A naukri.com initiative
Cyber Security News
Siliconangle
3w
4
Image Credit: Siliconangle
SplxAI gets $7M to block prompt injection attacks on AI agents with automated red teaming
- SplxAI Inc. secures $7 million in seed funding led by LAUNCHub Ventures and other backers to enhance security for AI agents.
- AI agents like ChatGPT are expected to revolutionize enterprise work, but they present a significant security risk due to underlying vulnerabilities.
- SplxAI aims to strengthen agentic AI security through automated red teaming to simulate and combat prompt injection attacks.
- The startup's platform continuously updates attack methods to detect and fix vulnerabilities in AI agents proactively.
- SplxAI's approach is more cost-effective and efficient compared to manual AI security testing or outsourcing this task.
- The company emphasizes the importance of continuous and automated testing to uncover security threats in agentic AI workflows.
- SplxAI has onboarded clients like KPMG LLP, Infobip Ltd., and Glean Technologies Inc., showing significant revenue growth and expanding its reach.
- Rain Capital's Managing General Partner believes SplxAI can play a crucial role in securing autonomous systems amidst the growing demand for generative AI.
- The startup has open-sourced Agentic Radar to enhance security by mapping dependencies in agentic AI components.
- Analysts highlight the importance of rigorous security measures for AI agents, praising SplxAI's expertise and technology in this space.
Read Full Article
Like
Hackernoon
3w
96
Image Credit: Hackernoon
The 6 Challenges You're Likely to Face Building Your Crypto Exchange
- Building a crypto exchange involves facing numerous challenges specific to the industry, such as security risks due to irreversible transactions and constant threats of hacking incidents.
- Crypto projects must prioritize security from the foundation, considering factors like key control, multisignature withdrawals, and response plans.
- Team building is a challenge in crypto due to the scarcity of experts, requiring proactive recruitment approaches and high salaries to attract top talent.
- Launching an MVP in crypto is complex, as core components like matching engines and trading terminals must be in place from the start.
- AML compliance is crucial for any crypto project involving asset exchange to prevent money laundering and ensure legitimacy.
- Catching the right trend in the crypto market is crucial for success, as trends like ICOs, DeFi, NFTs, and meme coins significantly impact user engagement.
- Understanding market trends, regulations, and liquidity management are vital aspects for the sustainable growth of a crypto project.
- Regulations are becoming stricter in the crypto industry, necessitating early consideration of legal requirements to operate internationally and comply with local laws.
- Liquidity is essential for exchanges and swap services, requiring strategies like market makers and partnerships with larger exchanges to ensure a functional platform.
- In the crypto industry, overlooking crucial areas like security, liquidity, and compliance can lead to catastrophic failures, emphasizing the importance of a solid strategy from the outset.
Read Full Article
5 Likes
Eu-Startups
3w
224
Sateliot’s space leap: €70 million to connect the planet with 5G-IoT from orbit
- Barcelona-based SpaceTech company Sateliot has closed its Series B round at €70 million to deploy a constellation of more than 100 satellites to provide global connectivity services.
- Sateliot aims to become the first 5G-IoT telecommunications operator from space, delivering NB-IoT connectivity to extend mobile telecom coverage to 100% of the planet.
- The investment will be used to provide global connectivity services, especially in remote areas, for defense, cybersecurity, telecommunications, logistics, mining, energy, environment, agriculture, and critical infrastructures.
- Sateliot has already launched six satellites and has contracts worth €270 million with over 400 customers in 50 countries, with a goal of achieving a turnover of €1 billion by 2030.
Read Full Article
13 Likes
Tech Radar
3w
35
Image Credit: Tech Radar
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
- Troy Hunt, owner of HaveIBeenPwned, fell victim to a phishing attack.
- Approximately 16,000 credentials were compromised in the attack.
- Hunt was emailed a well-crafted phishing notification, leading to the compromise.
- HaveIBeenPwned will be updated with the exposed details and affected customers will be notified.
Read Full Article
2 Likes
Tech Radar
3w
180
Image Credit: Tech Radar
Cl0p resurgence drives ransomware attacks to new highs in 2025
- Ransomware attacks have reached their highest in February 2025, with 980 attacks occurring in just 28 days.
- The Cl0p ransomware group has been highly active in Q1 of 2025 and is responsible for 385 attacks in the first few weeks.
- The surge in ransomware attacks is attributed to various factors, including the rise of ransomware-as-a-service (RaaS), zero-day vulnerabilities, and unpatched systems.
- To mitigate the threat of ransomware, organizations are advised to deploy multi-layered cybersecurity strategies, regular data backups, multi-factor authentication, and cybersecurity training for employees.
Read Full Article
10 Likes
Hackernoon
3w
427
Image Credit: Hackernoon
You Can Run These 16 LLMs Locally, No Questions Asked
- The article highlights 16 tools for running Local Language Models (LLMs) with a focus on privacy and support.
