A naukri.com initiative
Cyber Security News
Socprime
1M
4
Image Credit: Socprime
AI-Generated MDE Queries from APT28 Clipboard Attacks
- Uncoder AI transforms structured threat intel into Microsoft Defender for Endpoint-compatible KQL detection rules.
- IOC Extraction from reported behavior includes observables like PowerShell droppers and C2 domains.
- Uncoder AI auto-generates detection queries for Microsoft Defender, focusing on detecting attempts to contact attacker-controlled infrastructure.
- This AI-driven capability simplifies IOC formatting, ensures correct field mapping, requires zero manual effort, and provides direct value for SOC teams and detection engineers.
Read Full Article
Like
Socprime
1M
78
Image Credit: Socprime
Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI
- Uncoder AI feature generates KQL detection query for Microsoft Sentinel based on indicators from DarkCrystal RAT threat report.
- Query searches logs for strings like 'Розпорядження.zip' and 'imgurl.ir' across all available data tables.
- Uncoder AI extracts high-confidence indicators from threat reports, reducing manual IOC integration and query crafting workload for analysts.
- Benefits include broad IOC discovery, accelerated detection engineering, and improved SOC efficiency for faster incident response and detection logic authoring.
Read Full Article
4 Likes
Socprime
1M
283
Image Credit: Socprime
Full Detection Logic for LITERNAMAGER in Cortex XSIAM via Uncoder AI
- Uncoder AI feature analyzes a complex CERT-UA#1170 threat report on LITERNAMAGER malware and generates Cortex XSIAM-compatible XQL rule.
- Detection capabilities include identifying suspicious command-line executions, registry-based persistence indicators, and network telemetry related to LITERNAMAGER.
- AI maps structured indicators to Cortex datasets for process & command line activity, registry keys, and outbound connections to known C2 infrastructure.
- Operational benefits include high-fidelity detections based on unique behaviors of LITERNAMAGER, multi-layer coverage, and threat-informed engineering reflected in XQL logic.
Read Full Article
17 Likes
Socprime
1M
184
Image Credit: Socprime
Instant Domain Matching Logic for Splunk via Uncoder AI
- Uncoder AI offers a feature to ingest structured IOCs from threat reports like malicious domains tied to credential phishing.
- The tool processes this data to automatically output a Splunk-compatible detection query using dest_host field filtering.
- The innovation lies in structuring large-scale IOC lists into production-ready query syntax and removing the need for manual extraction and formatting.
- Security analysts benefit from speed, accuracy, and reusability when using Uncoder AI for generating detection queries for phishing domains in Splunk.
Read Full Article
11 Likes
Socprime
1M
418
Image Credit: Socprime
Domain-Based IOC Detection for Carbon Black in Uncoder AI
- Uncoder AI extracts IOCs from threat reports to identify malicious network infrastructure associated with specific loaders and suspicious domains.
- It generates Carbon Black threat hunting queries based on the identified domains to trace command-and-control activity or staged malware delivery.
- The effectiveness lies in field-specific formatting, scalable IOC inclusion, and immediate usability for Carbon Black consoles.
- Security teams using VMware Carbon Black can proactively hunt for malware infections, detect suspicious domain beacons, and accelerate incident response using this feature.
Read Full Article
25 Likes
TechBullion
1M
373
Image Credit: TechBullion
Cloud CRM: Revolutionizing Industries with Security, AI, and Personalization
- Cloud-based CRM systems with enhanced security and cutting-edge technologies are revolutionizing industries like healthcare, retail, and agriculture.
- Cloud CRM platforms offer advanced security protocols and AI capabilities for personalized customer interactions, improved decision-making, and operational efficiency.
- In healthcare, cloud CRM enhances patient care through secure data management, AI insights, and streamlined communication, setting a new standard for patient engagement.
- Retailers leverage cloud CRM for personalized marketing, boosting sales performance, strengthening security with multi-cloud architectures, and optimizing customer journeys.
- In agriculture, cloud CRM integration with IoT sensors and predictive analytics enables informed decisions on resource management, crop planning, and sustainability, reshaping the industry.
- Cloud CRM's focus on security through Zero Trust architecture, AI threat detection, and encryption safeguards sensitive data, builds customer trust, and supports long-term business success.
Read Full Article
22 Likes
TechDigest
1M
414
Image Credit: TechDigest
M&S faces ‘unprecedented’ Scottish lawsuit over cyber attack data breach
- Marks & Spencer is facing an “unprecedented” class action lawsuit in Scotland following a major cyberattack disrupting operations.
