A naukri.com initiative
Cyber Security News
Insider
3w
44
Image Credit: Insider
Ex-Meta VP is raising back-to-back mega funding rounds from the same investors who made a fortune when Google bought Wiz
- Roi Tiger, a former vice president of engineering at Meta, is raising $55 million in a Series A funding round for a new cybersecurity startup.
- The round is set to be led by Greenoaks and is expected to value the company at hundreds of millions of dollars.
- Tiger recently raised $20 million in seed funding from investors including Sequoia, Index Ventures, and Cyberstarts.
- The funding comes after Alphabet announced the acquisition of Wiz for $32 billion, increasing investor interest in Israeli cybersecurity startups.
Read Full Article
2 Likes
Wired
3w
172
Image Credit: Wired
How to Delete Your Data From 23andMe
- Genetic testing company 23andMe has filed for Chapter 11 bankruptcy protection, prompting concerns about the security of customers' genetic data.
- Consumers, especially in California and Washington, have legal rights to request the deletion of their data from 23andMe.
- With the company facing uncertainty, customers are advised to download their genetic information and request data deletion promptly.
- Deleting genetic data from 23andMe's website involves accessing Settings, viewing data, and selecting the option to permanently delete it.
- Customers can also request the destruction of the biological sample used for DNA extraction if previously authorized.
- Opting in or out of research participation can be done by updating consent settings, affecting future use of personal data by 23andMe.
- 23andMe's struggle with profitability, declining demand for testing kits, and data privacy issues have influenced its turbulent financial situation.
- Despite the bankruptcy filing, 23andMe vows to maintain its current data protection practices during the sale process.
- Customers are advised to be vigilant about their data privacy and to monitor the situation closely as 23andMe undergoes changes.
- The future ownership of 23andMe will determine the fate of customer data and the company's mission going forward.
Read Full Article
10 Likes
Dev
3w
194
Image Credit: Dev
What Hogwarts Can Teach Us About Security
- Identity and Access Management (IAM) is like Hogwarts' security system, ensuring only authorized access to specific areas and information.
- IAM consists of authentication, authorization, single sign-on (SSO), and activity tracking.
- Authentication is similar to proving one's identity, while authorization determines access permissions.
- IAM enhances security, prevents unauthorized access, improves user experience, and supports compliance.
Read Full Article
11 Likes
Dev
3w
380
Image Credit: Dev
The logic of Value
- Adversary profiling is crucial for optimizing defense strategies through the logic of Value, focusing on attacker profiles and the attractiveness of the business to attackers.
- The logic of Value helps in differentiating threats, understanding the hierarchy within the attack surface, and evaluating likelihoods in relation to intent, sensitivity, and impact.
- Understanding potential financial gain guides the security of resources in layers of priority, considering factors like industry, sector, skills, tools, and attacker techniques.
- Each organization faces a unique combination of data, systems, and processes that may attract different attackers, emphasizing the importance of recognizing exploitation paths and protecting critical assets.
- Companies vary in exposure to attacks based on their context, with different values to attackers depending on industry, data handled, and relationships maintained.
- Not every attack aims for financial data but may target reputation, impacting market perception, customer trust, and legal implications, with extortion often used as a technique for economic gain.
- Prioritizing threats based on the logic of Value shifts focus to real threats, predictive attack patterns, and custom defense strategies tailored to the organization's unique needs.
- Understanding probable and frequent attacks, targeted areas, common threats, and potential system exploitations helps in staying ahead of adversaries, enhancing defense efficiency, and securing systems effectively.
- Through a customized threat awareness framework, organizations can leverage time as a strategic advantage, strengthening weaknesses, and maintaining a proactive security stance.
Read Full Article
22 Likes
VentureBeat
3w
318
Image Credit: VentureBeat
DeepSeek-V3 now runs at 20 tokens per second on Mac Studio, and that’s a nightmare for OpenAI
- Chinese AI startup DeepSeek has released a new large language model, DeepSeek-V3-0324, under an MIT license allowing commercial use.
- The model can run on Apple's Mac Studio with M3 Ultra chip, achieving over 20 tokens per second.
- DeepSeek's launch lacked typical fanfare, with no whitepaper or marketing, but the model has shown improvements over its predecessor.
- DeepSeek-V3-0324 operates with a MoE architecture, activating only 37 billion out of its 685 billion parameters for specific tasks, enhancing efficiency.
- The new model incorporates MLA and MTP technologies, boosting output speed by nearly 80%.
