Cyber Security News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Security News

Tech Radar

290

Image Credit: Tech Radar

Cyberattack response plans should be mandatory for US telecoms, FCC Chair says

US telecoms should submit yearly certification for cyber-incident response plan.
FCC Chairwoman proposes the mandatory certification to tackle rising cyber attacks.
Chinese state-sponsored threat groups allegedly infiltrated US telecom providers.
China denies involvement and claims CIA involvement in hacking collective.

Read Full Article

17 Likes

Securityintelligence

263

Image Credit: Securityintelligence

How TikTok is reframing cybersecurity efforts

TikTok collaborated with HackerOne to launch a Global Bug Bounty program that rewarded more than $1.6m in bounties to researchers over the last four years.
During Cybersecurity Month, TikTok celebrated cybersecurity by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.
TikTok Cybersecurity Month highlighted its focus and promotion of cybersecurity through its channels and programs.
TikTok’s top cybersecurity creators Kevin (@adjacentnode) and Marcus (@itsmarcushutchins) are educating users on cybersecurity and good online habits both on TikTok and beyond.
Kevin’s cybersecurity content shares inside secrets, demonstrates hands-on cybersecurity techniques and explains complex topics in an easily understandable manner, making his videos both informative and interesting.
Marcus’ distinct British accent and down-to-earth manner make his videos especially watchable, and his breakdown of current attacks in understandable terms is refreshing.
While TikTok is making efforts to improve cybersecurity, there are still legitimate concerns when using the social media platform.
By following cybersecurity best practices, TikTok creators and users can safeguard themselves from cybersecurity risks while enjoying the platform's entertaining content.

Read Full Article

15 Likes

Medium

Image Credit: Medium

Confidential Layer: Your On-Chain Actvity Is Now Secure and Private

Confidential Layer introduces a bridging platform to make crypto transactions secure and private.
The platform acts as a non-custodial bridge between public and privacy blockchains.
It offers enhanced security, identity protection, balance privacy, and liquidity.
Confidential Layer is beneficial for individuals, businesses, and institutions embracing blockchain technology.

Read Full Article

Hrexecutive

Could that new hire be a deepfake? These pros say the risk is growing

AI-generated fake videos, photos or audio are increasingly being used to impersonate job candidates and company executives
Recent research from iProov reveals that fewer than one in four participants could accurately detect high-quality deepfakes.
Michael Marcotte, founder of artius.iD, warns that HR departments are especially vulnerable because of their access to extensive personal and corporate data.
Deepfake attacker can clone voices and likenesses, impersonate executives and manipulate employees.
HR executives must strengthen their cybersecurity defenses to prevent deepfake-fueled attacks.
A deepfake scam targeting British engineering firm Arup resulted in 25$ million loss. CyberArk researchers say nearly 2/3 of office workers prioritize productivity over cyber practices.
70% of technology decision makers acknowledge the potential impact of AI-enabled cyberattacks. Nearly two-thirds of organizations are implementing cybersecurity measures to combat deepfakes, but 62% worry their efforts are insufficient.
Business leaders must prioritize investments in cyber skills development where comprehensive and robust cyber expertise must be provided to experts.
Enterprises are beginning to realise they're not doing enough to mitigate these cyber risks.
The urgency for more comprehensive and proactive cybersecurity strategy is essential.

Read Full Article

4 Likes

Discover more

TechBullion

335

Image Credit: TechBullion

Strengthening the Weakest Link: Anirban Bhattacharya on Tackling Human Vulnerabilities in Cybersecurity

The human factor is often regarded as the weakest link in an organization’s cybersecurity framework, a challenge that demands a deeper understanding and proactive solutions.
Awareness training is essential in reducing the chances of security threats generated by humans, along with technical safeguards like encryption and firewalls.
Proper security awareness training reduces the number of security threats generated by humans significantly.
The training should clearly explain its goals - what is being protected and why it matters.
Interactive formats for training, such as hands-on activities, simulations, or real-world scenarios, help reinforce learning and ensure participants stay engaged.
Security awareness training sessions should be tailored to the specific industry in which the organization operates.
For areas where threats and best practices evolve rapidly, more frequent training sessions and assessments are recommended.
Leaders should champion security as a core value, emphasizing its importance during team discussions, company-wide meetings, and all-hands sessions.
The rise of AI-driven threats is becoming increasingly challenging to counter, making humans remain the strongest line of defense.
The shift to remote work has further expanded the attack surface, making network hygiene a critical aspect of security training.

Read Full Article

20 Likes

Socprime

152

Image Credit: Socprime

Migrating Dashboards Between OpenSearch Instances

To migrate visualizations or dashboards from one OpenSearch instance to another, follow these steps:
1. Export Saved Objects: Go to Management > Saved Objects > Export and select the objects to export.
2. Correct the .ndjson file: Remove index-pattern information if it already exists in the new instance.
3. Import Saved Objects: Go to Management > Saved Objects > Import in the target instance and upload the .ndjson file.
4. Verify Migration: Open the imported visualizations or dashboards, check their functionality, and update any missing or mismatched resources.

