Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Socprime

376

Image Credit: Socprime

New Cyber-Espionage Campaign Detection: Suspected China-Backed Actors Target High-Profile Organizations in Southeast Asia

A recently uncovered cyber-espionage campaign has been targeting high-profile organizations in Southeast Asia since October 2023, with suspected China-linked hackers believed to be responsible.
The campaign primarily aims to collect intelligence and has targeted government ministries, an air traffic control organization, a telecom company, and a media outlet.
Attackers use a mix of open-source and living-off-the-land tools, including a remote access tool that exploits Impacket and various malicious software associated with Chinese APT groups.
The attackers maintain persistent access to compromised networks, gathering passwords and exfiltrating valuable data.

Read Full Article

22 Likes

Cybersecurity-Insiders

305

Image Credit: Cybersecurity-Insiders

DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet

DMD Diamond launches the open beta for the v4 blockchain.
The v4 blockchain features advanced functionality and the Honey Badger Byzantine Fault Tolerance (HBBFT) consensus mechanism.
Developers and enthusiasts are invited to participate in testing and contribute to the project's future through DAO.
DMD Diamond is a decentralized blockchain project focused on community-driven governance and technological innovation.

Read Full Article

18 Likes

Securityintelligence

190

Image Credit: Securityintelligence

On holiday: Most important policies for reduced staff

December is prime time for cyberattacks and data leaks, especially in the United States, where organizations and employees are in holiday-season mode between Thanksgiving and New Year’s.
Threat actors know this and see this period as prime time to launch an attack.
Of the 18 cybersecurity professionals approached, only two shut down operations completely, while several reduced the number of staff working or were more flexible with providing time off.
Keeping cybersecurity standards at normal levels is vital for all of the organizations.
Several respondents stressed that cybersecurity standards have to be kept at normal levels, often through increased automation in threat detection or enhanced monitoring.
Half the organizations freeze updates and patches, six change their incident response plan and elevate their alert protocols and four limit account access.
'The attacker was trying to encrypt critical data, which required immediate action from the response team. Due to proactive measures and rapid response from our offshore team, we managed to control the attack surface.'
The common thread with these stories is that each security professional had either a plan in place that resulted in minimal damage or was able to use the incident to prevent problems in the future.
To learn how IBM X-Force can help you with anything regarding cybersecurity including incident response, threat intelligence, or offensive security services schedule a meeting here.
If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

Read Full Article

11 Likes

Tech Radar

Image Credit: Tech Radar

Top Mexican fintech firm leaks details on 1.6 million customers

A Mexican fintech startup, Kapital, has been found holding a large database full of sensitive customer data open on the internet.
The database contained sensitive data on 1.6 million Mexicans, including voter IDs and selfies.
The data can be used for wire fraud, identity theft, and other money-related crimes.
Despite being notified, Kapital has not closed the database, leaving it vulnerable to exploitation.

Read Full Article

3 Likes

Discover more

Socprime

421

Image Credit: Socprime

Designing Index Structure for Large Volumes of Data in Elasticsearch

Elasticsearch requires careful index structure design for optimal performance with large datasets.
Key considerations include understanding data volume, retention, and query patterns.
Optimizing index and shard size is crucial to avoid resource wastage or scalability limitations.
Implementing roll-over for time-based data enables efficient management and cleanup.

Read Full Article

25 Likes

Securityaffairs

203

Image Credit: Securityaffairs

Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities

An alleged China-linked APT group targeted large business-to-business IT service providers in Southern Europe as part of Operation Digital Eye campaign.
The attack campaign, known as Operation Digital Eye, lasted for approximately three weeks from late June to mid-July 2024.
The attackers utilized Visual Studio Code and Microsoft Azure for command-and-control operations in an attempt to avoid detection.
The campaign highlights the increasing sophistication of China-linked APT threats and their use of innovative strategies to orchestrate complex and hard-to-detect attacks.

Read Full Article

12 Likes

Dev

Image Credit: Dev

Federated Learning: The Future of Privacy-Preserving Machine Learning

Federated Learning is a decentralized approach to machine learning that allows models to be trained across multiple devices.
Federated learning addresses concerns around privacy, data security, and regulatory compliance.
It enhances privacy by keeping raw data on users' devices, minimizing the risk of data breaches.
Federated learning reduces data transfer costs and enables personalized machine learning models without compromising privacy.

