A naukri.com initiative
Cyber Security News
Medium
4w
186
Sivanandh CC: The Visionary Behind RECILENS — A Company Redefining Cybersecurity and Digital…
- Sivanandh CC is the visionary behind RECILENS, a company redefining cybersecurity and digital solutions.
- He advocates for skills over degrees and launched RECILENS Internship 2k25, a no-cost internship program aiming to empower students and professionals.
- RECILENS offers a platform for real project collaborations and meaningful career building, focusing on hands-on experiences.
- Sivanandh aims to combine AI and Blockchain to innovate threat detection and intelligence sharing in cybersecurity.
- His work on an AI-driven, blockchain-integrated cybersecurity platform has positioned RECILENS as a forefront player in global security innovation.
- Apart from running a company, Sivanandh actively builds a community where innovation and impact converge, turning students into professionals.
- He shares his knowledge through blogs, workshops, and technical events to contribute to a safer digital world.
Read Full Article
11 Likes
Dev
4w
275
Image Credit: Dev
The AI Revolution in Ethical Hacking: Empowering Defenders in the Digital Age
- The AI Revolution in Ethical Hacking is empowering defenders in the constantly evolving cybersecurity landscape.
- AI-driven tools in ethical hacking automate manual tasks, enhancing efficiency and accuracy in vulnerability assessments.
- Automated Vulnerability Scanners powered by AI identify complex vulnerabilities using machine learning algorithms.
- AI excels in Intelligent OSINT Gathering, efficiently processing public data to pinpoint attack vectors.
- AI-Enhanced Penetration Testing Platforms simulate sophisticated attack scenarios for comprehensive testing.
- AI models revolutionize Threat Hunting by analyzing network traffic and detecting anomalies in real-time.
- The core advantage of AI in ethical hacking lies in processing massive datasets for precise vulnerability identification.
- AI frees up ethical hackers from mundane tasks, allowing them to focus on strategic challenges.
- Ethical hackers will work in a symbiotic relationship with AI, combining human expertise with machine intelligence.
- While AI benefits defenders, ethical hackers must also understand AI's offensive capabilities to strengthen security defenses.
Read Full Article
16 Likes
Tech Radar
4w
382
Image Credit: Tech Radar
Holidaymakers under threat from devious new cyber threat - here's how to stay safe
- Hackers are targeting holidaymakers with remote access trojans through fake Booking.com websites.
- The fake sites mimic Booking.com but have blurred content and a deceptive cookie banner.
- Clicking 'Accept cookies' triggers a download of a malicious JavaScript file installing a RAT called XWorm.
- XWorm allows attackers to control compromised devices, access files, webcams, microphones, disable security tools, deploy malware, and steal data.
- The campaign was first spotted in peak summer booking period Q1 2025, exploiting users' 'click fatigue' during rush times.
- Users are advised to slow down when browsing, avoid clicking on links in emails or social media, and type website addresses manually.
Read Full Article
23 Likes
Wired
4w
75
Image Credit: Wired
Social Media Is Now a DIY Alert System for ICE Raids
- Around 300 migrants have been detained in California in recent ICE raids, following an administration order.
- Concerns over due process violations and lack of access to legal representation for those targeted by ICE have been raised.
- Social media platforms are being used by migrant-rights organizations to alert about ICE activities and provide support.
- Various groups and pages on digital platforms disseminate real-time alerts about ICE checkpoints, patrols, and raids.
- Users can report immigration agents' presence and receive legal guidance anonymously through these platforms.
- Organizations like Chirla, Stop ICE Raids Alert Network, and others actively engage in alerting and offering assistance to those affected by ICE operations.
- Citizen-developed applications like SignalSafe provide real-time alerts on ICE activity and help migrants avoid potential checkpoints.
- The use of social networks among migrants has become instrumental in resisting immigration policies and providing vital resources.
- By 2023, a significant percentage of migrants had access to smartphones and social networks, emphasizing their importance in facilitating communication and support.
- These digital spaces have transformed into key tools for the resistance movement against harsh immigration policies.
Read Full Article
4 Likes
TechCrunch
4w
240
Image Credit: TechCrunch
Apple fixes new iPhone zero-day bug used in Paragon spyware hacks
- Apple has fixed a zero-day bug that was used by the Paragon spyware to hack iPhones of two European journalists.
- The Citizen Lab report mentioned that the flaw was mitigated in iOS 18.3.1 that was released on February 10.