Read Full Article

9 Likes

Securityaffairs

Image Credit: Securityaffairs

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CyberPanel flaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog.
The getresetstatus vulnerability in CyberPanel allows remote attackers to bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware.
The vulnerability impacted versions up to 2.3.6 and the unpatched 2.3.7, and was exploited in a large-scale hacking campaign targeting over 22,000 CyberPanel instances.
CISA has ordered federal agencies to fix this vulnerability by December 25, 2024.

Read Full Article

Tech Radar

107

Image Credit: Tech Radar

Businesses received over 20 billion spam emails this year

Businesses received over 20 billion spam emails this year.
Out of these emails, 427 million contained malicious content.
Phishing attacks remain the primary attack vector.
AI tools have led to an increase in sophisticated phishing attacks.

Read Full Article

6 Likes

Eletimes

263

Image Credit: Eletimes

Securing AI Models: Safeguarding the Future of Innovation

AI adoption is increasing, raising concerns about security.
Large Language Models (LLMs) and advanced AI systems need to be protected.
Data confidentiality, integrity, and privacy are crucial for AI security.
Collaboration among stakeholders is necessary to secure AI ecosystems.

Read Full Article

15 Likes

Tech Radar

Image Credit: Tech Radar

TfL cyberattack bites into profits with £30 million spent on recovery

Transport for London (TfL) has estimated that it has spent £30 million ($38 million) on recovery efforts following a cyberattack.
This is the first time TfL has provided an estimate for the financial cost of the attack.
The attack, which occurred in September, resulted in the theft of customer data, including bank account numbers and sort codes.
TfL was not insured against cyberattacks, and the cost of the incident has impacted the organization's ability to invest in improving services.

Read Full Article

3 Likes

Socprime

143

Image Credit: Socprime

Generating a CSR and Using an External Certificate with Elasticsearch

This guide provides a step-by-step walkthrough for connecting Elasticsearch to external certificates issued by a Certificate Authority (CA).
Generate a CSR for each node by creating a CSR configuration file and using the elasticsearch-certutil tool.
Submit the CSR to an external CA for signing and collect the signed certificates.
Import the CA certificate into the server's trust store and distribute the certificates to the nodes.
Configure SSL/TLS in Elasticsearch by editing the elasticsearch.yml file and restart Elasticsearch to apply the changes.

Read Full Article

8 Likes

Global Fintech Series

218

Image Credit: Global Fintech Series

The Hidden Culprit Behind a “Seamless” Digital Banking Experience

Third-party logos in the digital banking experience erode member trust in credit unions.
Fragmentation of the digital experience raises questions about data security and service quality.
Financial institutions can create a seamless experience through strategic vendor management and white-labeling.
Prioritizing true white-labeling and seamless integration builds member confidence and trust in credit unions.

Read Full Article

12 Likes

Addicted2Success

1.1k

Image Credit: Addicted2Success

Why Cybersecurity is the Next Big Skill for Entrepreneurs

Cybersecurity is crucial for entrepreneurs, safeguarding digital assets, reputation, and customer trust. Small businesses are prime targets for hackers, often due to limited resources.
Strong cybersecurity ensures smooth operations, compliance with regulations, and protects intellectual property. It’s more than defense—it fuels growth by enabling confident scaling, fostering trust, and attracting partnerships.
Simple steps like strong passwords, multi-factor authentication, and regular software updates help. As businesses grow, hiring a CISO or using CISO-as-a-service strengthens strategies.

Read Full Article

24 Likes

The Fintech Times

UK SMEs Are Concerned About Preparedness For Cyberattacks as Fraud Rises Finds Mollie

Small and medium-sized enterprises (SMEs) in the UK are unprepared for cyberattacks amidst a rise in fraud, according to a study by Mollie.
5.5 million SMEs lost £10,800 this year due to fraud, causing significant concern for their survival.
SMEs are increasingly facing phishing scams, refund fraud, account takeover attempts, chargebacks, and carding attacks.
Online fraud not only affects the finances but also impacts the productivity of small businesses, diverting resources from core operations.

Read Full Article

5 Likes

The Register

384

Image Credit: The Register

Protect your clouds

40% of data breaches identified between March 2023 and February 2024 involved data stored across multiple environments, including the cloud.
Data breaches in public clouds incurred the highest average breach cost of $5.17 million.
SANS has developed a range of cloud-specific resources to help organizations safeguard their cloud infrastructure.
SANS is offering a series of webcasts providing guidance on building a cloud security strategy, navigating challenges, and adopting a modern approach to cloud security.

Read Full Article

23 Likes

For uninterrupted reading, download the app