- With a 4-bit quantized version offering reduced storage footprint, it can run on high-end consumer hardware, challenging traditional AI infrastructure.
- Chinese AI companies like DeepSeek opt for open-source licensing, contrasting with Western companies keeping models behind paywalls.
- This strategy enables rapid transformation and AI innovation in China, with tech giants like Baidu, Alibaba, and Tencent also embracing open-source models.
- DeepSeek-R2, an advanced reasoning model, is anticipated to build upon DeepSeek-V3-0324, potentially competing with models like GPT-5 from OpenAI.
- By democratizing access to AI technology through open-source models, DeepSeek is reshaping the future of AI development and adoption globally.
- DeepSeek's approach reflects a broader trend towards making AI more accessible and empowering a wider range of developers and researchers in the field.
Read Full Article
19 Likes
Mcafee
3w
424
Image Credit: Mcafee
How to Delete Your Data from 23andMe and Protect Your Privacy
- The collapse of genetic testing giant 23andMe has raised serious privacy concerns.
- The company has filed for bankruptcy and is selling off assets, potentially including users' genetic data.
- Users are advised to take action to protect their privacy and delete their 23andMe account.
- Additionally, using tools like McAfee+ can help protect personal data online.
Read Full Article
25 Likes
Medium
3w
4
Image Credit: Medium
Want to engage more with your grandchildren? Get on Instagram!
- Instagram is an ideal platform for grandparents to engage with their grandchildren.
- It allows grandparents to share their memories, experiences, and perspectives through images.
- Using hashtags on Instagram helps grandparents join conversations with their grandkids and reach a wider audience.
- Being on Instagram also enables grandparents to understand and be a part of their grandchild's online world.
Read Full Article
Like
Lastwatchdog
3w
137
News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches
- INE Security is focusing on the growing cybersecurity threats faced by healthcare institutions, particularly during National Physicians Week 2025.
- Healthcare has witnessed a surge in cyberattacks, with 725 hacking-related breaches reported in the U.S. in 2023, affecting over 124 million patient records.
- The average cost of a data breach in a hospital is approximately $10.93 million, making healthcare breaches the costliest across industries.
- INE Security emphasizes the importance of training personnel at all levels to defend against evolving cybersecurity threats and reduce human error.
- Healthcare staff must receive continuous cybersecurity education to ensure patient data protection and system security.
- Certifications like CISSP, CompTIA Security+, eWPTX, and eJPT are recommended for healthcare IT and security professionals to enhance their skills.
- Robust cybersecurity measures not only prevent breaches but also help maintain patient trust and confidence in healthcare providers.
- INE Security offers comprehensive cybersecurity training programs aligned with industry certifications to help healthcare organizations strengthen their defenses.
- Continuous upskilling of healthcare professionals in areas like incident response and malware analysis is crucial to mitigating cyber threats.
- INE Security's focus on cybersecurity education aims to ensure that healthcare systems and data remain secure, resilient, and protected against cyber attacks.
Read Full Article
8 Likes
Lastwatchdog
3w
437
News alert: Arsen introduces new AI-based phishing tests to improve social engineering resilience
- Arsen, a cybersecurity company, has released Conversational Phishing, an AI-powered tool for phishing simulations.
- Conversational Phishing generates and adapts phishing conversations in real-time to mimic the tactics of advanced adversaries.
- The tool helps address evolving threats by simulating real-world attacker tactics and providing personalized scenarios.
- Conversational Phishing is fully integrated into Arsen's phishing simulation module and is accessible to all clients at no additional cost.
Read Full Article
26 Likes
TechCrunch
3w
141
Image Credit: TechCrunch
US lifts sanctions on Tornado Cash, a crypto mixer linked to North Korean money laundering
- US Treasury officials have lifted sanctions on Tornado Cash, a crypto mixer linked to North Korean money laundering.
- The sanctions were lifted following a legal battle and exercise of Treasury's discretion.
- Tornado Cash, accused of laundering stolen crypto from hacks carried out by North Korea, was previously under sanctions.
- The Treasury remains concerned about the threat of crypto hacks from North Korea.
Read Full Article
8 Likes
Medium
3w
8
Image Credit: Medium
Cybersecurity Without the Jargon: A Beginner’s Guide to Risk, Compliance, and Governance in Plain…
- A story of cybersecurity breach highlights the importance of Governance, Risk, and Compliance (GRC) for organizational security.
- GRC encompasses governance rules, risk management, and compliance with legal and industry standards.