- The security update initially only addressed an unrelated flaw, but was later updated to include details about a logic issue in processing media via an iCloud Link.
- The flaw was exploited in an attack against specific individuals, including Italian journalist Ciro Pellegrino and another European journalist.
- Apple did not disclose the existence of this patched flaw until four months after the iOS update release.
- The Paragon spyware scandal started in January with WhatsApp notifying users of being targeted with Graphite spyware.
- Several iPhone users later received notifications from Apple about being targets of mercenary spyware.
- The Citizen Lab's findings confirmed that two journalists targeted with Apple's notification were hacked with Paragon spyware.
- It's uncertain if all Apple users who received the notification were targeted with Graphite.
- Apple did not provide a comment on the reason for the delayed disclosure of the patched flaw.
- The report mentions users in 100 countries received notifications about being affected by the spyware campaign.
Read Full Article
14 Likes
Silicon
4w
418
Image Credit: Silicon
Paragon Spyware Used To Target European Journalists, Warns Citizen Labs
- Canadian security researchers at Citizen Lab reveal that Paragon's Graphite spyware has targeted European journalists, including those at an Italian news site Fanpage.it.
- WhatsApp previously warned of hacking activities by Paragon Solutions targeting journalists and civil society members.
- Citizen Lab reports that additional journalists have been targeted with advanced spyware, with evidence linking attacks to Paragon operators.
- Analysis by Citizen Lab confirms that journalists, including Ciro Pellegrino, were targeted by Paragon's Graphite mercenary spyware.
- Questions arise about the involvement of the government of Italian Prime Minister Giorgia Meloni in the spyware incidents.
- Spyware companies like Paragon and NSO Group claim to sell to governments for security purposes but their tools have been used to compromise journalists and politicians' devices.
- NSO Group's Pegasus spyware has faced legal issues in the past, including lawsuits and allegations of facilitating human rights violations worldwide.
- In December 2024, WhatsApp won a legal battle against NSO Group for illegally hacking into its systems and targeting individuals with spyware.
Read Full Article
25 Likes
Bitcoinmagazine
4w
2.9k
Passport Prime: A New Security Device For a New Generation
- Passport Prime is Foundation Devices’ latest retail hardware wallet set to be released in Q3 of 2025, aiming to provide high security demands for Bitcoin and crypto software.
- It features a full-color touch screen, NFC, encrypted Bluetooth support, 50 GB storage, a powerful Bitcoin wallet app, and serves as a developer platform for app creators to enhance crypto-native cybersecurity.
- Foundation aims to address the low adoption of hardware wallets amidst mainstream crypto growth by focusing on security features, user familiarity, and ease of use.
- The Passport Prime employs Shamir secret sharing for secure key recovery and utilizes a separate operating system called KeyOS to ensure isolation and security.
- To enhance user experience, the device integrates NFC for secure communication and Bluetooth for seamless transactions, with strict security protocols in place to mitigate risks.
- The Passport Prime also offers encrypted cloud backup, a virtual YubiKey app, a 2FA app, and apps for various functionalities, providing users with a comprehensive security solution.
- Foundation Devices emphasizes a balance between high security and user familiarity in Passport Prime, priced at $299 and featuring Cake Wallet as a third-party KeyOS app.
Read Full Article
22 Likes
Tech Radar
4w
2
Image Credit: Tech Radar
Microsoft Copilot targeted in first “zero-click” attack on an AI agent - what you need to know
- Microsoft's Copilot, a Generative AI model in Microsoft 365, faced a zero-click attack known as LLM Scope Violation discovered by Aim Labs.
- The flaw, named EchoLeak, allowed threat actors to extract sensitive corporate data via hidden prompts in emails without user interaction.
- Threat actors could exfiltrate data like intellectual property, business contracts, and financial information from Copilot integrated into Microsoft 365.
- The attack required a human-like prompt to bypass Microsoft's defenses, potentially affecting a victim when interacting with Copilot.
- The bug, assigned CVE-2025-32711, scored 9.3/10 in severity, was fixed server-side in May, and Microsoft found no evidence of exploitation.
- Microsoft 365 combines office apps, cloud storage, email, calendar, and communication tools, making it widely used for online collaboration.
- Copilot assists users in drafting emails, document generation, data visualization, and trend analysis in Microsoft 365.
Read Full Article
Like
Siliconangle
4w
124
Image Credit: Siliconangle
Vanta launches AI Agent to automate compliance workflows
- Vanta Inc. has launched the Vanta AI Agent to automate compliance workflows.
