by uploading documents, copying confidential information, or ignoring terms of service limitations.
- A comprehensive cybersecurity audit checklist should encompass unauthorized tool usage to prevent data breaches originating from overlooked vulnerabilities.
- Vigilance is key in addressing risks posed by free online tools, as even minor oversights can lead to significant data security breaches.
Read Full Article
10 Likes
TechDigest
4w
266
Image Credit: TechDigest
These are the top 6 cyberscams of 2025, so far
- Cybercrime in 2025 has become more sophisticated, affecting individuals, businesses, and government systems with AI, social engineering, and data breaches.
- Prominent scams include AI voice cloning, financial scams, romance scams, money mule recruitment, phishing/BEC, and social media impersonation.
- AI voice cloning scammers mimic voices using AI, manipulating victims with urgent requests. Verify unusual requests through secondary channels.
- Financial and investment scams lure victims with fake platforms and high returns. Verify all investment opportunities through regulatory bodies.
- Romance scams involve emotional manipulation and AI-generated personas. Be cautious of online connections and never send money to someone not met in person.
- Money mule recruitment targets individuals to launder money. Avoid job offers involving money transfers on behalf of others.
- Phishing and BEC attacks are sophisticated, using stolen data and AI. Enable multifactor authentication and treat unexpected messages with suspicion.
- Social media impersonation scams are rising, deceiving users with fake ads and accounts. Verify messages/offers directly with official channels and use strong passwords.
- Cybercrime is evolving with smarter and more convincing scams, requiring individuals and businesses to stay informed for defense.
- Article by Oscar Collins, highlighting the need to be vigilant against cybercrime.
Read Full Article
16 Likes
Global Fintech Series
4w
2.1k
Image Credit: Global Fintech Series
Implementing AI-Powered Policy Verification Systems in FinTech
- AI-powered policy verification systems are transforming how FinTech companies interpret and enforce regulatory frameworks, enhancing operational accuracy and compliance.
- FinTech operates in a shifting regulatory landscape with challenges like AML, KYC, and GDPR, making automated policy verification crucial.
- AI systems use NLP, machine learning, and rule-based algorithms to understand and validate policies in real time.
- They ingest, interpret, and map policies against internal operations, continuously monitor compliance, and learn and adapt over time.
- Benefits include increased accuracy, operational efficiency, real-time compliance insights, scalability, and audit readiness.
- Use cases span digital banking, InsurTech, Crypto, Blockchain, and lending platforms within the FinTech sector.
- Challenges involve data privacy, regulatory ambiguity, integration complexity, and ethical AI decision-making.
- The future of AI in FinTech compliance points towards more intuitive systems automating regulatory reporting and predicting compliance risks.
- Implementing AI-powered policy verification systems in FinTech enhances operational resilience and regulatory alignment, paving the way for seamless compliance.
- Overall, AI systems play a vital role in ensuring FinTech compliance keeps pace with regulatory changes efficiently and accurately.
Read Full Article
24 Likes
Socprime
4w
439
Image Credit: Socprime
Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment
- CISA alerts about ransomware actors exploiting unpatched vulnerabilities in SimpleHelp RMM software for persistent access.
- Vulnerability exploitation is a top attack vector, as seen in an incident deploying DragonForce ransomware via SimpleHelp RMM.
- Sophos reports a significant rise in ransomware recovery costs, emphasizing the need for proactive defense strategies.
- Cyber defenders urged to leverage threat intelligence and detection content to combat threats like those targeting SimpleHelp RMM flaws.
- SOC Prime Platform offers Sigma rules for detecting SimpleHelp RMM vulnerabilities used for ransomware distribution.
- Detection rules for vulnerability exploitation and ransomware attacks are available on the platform, mapped to the MITRE ATT&CK framework.
- Experts can use Uncoder AI for threat investigation and detection engineering, optimizing queries for multiple security solutions.
- Attackers exploit a vulnerability chain in SimpleHelp RMM, deploying DragonForce ransomware and engaging in double extortion tactics.