Read Full Article

2 Likes

Socprime

359

Image Credit: Socprime

How to prevent BufferOverflowError

To prevent BufferOverflowError when getting logs from Kafka/in_tail and facing connection issues to OpenSearch/ElasticSearch, you can customize Fluentd buffer in the output.
Set flush_mode to 'interval', flush_interval to a custom time, and overflow_action to 'block' to handle buffer overflow.
Configure retry_max_interval to set the maximum interval for retries and retry_randomize to false for a randomized interval.
For buffering, set chunk_limit_size to a specified value in megabytes to control the size of each chunk.

Read Full Article

21 Likes

Eletimes

151

Image Credit: Eletimes

Harnessing Computer-on-Modules for Streamlined IT/OT Convergence and Enhanced Cybersecurity

IT/OT convergence brings physical (OT) equipment and devices into the digital (IT) world by using the Industrial Internet of Things (IIoT) and big data analytics for higher productivity and efficiency.
aReady.COM, congatec's application-ready offering around computer-on-modules (COMs), provides the perfect building blocks for out-of-the box IT/OT convergence, reducing complexity by seamlessly integrating hardware and software for enhanced performance and flexibility.
With the Cyber Resilience Act, the exposure to cyber threats from OT and IT systems escalates. OEMs must comply with these regulations before entering the EU market, to safeguard against potential risks by secure software updates.
The software should enable remote monitoring of embedded systems with security protocols, sensor and actuator integration, control logic, lifecycle management, and historical data. It should also provide connectivity to prevalent cloud services like AWS, with options for establishing or integrating private on-premises clouds to protect critical business data.
aReady.VT for system consolidation and aReady.IOT for IIoT connection can address the needs for software in IT/OT convergence. aReady.VT enables designers to consolidate multiple systems on one single hardware platform, shortening time-to-market and optimizing overall system functionality. aReady.IOT allows developers to remotely access device information, including serial numbers, software versions, voltages, and temperatures.
The technology that underpins aReady.IOT is built upon the solid foundation established by Arendar, a company that congatec acquired in 2023. Moreover, asembled platform and distributed software building blocks provide reliable real-time machine capabilities, data processing, and optimized maintenance with minimal on-site service.
congatec offers aReady.VT and aReady.IOT in an application-ready or custom-configured package that integrates a pre-configured hypervisor, operating system, and IIoT software, streamlining workflows, supply chain, and warehousing.
The implementation of IT/OT convergence will bring significant efficiencies through cost savings and enhanced reliability.
The emergence of Industry 4.0 and IIoT technology has emphasised the importance of IT/OT convergence, enabling innovation in the core of business operations and becoming essential for organizational success.
By reducing the number of systems, embedded computing applications can achieve significant size, weight, power consumption, and cost savings, optimizing production processes, increasing efficiency, and reducing costs.

Read Full Article

9 Likes

Tech Radar

141

Image Credit: Tech Radar

Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks

The US Treasury Dept. is bringing sanctions against a Chinese cybersecurity firm and one of its employees
The employee is allegedly responsible for over 80,000 Sophos firewall breaches
Many of the targets were part of US critical infrastructure
Sanctions include seizure of US property/assets and blocking entities owned by the firm

Read Full Article

8 Likes

Socprime

115

Image Credit: Socprime

Adaptive Replica Selection in OpenSearch

Adaptive replica selection is a mechanism designed to improve query response times and alleviate strain on overloaded OpenSearch nodes.
It ensures that nodes experiencing delays due to issues like hardware, network, or configuration problems do not slow down the overall query process.
Enabling adaptive replica selection prioritizes nodes with better response times and avoids sending shard requests to struggling nodes unless no other replicas are available.
This feature is enabled by default in OpenSearch, but can also be manually activated using the provided API request.

Read Full Article

6 Likes

Global Fintech Series

221

Image Credit: Global Fintech Series

Safe AI Strategy for Community Financial Institutions: Turning Concepts into Action