- The AI Agent is designed to handle end-to-end compliance workflows autonomously.
- Powered by Vanta AI, the agent guides organizations through key tasks and identifies issues accurately.
- It aims to save time by automating policy management and evidence evaluation for audit preparation.
- The Vanta AI Agent assists companies in reducing the time spent on compliance tasks (up to 21 hours per week).
- It reduces human error by taking on manual tasks, enabling teams to focus on higher-value work.
- The agent generates policy change summaries, streamlining the compliance documentation update process.
- It proactively detects inconsistencies and flags them, helping teams address issues before they escalate into audit risks.
- Vanta AI Agent can answer compliance-related questions in real time, simplifying information retrieval.
- Feedback from customers during early testing has been positive, with significant time savings reported.
- The Vanta AI Agent is currently in private beta and will be generally available in July.
Read Full Article
7 Likes
TechDigest
4w
8
Image Credit: TechDigest
UK public sector IT leaders braced for cyber attacks – phishing biggest threat
- 60% of UK public sector IT leaders believe a cyber attack is inevitable, according to Trend Micro.
- Phishing is perceived as the top threat by 60% of respondents, followed by ransomware at 41%.
- Internal vulnerabilities include a lack of proactive threat hunting, with 31% of leaders admitting exposure.
- 24% estimate a one to three-day delay in identifying ransomware attacks, showing a reactive defense posture.
- Time constraints hinder strategic planning, with 49% overwhelmed by immediate challenges.
- 42% note the absence of a cybersecurity-first culture within their workforce.
- Employee behaviors such as bypassing security protocols (47%) and human errors (39%) are concerns.
- Jonathan Lee from Trend Micro warns of the public sector being a prime cybercrime target.
- 38% of IT leaders plan to adopt advanced technologies, like Generative AI, by 2027 to enhance threat detection.
- The public sector is urged to fortify defenses as traditional methods may not suffice against sophisticated attacks.
Read Full Article
Like
Socprime
4w
151
Image Credit: Socprime
Sigma-to-MDE Query Conversion: DNS Detection for Katz Stealer via Uncoder AI
- Uncoder AI converts Sigma detection rules for DNS queries related to Katz Stealer malware to Microsoft Defender for Endpoint (MDE) Advanced Hunting queries.
- Sigma rule is designed to detect DNS queries to malicious domains like katz-panel.com and katzstealer.com, utilizing the dns_query category under windows logs.
- MDE query filters DNS inspection events, dynamically extracts domain names, and matches them against known IOC list.
- The conversion helps in streamlining detection rule translation between platforms, maintaining detection logic and field mappings.
- This innovation enables deploying Sigma rules in MDE environments without manual KQL coding, enhancing threat detection capabilities.
- Automating the translation process improves threat detection efficiency, accelerates detection engineering cycles, and ensures correctness in syntax and semantics.
- The feature enhances the reuse and portability of threat detection content in SOC workflows.
- Overall, Uncoder AI plays a crucial role in bridging the gap between Sigma and MDE query languages, facilitating efficient threat detection.
- This post was originally published on SOC Prime, showcasing the significance of Sigma-to-MDE query conversion for detecting Katz Stealer via Uncoder AI.
Read Full Article
9 Likes
Socprime
4w
387
Image Credit: Socprime
Detect DNS Threats in Google SecOps: Katz Stealer Rule Conversion with Uncoder AI
- Google SecOps now offers the capability to convert Sigma rules into UDM to detect DNS threats like Katz Stealer.
- The original Sigma rule is designed to identify DNS queries related to known Katz Stealer domains.
- The left panel displays the Sigma rule logic with detection conditions for specific Katz Stealer domains.
- Uncoder AI generates an equivalent UDM query in the right panel, making it platform-specific for Google SecOps.
- The AI tool automates the conversion process, adapting syntax and regex rules for efficient threat detection.
- This innovation eliminates the manual rewriting of detection content for different platforms, enhancing scalability.
- Key benefits for SOC teams include time savings, improved threat coverage, and consistent translation accuracy.
- Security professionals can quickly deploy DNS-based detections for Katz Stealer in Google environments using this feature.
- The approach ensures precision, consistency, and extensibility of detection capabilities across platforms.
- Security teams can effectively leverage open-source detection content by converting it into actionable UDM queries.
- The feature enhances response times and boosts visibility within Google SecOps deployments.