- Scottish law firm Thompsons Solicitors is leading the legal challenge for affected customers whose personal data was stolen.
- The lawsuit aims to seek compensation for the increased risk of fraud and scams, potential financial losses, distress, anxiety, and time spent resolving issues.
- Over 350 individuals have already joined the class action, marking an 'unprecedented' response for a case of this nature in Scotland.
Read Full Article
24 Likes
Securityaffairs
1M
22
Image Credit: Securityaffairs
Roundcube Webmail under fire: critical exploit found after a decade
- A critical flaw in Roundcube webmail software, known as CVE-2025-49113, has been discovered after being undetected for over a decade.
- This flaw allows attackers to execute arbitrary code and take control of affected systems, posing significant risks to users and organizations.
- The founder of FearsOff, Kirill Firsov, identified the vulnerability in Roundcube Webmail before version 1.5.10 and 1.6.x before 1.6.11.
- To mitigate the risk, users are advised to update their Roundcube installations to the latest version immediately.
Read Full Article
1 Like
TechJuice
1M
234
Image Credit: TechJuice
Crocodilus Trojan Expands Globally, Targeting Crypto and Banking Apps
- Crocodilus, a sophisticated Android banking trojan, is now targeting users globally, including Europe, South America, and parts of Asia.
- The malware spreads by posing as legitimate apps like online casinos or fake banking apps, exploiting vulnerabilities in Android devices.
- Crocodilus requests accessibility service permissions once installed, overlaying fake login pages on banking and cryptocurrency apps to capture user credentials.
- To protect against Crocodilus and similar threats, users are advised to download apps from trusted sources, update device software regularly, and implement robust security measures like multi-factor authentication.
Read Full Article
14 Likes
TechBullion
1M
126
Image Credit: TechBullion
Kedarnath Goud Kothinti: Pioneering Leadership in Financial Technology and Cybersecurity
- Kedarnath Goud Kothinti is a prominent figure in the field of financial technology and cybersecurity, leading projects in fraud prevention, identity verification, and risk analysis.
- With extensive experience and a strong academic background in Artificial Intelligence and Machine Learning, Kedarnath has been instrumental in architecting secure systems for leading financial institutions.
- His career progression from Infosys to AvidXchange reflects his expertise in enhancing financial systems, developing fraud management platforms, and leading cross-functional teams for technological innovation.
- Kedarnath's focus on technical excellence, collaborative leadership, and integration of cutting-edge tools like Apache Kafka and Kubernetes has driven the development of secure, scalable financial applications and fraud detection systems.
Read Full Article
7 Likes
Wired
1M
378
Image Credit: Wired
The Race to Build Trump’s ‘Golden Dome’ Missile Defense System Is On
- US President Donald Trump plans to build a new missile defense system in space called the 'Golden Dome,' attracting the interest of defense companies like SpaceX, Palantir, and Anduril.
- The project's future is uncertain as it is unclear how the missile shield will be constructed, the number of contracts to be awarded, and the actual cost of the project.
- Compared to Israel's Iron Dome, the scale and scope of the Golden Dome project present significant challenges as it involves integration strategies on a large scale.
- Different branches of the US military and federal government are providing feedback and insight for the Golden Dome project, but their level of involvement remains unclear.
- SpaceX is expected to play a major role in the initiative based on its dominance in commercial space launch activities, according to experts.
- Various defense companies like Lockheed Martin, SpaceX, Palantir, and Anduril are in early discussions to potentially form partnerships for the Golden Dome project based on the project's requirements.
- The Trump administration shifted focus from the 'Iron Dome Missile Defense Shield' to the 'Golden Dome for America,' seeking advanced technological capabilities for missile defense, including space-based interceptors.
- Concerns about the effectiveness, cost, and implications of a space-based missile defense system have been raised, with experts emphasizing the need to balance its feasibility and vulnerability.
- The potential arms race triggered by the Golden Dome system poses a threat as rivals like Russia and China may respond by building more offensive missiles, leading to escalating tensions.
- Despite concerns, Trump downplays cost considerations, emphasizing the importance and effectiveness of the Golden Dome in enhancing national defense capabilities.
- The Golden Dome project raises complex issues regarding defense technology, geopolitics, and strategic responses from other countries, highlighting the challenges and implications of building an advanced missile defense system.