- Ignoring GRC is compared to driving without brakes, leading to catastrophic consequences.
- The Equifax data breach due to a security vulnerability cost the company billions and emphasizes the significance of GRC.
- GRC impacts all employees, not just IT professionals, as it covers data protection and compliance with regulations.
- Simple habits like careful clicking, strong passwords, and reporting suspicious activity can prevent cyber disasters.
- AI-powered tools are being used for fraud detection, compliance tracking, and predicting cybersecurity risks.
- Companies failing to integrate AI in risk management may struggle to keep up with evolving cyber threats.
- Individuals are urged to take cybersecurity seriously to protect their organizations, careers, and customers.
- The message emphasizes that cybersecurity is about common sense, responsibility, and basic habits to avoid being the weak link in security.
Read Full Article
Like
TechBullion
3w
101
Image Credit: TechBullion
Advancing Critical Infrastructure Security and Optimization through AI-Driven Predictive Analytics: A Practitioner’s Perspective
- Addressing the evolving challenges of critical infrastructure security requires innovative solutions, with AI-driven predictive analytics emerging as a transformative tool.
- AI-driven predictive analytics uses machine learning to analyze real-time data, enhancing threat detection and response in critical infrastructure.
- It optimizes resource allocation, forecasts system demands, and improves operational efficiency within vital systems.
- Practical applications of AI in critical infrastructure include enhanced threat detection, optimized resource allocation, proactive disaster resilience, predictive maintenance, and supply chain security.
- Challenges in AI deployment include ensuring data privacy, addressing vulnerabilities, and maintaining ethical guidelines and transparency.
- Cross-sector collaboration is essential for standardized AI frameworks, knowledge sharing, and workforce development in cybersecurity.
- The integration of AI-driven predictive analytics enhances security and efficiency in critical infrastructure, contributing to community well-being and safety.
- AI augments Blue Teams' capabilities in combating sophisticated cyber threats like ransomware attacks and Advanced Persistent Threats through predictive analytics.
- Prioritizing data integrity, ethical governance, and collaborative efforts is crucial for harnessing the full potential of AI in cybersecurity.
- Continued dedication to the security and optimization of critical infrastructure through AI technologies is imperative in the face of evolving cyber threats.
Read Full Article
6 Likes
Medium
3w
314
Image Credit: Medium
GDPR and Data Privacy Europe’s Harsh Laws and International Impacts
- The GDPR is one of the most powerful and comprehensive data privacy regulations in the world.
- The GDPR offers protection to European citizens and companies collecting data from European consumers globally.
- The regulation applies to all companies handling European residents' data, regardless of their location.
- The GDPR holds companies accountable for privacy policies and grants rights to users.
Read Full Article
18 Likes
Medium
3w
119
Image Credit: Medium
Don’t Be So Insecure: Get A Password Manager
- Using unique and strong passwords is crucial to protect your private information from data breaches and identity theft.
- A password manager is a safer solution that stores all your login information, generates secure passwords, and automatically fills in the appropriate login details for each website.
- Using a dedicated password manager is more secure and convenient compared to relying on a web browser's integrated password manager.
- Consider checking out the Best Password Managers of 2018 by PC Magazine or Consumer Reports for a list of reliable password managers.
Read Full Article
7 Likes
Wired
3w
437
Image Credit: Wired
Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT
- The White House is adding Elon Musk-owned SpaceX's Starlink Wi-Fi to improve connectivity, donated by the company.
- Security experts express concerns about bypassing security controls, setting problematic precedents, and creating potential security exposures.
- Nicholas Weaver labels the move as shadow IT, highlighting the sensitivity of White House Wi-Fi to national security.
- There are worries about the implementation of Starlink not complying with White House Communication Agency requirements.
- Former NSA hacker Jake Williams raises concerns about potential security risks and remote access with the Starlink connection.
- Starlink, designed for areas lacking terrestrial internet, is puzzlingly routed through a White House data center miles away from the building.
- Using satellite internet like Starlink where fiber lines are readily available is deemed inefficient and potentially creates long-term dependencies on Musk's service.
- Elon Musk's control over Starlink raises concerns about future instabilities and the impact on national security.
- The setup of Starlink at the White House is criticized for being unnecessarily complex and inefficient.
- Despite technical reliability, the integration of Starlink at the White House raises questions about federal reliance on a Musk-controlled service.
Read Full Article
26 Likes
For uninterrupted reading, download the app