- It categorizes LLMs, SLMs, and LMMs based on their parameter sizes and multi-modal capabilities.
- Tools like H2O LLM Studio, LM Studio, and Ollama provide user-friendly GUIs for local LLM deployment.
- GPT4All and LocalAI offer open-source solutions for running powerful LLMs on consumer-grade hardware.
- Various tools such as Jan, text-generation-webui, and PrivateGPT cater to different user needs for local LLM serving.
- Innovative tools like WebLLM enable running LLMs directly in web browsers for privacy and offline use.
- References to tools like Hugging Face Transformers and Hugging Face App Market (Spaces) showcase foundational resources in the LLM space.
- Each tool discussed in the article comes with detailed descriptions and links for further exploration and adoption.
- With a focus on data privacy and local deployment, these tools empower users to utilize LLMs securely without external data transfer.
- The article concludes by emphasizing the transformative potential of Generative AI and the importance of selecting the right tool for impactful research.
Read Full Article
25 Likes
Ghacks
3w
167
Image Credit: Ghacks
FBI Issues new alert over phishing SMS scam targeting highway toll customers
- The U.S. Federal Bureau of Investigation (FBI) has issued a warning about smishing attacks, a form of phishing conducted via SMS messages.
- Scammers impersonate legitimate organizations and send unsolicited texts claiming recipients owe money for unpaid road tolls.
- Victims are directed to fraudulent websites to enter personal and financial details or make payments.
- The FBI advises caution, including not clicking on links, verifying authenticity, reporting suspicious messages, and deleting them after reporting.
Read Full Article
10 Likes
Lastwatchdog
3w
216
GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority
- The article emphasizes the critical importance of real-time business continuity in the face of cybersecurity threats, using scenarios of hospital disruptions and canceled flights as examples.
- It highlights the immediate and devastating consequences of major incidents on essential industries such as healthcare, airlines, and financial institutions.
- The existing approach to cyber resilience and business continuity is deemed flawed, emphasizing the need for proactive and instantaneous solutions to minimize downtime and ensure operational stability.
- The article calls for a shift towards next-generation business continuity solutions that prioritize real-world continuity for frontline workers and enable seamless operations even during cyber incidents.
- It argues for the implementation of real-time, cloud-integrated disaster recovery systems that are always live and independent of compromised infrastructure, offering instant access and automatic data syncing.
- The technology necessary to achieve this level of resilience already exists, and the essayist advocates for organizations to embrace a future of uninterrupted and people-centric business continuity.
- Chao Cheng-Shorland, the essayist, stresses the importance of prioritizing resilience to prevent operational paralysis in critical industries and redefine cyber resilience standards.
- The article concludes by urging organizations to adopt a new standard of continuity that ensures real-time response to cyber incidents, safeguarding operations and essential services effectively.
- The vision presented is one where hospitals, airlines, and financial institutions can function seamlessly even during cyber disruptions, ultimately moving past the era of delayed recovery and operational crises.
- In conclusion, the essay emphasizes the need for a paradigm shift towards business continuity solutions that are resilient, real-time, and catered to the needs of frontline workers in critical industries.
Read Full Article
12 Likes
Dev
3w
295
Image Credit: Dev
SafeLine WAF: Website Inaccessible After Configuration
- The SafeLine WAF website is inaccessible after configuration.
- Possible reasons for inaccessibility include incorrect site configuration, network issues, access blockage, conflicting configurations, and SafeLine service issues.
- To diagnose website inaccessibility, users are advised to check error codes, test client access to SafeLine, test SafeLine's local network access, test internal connectivity of SafeLine, verify SafeLine is listening on the correct port, and test SafeLine's connection to the upstream server.
- If the issue persists, users can seek support by providing error messages, SafeLine logs, and output of the diagnostic commands.
Read Full Article
17 Likes
Cybersecurity-Insiders
3w
13
Image Credit: Cybersecurity-Insiders
Safeguarding Data for the Quantum Era
- Quantum computing poses a significant risk to modern encryption methods, potentially exposing sensitive data to malicious actors.
- The development of quantum computers threatens current encryption protocols that rely on computational complexity.
- Quantum-safe encryption strategies are urgently needed to protect against future quantum threats.
- Quantum Key Distribution, Quantum-Safe Encryption, and Post-Quantum Cryptography are key approaches to safeguarding data against quantum attacks.
- Global efforts are underway to standardize quantum-safe encryption through initiatives like the NIST Post-Quantum Cryptography Standardization project.
- Despite challenges like interoperability and performance impact, organizations must transition to quantum-safe encryption to ensure data security.
- Investing in quantum-safe solutions now can future-proof cryptographic infrastructure and mitigate risks associated with quantum computing advancements.