Read Full Article
22 Likes
Siliconangle
1M
117
Image Credit: Siliconangle
Google finds generational divide in how users respond to rising online scams
- Google survey reveals a growing awareness of online scams and a generational shift in security behaviors.
- More than 60% of U.S. consumers believe scam activity has increased, with a third experiencing a data breach.
- Younger generations prefer modern sign-in methods like passkeys, while older generations still rely on passwords.
- Google encourages the adoption of passkeys and integrated tools for enhanced online security amidst rising online scams.
Read Full Article
7 Likes
Wired
1M
130
Image Credit: Wired
A GPS Blackout Would Shut Down the World
- A GPS blackout would result in chaos with traffic jams, accidents, and disruptions to critical systems like financial transactions and energy production.
- The loss of GPS timing signals could lead to cell phone connection failures and stock market disruptions, impacting global movement of people and data.
- The US, heavily reliant on GPS, lags behind in building resilient backup systems compared to countries like China with BeiDou.
- Potential causes of a total GPS blackout include anti-satellite weapons, geomagnetic storms, or electronic warfare escalation.
- While a total outage is improbable, regional GPS disruptions due to jamming and spoofing are common, affecting aviation safety.
- Global Navigation Satellite Systems like GPS, Galileo, GLONASS, and BeiDou face increasing attacks, with concerns raised over aviation safety.
- Efforts to enhance PNT systems and reduce GPS vulnerabilities are crucial, as US infrastructure heavily relies on GPS for crucial functions.
- Calls for modernizing PNT systems and identifying GPS alternatives are growing to strengthen resilience and backup capabilities.
- Upgrades to GPS system, integration of authentication mechanisms, and development of new navigation technologies are underway to combat threats.
- Government cooperation, investment in system upgrades, and industry efforts are essential to mitigate the risks posed by GPS disruptions.
Read Full Article
7 Likes
Wired
1M
153
Image Credit: Wired
Deepfake Scams Are Distorting Reality Itself
- Deepfake technology has advanced to the point where scammers can create realistic fake faces and voices in real time to run various online scams, including romance, employment, and tax fraud schemes.
- The volume of deepfakes being used for scams has dramatically increased in recent years, with scammers exploiting AI tools to generate realistic faces and manipulate existing media to deceive victims.
- Financial losses due to deepfake scams are on the rise, with instances like a Hong Kong finance worker losing $25 million to a scammer posing as a deepfaked executive and a retiree in New Zealand losing $133,000 to a cryptocurrency investment deepfake scam.
- Deepfakes are not limited to video scams; scammers can also create believable voice replicas using just a few seconds of audio, posing a significant threat to online security.
- Despite advancements in deepfake detection tools, current technology is still inadequate in spotting sophisticated AI fakes, raising concerns about the efficacy of current detection methods.
- Humans remain the best detectors of deepfakes, as studies show that people are more adept at identifying fake videos compared to other types of content, highlighting the importance of human scrutiny in detecting fraudulent activities.
- Deepfakes have extended beyond scams to areas like social media influencer impersonation and geopolitical manipulation, emphasizing the need for vigilance in recognizing manipulated content across various online platforms.
- While deepfakes present challenges in online security, increased awareness and skepticism among the public can serve as a defense mechanism against falling victim to deepfake scams.
- As deepfake technology evolves, scammers adapt their tactics, illustrating the ongoing cat-and-mouse game between scammers and those working to combat deceptive uses of AI-generated content.
- There is a call for individuals to scrutinize content for authenticity, take time to assess the credibility of information, and cultivate a healthy skepticism to mitigate the risks associated with deepfake scams.
Read Full Article
9 Likes
Tech Radar
1M
22
Image Credit: Tech Radar
HPE flags critical StoreOnce auth bypass, users should update now
- Hewlett Packard Enterprise (HPE) has issued patches for several vulnerabilities in its StoreOnce data backup and recovery solution, with a critical authentication bypass flaw being the most severe.
- The critical flaw, tracked as CVE-2025-37093, allows threat actors to gain full system access without user interaction, posing significant risks to system integrity and data security.
- All versions of StoreOnce prior to 4.3.11 are vulnerable, and users are strongly advised to update their software immediately as there are no workarounds available.
- In addition to the critical authentication bypass, HPE patched seven other flaws in StoreOnce, including issues like Remote Code Execution and Directory Traversal, affecting enterprise and government users.
Read Full Article
1 Like
For uninterrupted reading, download the app