The challenge isn’t just about adopting new technology; it’s about harnessing AI’s potential while preserving the very qualities that make CFIs indispensable to their communities.
CFIs integrate AI into their workflows, aligning AI solutions with ethical use, transparency, and security.
Before implementing AI in CFIs, it’s crucial to recognize the risks it brings. These risks span content moderation, bias, ethics, and legal compliance.
Governance, Compliance, and Ethical Stewardship: Establish a strong governance framework to ensure AI systems adhere to financial regulations, maintain ethical standards, and prioritize transparency and accountability in decision-making.
Member Equity, Inclusion, and Bias Prevention: Develop AI systems that promote fairness, inclusivity, and equitable treatment for all members, while preventing biases that could impact diverse groups.
Privacy, Security, and Member Data Protection: Embed strong privacy and security measures into AI systems to safeguard member data, prevent breaches, and safeguard compliance with financial data protection regulations such as GLBA, CCPA, and GDPR.
Transparency, Explainability, and Member Empowerment: Ensure AI operations are transparent and understandable, giving members and staff tools to effectively manage AI interactions.
Continuous Improvement, Monitoring, and Risk Management: Continuously monitor, update, and adapt AI systems and regulations, while proactively managing risks to maintain financial stability.
Successfully implementing AI in Credit Financial Institutions (CFIs) requires more than just a technical solution. It demands a comprehensive, strategic approach that aligns with ethical standards, regulatory requirements, and the mission of serving members fairly.
As we navigate the AI landscape, it’s clear that the future of CFIs doesn’t lie in blindly adopting technology or following industry buzzwords. Instead, success will come from a thoughtful, strategic approach that prioritizes member needs, ethical considerations, and the unique position of community financial institutions.

Read Full Article

13 Likes

Tech Radar

412

Image Credit: Tech Radar

Top file-sharing tools are being hit by security attacks once again

Security researchers Huntress uncover flaw in LexiCom, VLTransfer, and Harmony tools.
Flaw was patched, but the patch did not work effectively.
Hackers are exploiting the vulnerability possibly to steal data.
24 compromised businesses identified, with many others at risk.

Read Full Article

24 Likes

Securityaffairs

257

Image Credit: Securityaffairs

Chinese national charged for hacking thousands of Sophos firewalls

The US has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020.
Tianfeng worked at Sichuan Silence Information Technology Co., faces charges for developing and testing a zero-day exploit used to compromise approximately 81,000 firewalls.
The man and co-conspirators exploited a zero-day vulnerability, tracked as CVE-2020-12271, in Sophos firewalls to deploy malware.
At the end of April 2020, cybersecurity firm Sophos released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.
The hackers exploited the SQL injection flaw to download malicious code on the device that was designed to steal files from the XG Firewall.
Hackers exploited the issue to install the Asnarök Trojan that allowed the attackers to steal files from the XG Firewall and use the stolen info to compromise the network remotely.
The Trojan could steal sensitive data including usernames and hashed passwords for the firewall device admin, and user accounts used for remote access.
Sophos published a series of reports named ‘Pacific Rim‘ that includes details about the operations conducted by Chinese hackers against network devices of different vendors worldwide for over 5 years.
Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access.
The U.S. Treasury’s OFAC has sanctioned Sichuan Silence Information Technology Co. Ltd. and its employee Guan Tianfeng for hacking U.S. critical infrastructure companies.

Read Full Article

15 Likes

Insider

Image Credit: Insider

How much do health insurance companies spend on executive security? It might be less than you think.

Health insurance companies appear to spend less on executive protection compared to high-profile CEOs like Mark Zuckerberg or Elon Musk.
The death of UnitedHealthcare CEO, Brian Thompson, highlights that even executives who aren't as high-profile or famous as others may not always have bodyguards with them.
The amount companies pay for executive security varies widely, with some CEOs known for having multimillion-dollar security packages while some have more modest protection services worth hundreds of thousands of dollars.
Walmart CEO Doug McMillon and McDonald's CEO Chris Kempczinski, for example, appear to have individual security expenses of less than $25,000 for 2023, according to company filings.
Typically, company-paid security costs are disclosed in annual corporate filings called proxy statements, and include a breakdown of the salary, benefits, bonuses, and other perks provided for top executives' total compensation packages.
UnitedHealth Group appear to allocate less expense on executive protection as some of the Big Tech giants, and don't specify any personal security cost for CEO, Brian Thompson, in last year's filings.
Other insurance companies, including CVS (owner of Aetna), Cigna, Humana, and Elevance (owner of Anthem), also do not specify personal security costs in their proxy statements, while Kaiser Permanente is a nonprofit and not subject to the same reporting requirements.
Different executives may have their own personal preference for the level of security they require, which is very much driven on the executives' preference.
Elon Musk, the world's wealthiest person, has spoken out about personal security concerns in recent years and has more than one bodyguard in his security team.
Executives at health insurance companies, who may not be as recognizable as someone like Musk or Zuckerberg, may consider reviewing executive protection costs following Thompson's death.

Read Full Article

4 Likes

For uninterrupted reading, download the app