- CISA advises applying mitigation measures against potential ransomware attacks on SimpleHelp RMM software.
- The attack on SimpleHelp RMM instances targeting utility billing software providers underscores the need for advanced cybersecurity defenses.
Read Full Article
26 Likes
Securityaffairs
4w
48
Image Credit: Securityaffairs
Apple confirmed that Messages app flaw was actively exploited in the wild
- Apple confirmed that a security flaw in its Messages app, CVE-2025-43200, was actively exploited in the wild targeting journalists with Paragon’s Graphite spyware.
- The vulnerability was addressed on February 10, 2025, with the release of multiple updates including iOS 18.3.1 and macOS versions.
- The flaw allowed a logic issue when processing a maliciously crafted photo or video shared via an iCloud Link.
- Citizen Lab confirmed Graphite spyware was used to hack fully updated iPhones, targeting journalists in Europe.
- Forensic evidence showed communication with the same spyware server. Apple alerted victims and patched the zero-click exploit.
- Paragon accused the Italian government of refusing help to investigate spyware use against a journalist, leading to ending contracts in Italy.
Read Full Article
2 Likes
Medium
4w
275
Image Credit: Medium
GRC Tools That Make Life Easier
- Managing governance, risk, and compliance (GRC) can be overwhelming with frameworks, risks, policies, and audits to handle.
- GRC tools like Drata, Scrut Automation, Vanta, Secureframe, MetricStream, ArcherIRM, OneTrust, LogicGate, Hyperproof, Tugboat Logic, Sprinto, TrustCloud, ZenGRC, and Astrix assist in easing the GRC process.
- Drata automates compliance preparation, reducing audit prep time by 60–80%.
- Scrut Automation integrates risk and compliance, reducing manual compliance effort by 50%.
- Vanta accelerates SOC 2 readiness in weeks, suitable for lean security or compliance teams.
- Secureframe automates the entire compliance lifecycle, improving audit readiness and compliance reporting.
- MetricStream supports enterprise-wide governance, risk, audit, and compliance initiatives effectively.
- ArcherIRM provides deep customization for Fortune 500 companies in GRC processes.
- OneTrust unifies privacy, ethics, risk, and compliance management, aiding in responding to regulatory changes.
- LogicGate offers flexibility for process ownership and continuous improvement in risk and compliance workflows.
- Hyperproof simplifies and centralizes compliance operations for recurring obligations seamlessly.
Read Full Article
16 Likes
Socprime
4w
235
Image Credit: Socprime
Linux Syscall Threat Detection in Splunk with Uncoder AI
- A new approach for Linux syscall threat detection in Splunk using Uncoder AI is introduced.
- The focus is on monitoring the mknod syscall, often exploited by attackers for malicious purposes.
- Detection logic is designed around the mknod syscall and is tagged with MITRE technique T1543.003.
- The detection method is based on analyzing auditd logs on Linux.
- Uncoder AI simplifies the translation of Sigma rules to Splunk's Search Processing Language (SPL).
- The solution offers an innovative way to convert cross-platform telemetry for effective threat detection.
- Uncoder AI automates the challenges of field mapping and syntax differences between Sigma and Splunk.
- It enhances Linux telemetry coverage, particularly for low-frequency, high-risk behaviors like mknod.
- The solution facilitates quick deployment of threat content from Sigma to Splunk, improving detection capabilities.
- It allows for enhanced monitoring of persistence techniques and covert channel creation in real time.
- The tool is designed to bridge the gap between open threat content and proprietary platforms like Splunk.
- The solution aims to reduce engineering efforts and enable security teams to focus on investigations.
- The article is based on a post from SOC Prime.
- The solution provides a minimal yet accurate query for detecting mknod syscall events in Splunk.
- False positives may occur during device initialization by tools like udevadm or MAKEDEV.
- Overall, the approach aims to streamline Linux threat detection using Uncoder AI in a Splunk environment.
Read Full Article
14 Likes
For uninterrupted reading, download the app