- The post emphasizes the benefits of utilizing Uncoder AI in detecting and converting DNS threats in Google SecOps.
- Uncoder AI simplifies threat detection by automatically transforming Sigma rules into UDM queries.
- The tool ensures the preservation of detection intent while streamlining the process for security professionals.
- Overall, the integration of Uncoder AI in Google SecOps offers a more efficient and effective solution for detecting DNS threats like Katz Stealer.
Read Full Article
23 Likes
Silicon
4w
57
Image Credit: Silicon
WhatsApp Supports Apple In Legal Battle With UK Government
- WhatsApp's head, Will Cathcart, supports Apple in its legal battle with the UK government, citing the danger of setting a precedent that could embolden other nations to seek to break encryption.
- The UK government issued a Technical Capability Notice (TCN) to Apple in February 2025, requesting a backdoor to access encrypted iCloud data worldwide, which raised privacy and security concerns.
- US lawmakers requested the UK to retract its order, and US intelligence agencies are investigating the UK order.
- Apple withdrew its Advanced Data Protection iCloud feature in the UK, which allows users to secure their data with end-to-end encryption.
- Apple appealed the government's order, and the case was heard behind closed doors in March.
- The Investigatory Powers Tribunal in April refused the government's request to keep the case details secret.
- WhatsApp supports Apple and is willing to challenge any law or government request that weakens encryption.
- The UK Home Office stated that its surveillance powers are only used for serious crimes and with necessary oversight.
- Tech firms, including WhatsApp, have been vocal critics of the Investigatory Powers Act, warning against encryption backdoors.
- In 2023, WhatsApp's Cathcart criticized the UK's Online Safety Act, stating that the company would not remove end-to-end encryption.
- Rival messaging app Signal also expressed concerns about potential requirements to scan messages in the UK.
Read Full Article
3 Likes
Socprime
4w
35
Image Credit: Socprime
Cross-Platform Rule Translation: From Sigma to CrowdStrike with Uncoder AI
- Uncoder AI automates the translation of detection rules from Sigma format to CrowdStrike Endpoint Search syntax.
- It converts Sigma rules describing techniques like downloading malicious DLLs via HTTP(S) to CrowdStrike-specific logic.
- The translation maintains behavioral logic and uses CrowdStrike query syntax effectively.
- Manual rule conversion between platforms is time-consuming, error-prone, and requires extensive knowledge, unlike Uncoder AI's automated process.
- AI normalization includes converting YAML fields to CrowdStrike-compatible fields and preserving regex-style path matching.
- Uncoder AI's efficiency reduces the deployment time from hours to seconds.
- The AI respects each platform's query constraints, aligning with the original detection behavior.
- This feature benefits detection engineers and SOC teams by promoting content reuse across different security stacks.
- It ensures detection quality with semantic-aware translation and enhances threat coverage without duplicating work per platform.
- Junior analysts benefit from a lower learning curve when unfamiliar with CrowdStrike's syntax.
- Uncoder AI enables organizations to implement Sigma content seamlessly in CrowdStrike environments.
- The innovation assists in countering adversarial techniques like Deno-based remote execution.
- The article highlights the advantages of using Uncoder AI for automated rule translation.
- The feature is valuable for improving operational efficiency and enhancing security detection capabilities.
- Uncoder AI bridges the gap between Sigma rules and CrowdStrike syntax, facilitating smoother integration.
- The platform ensures quick adoption of detection rules in diverse security environments.
- The post is informative about the benefits of leveraging AI for cross-platform rule translation.
Read Full Article
2 Likes
Tech Radar
4w
311
Image Credit: Tech Radar
Watch out - that DeepSeek installer could be damaging malware
- Kaspersky identifies a fake DeepSeek app used as a lure in a malware distribution campaign.
- The spoofed DeepSeek-R1 website offered legitimate tools bundled with a malware called BrowserVenom.
- BrowserVenom configures web browsers to direct data through attacker-controlled servers, potentially exposing sensitive information.
- The site promoting the malware was advertised via Google Ads and targeted Windows users primarily.
- Windows users accessing the site had to pass a CAPTCHA to download the malware.
- BrowserVenom bypasses Windows Defender's protections with a special algorithm.
- Most victims were found in countries like Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt.
- Kaspersky warned of cybercriminals distributing malicious software disguised as popular AI tools.
- The security researcher emphasized the need for precautions when downloading open-source AI tools from unverified sources.
Read Full Article
18 Likes
For uninterrupted reading, download the app