- As quantum computing evolves, a collective commitment to quantum-safe encryption practices is essential for securing sensitive information.
- Fortinet, a leading cybersecurity company, advocates for the adoption of quantum-safe encryption to enhance data security in the quantum era.
- Fortinet offers a broad range of cybersecurity solutions and collaborates with various organizations to strengthen cyber resilience globally.
Read Full Article
Like
Medium
3w
119
Comparing Top Password Managers: Which One Stands Out:
- True Key, developed by McAfee, provides basic password management functionalities but lacks some advanced features. It has a user-friendly interface and an affordable premium tier.
- 1Password is known for its robust security features, zero-knowledge encryption, and user-friendly design. It supports multiple platforms but has subscription-based pricing.
- NordPass, developed by the team behind NordVPN, offers secure password management with a user-friendly interface. It uses zero-knowledge architecture and works on multiple platforms.
- Keeper is a comprehensive password manager with strong security features, including zero-knowledge encryption and dark web monitoring. It offers secure file storage but has premium pricing.
Read Full Article
7 Likes
Pymnts
3w
163
Image Credit: Pymnts
Future of Bank Security Is Being Written by Ethical Hackers
- Banks are evolving their security postures to keep up with digital transformation and the ever-changing attack surface.
- Traditional pen testing is being replaced by adaptive resilience and intelligent models that combine AI with ethical hacking.
- Strike 360, an AI-driven platform, is automating the pen test process, increasing speed and precision.
- In the future, the majority of companies will rely on automated testing, with hybrid models only for critical assets.
Read Full Article
9 Likes
Cybersecurity-Insiders
3w
177
Image Credit: Cybersecurity-Insiders
Quantum-Proofing Enterprise Security: The Clock is Ticking
- Quantum computing could revolutionize various sectors but also poses a threat to current cryptography systems.
- Asymmetric cryptography is at risk from quantum attacks, highlighting the need to shift to post-quantum cryptography (PQC).
- Gartner predicts that by 2029, current encryption will be unsafe due to quantum advancements.
- Tech leaders need to prepare for quantum threats as cybercriminals plan to decrypt data in the future.
- Organizations must integrate quantum-resistant algorithms and develop transition plans.
- Steps include auditing cryptographic assets, building crypto-agility, and leveraging NIST resources.
- Assessing the supply chain, making communication quantum-safe, and prioritizing PQC transition are vital.
- NetSfere offers a post-quantum crypto-agile platform for secure communication in the quantum era.
- Preparing for quantum threats is crucial for business resilience and data safeguarding.
- Adopting quantum-resistant technologies is deemed a strategic necessity for business survival.
Read Full Article
10 Likes
Siliconangle
3w
26
Image Credit: Siliconangle
Strike raises $13.5M to expand its AI-driven continuous penetration testing platform
- Continuous penetration testing startup Strike LLC has raised $13.5 million in funding to expand its AI-driven platform.
- The funding will be used to scale up in the U.S. and Brazil and launch Strike360, an AI-powered pentesting engine.
- Strike connects ethical hackers with companies to deliver AI-powered continuous penetration testing, helping to identify and remediate security vulnerabilities proactively.
- The company's platform features automated retesting, real-time reporting, and compliance automation, enhancing security detection and reporting.
Read Full Article
1 Like
Nordicapis
3w
198
Image Credit: Nordicapis
Why Data Sovereignty Matters More Than Ever
- Data sovereignty has become more crucial in governing data according to the region where it is collected or stored, irrespective of its physical location.
- This concept enforces legal jurisdiction and protection over data and has gained prominence due to increased scrutiny on cross-border data transfers.
- Europe, through the GDPR, has been a pioneer in data protection regulations, setting standards for cross-border data transfers and data governance.
- The US lacks a federal-level data protection framework, leading to fragmented approaches at the state level, posing challenges for international data transfers.
- China has stringent data security policies, requiring data localization and restricting data transfer from China to foreign entities.
- Geopolitical tensions and privacy concerns have driven a shift towards digital nationalism and regional ownership of data, impacting user trust and data governance.
- API development has been influenced by the need to comply with regional data sovereignty regulations, leading to more localized and stringent access controls.
- The future of data sovereignty and API development involves decentralized architectures, compliance with regulatory requirements, and increased emphasis on data localization.
- The movement towards higher data sovereignty presents both opportunities and challenges, requiring industry dialogue on user protection versus business interests.
- As the digital landscape evolves, discussions on prioritizing user protection amid regulatory complexities will shape the future of data governance and API frameworks.
- The evolving data sovereignty landscape signals a more complex and regionally focused internet ecosystem, emphasizing the importance of compliance and localization.
Read Full Article
11 Likes
For uninterrupted reading, download the app