Info. Security News News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Info. Security News News

Securityaffairs

Image Credit: Securityaffairs

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Fortinet warns attackers can keep read-only access to FortiGate devices even after the original vulnerability is patched.
The attackers exploited known FortiGate flaws to gain persistent read-only access via a symlink in SSL-VPN language folders.
The vulnerability allowed threat actors to maintain read-only access to files on the device's file system.
Fortinet released mitigations and urged customers to patch their devices to prevent further attacks.

Read Full Article

6 Likes

Hackingblogs

363

Image Credit: Hackingblogs

Massive Scam Busted in Uber, Ola & Rapido: Fake Drivers, Fake Rides, Real Losses!

A massive scam involving fake drivers has been busted by Noida police, targeting taxi companies like Uber, Ola, and Rapido.
The scammers used fake Aadhaar cards and phone numbers to create multiple driver accounts, earning bonuses through fraudulent rides.
The police uncovered the scam when they caught two individuals in possession of fake IDs and other incriminating evidence in Noida.
This incident highlights the need for stricter verification procedures and stronger KYC policies in the taxi industry.

Read Full Article

21 Likes

TechBullion

100

Image Credit: TechBullion

Enhancing Data Integrity in Autonomous Vehicles with Blockchain

Raghavendra Kurva presents a hybrid architecture integrating blockchain technology to ensure real-time data validation in autonomous vehicle systems.
Autonomous vehicles process 1.2 TB of sensor data daily, requiring accurate and secure data management to avoid miscalculations and risks.
The hybrid architecture combines Hyperledger Fabric with Apache Kafka to achieve fast and secure data validation with a transaction time of 3.8 seconds and a processing rate of 2,500 transactions per second.
The implementation of smart contracts and optimized Apache Kafka configuration ensures reliable high-speed data processing, maintaining data integrity and meeting the required thresholds for autonomous operations.

Read Full Article

6 Likes

Securityaffairs

262

Image Credit: Securityaffairs

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure.
The vulnerability, known as CVE-2025-3102, has a CVSS score of 8.1.
The flaw allows attackers to create malicious administrator users on unconfigured WordPress sites using the plugin.
Immediate updates are strongly advised, as over 100,000 sites are potentially affected.

Read Full Article

15 Likes

Discover more

Securityaffairs

347

Image Credit: Securityaffairs

Laboratory Services Cooperative data breach impacts 1.6 Million People

Laboratory Services Cooperative disclosed a data breach that impacted the personal and medical information of 1.6 million people.
The incident took place in October 2024, with unauthorized access and removal of files.
Stolen data may include personal information, medical details, health insurance information, and billing/payment data.
The Laboratory Services Cooperative is providing impacted individuals with credit monitoring and identity protection services.

Read Full Article

20 Likes

Securityaffairs

Image Credit: Securityaffairs

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Increased scanning activity on PAN-OS GlobalProtect gateways has led to a warning about potential upcoming attacks.
No known vulnerabilities have been exploited, but monitoring and analysis are ongoing.
A surge in login scanning activity has been observed targeting Palo Alto Networks PAN-OS GlobalProtect portals, potentially as a precursor to exploitation.
Organizations with exposed Palo Alto Networks systems are advised to review logs and perform threat hunts to identify signs of compromise.

Read Full Article

1 Like

Kaspersky

Image Credit: Kaspersky

12 tips on how to use WhatsApp, Telegram, Signal, Viber, WeChat, and other messaging apps safely | Kaspersky official blog

Enable two-factor authentication to prevent hacking or hijacking of your account through SIM swapping or other techniques.
Avoid sharing one-time passwords with anyone to prevent scammers from stealing your account.
Do not scan QR codes outside of the messaging app to avoid linking your account to scammers.
Carefully check new contact requests to verify the authenticity of the sender and avoid falling for scams.
Utilize the block feature to get rid of unwanted contacts like stalkers, scammers, and exes.
Think twice before opening links, even if they're from friends, to avoid falling victim to account compromise.
Restrict access to your smartphone and messaging app with screen lock and app lock features.
Turn off message previews on the lock screen to prevent sensitive data from being displayed.
Use disappearing messages or one-time-view options for sharing sensitive information to avoid leaving a trail.
Avoid sending sensitive content like nudes to prevent potential embarrassment or blackmail.

Read Full Article

2 Likes

Sentinelone

335

Image Credit: Sentinelone

The Good, the Bad and the Ugly in Cybersecurity – Week 15

Law enforcement has detained five individuals linked to the SmokeLoader botnet, uncovering a pay-per-install service used for deploying ransomware and other malicious activities.
Multiple arrests, house searches, and interrogations were conducted in a crackdown involving authorities from several countries targeting SmokeLoader customers.
Europol has initiated a dedicated website and video series to provide updates on the operation against cybercriminals associated with SmokeLoader.
AkiraBot, an AI-powered framework, spams over 400,000 websites, bypassing CAPTCHAs and promoting dubious SEO services.
The bot utilizes OpenAI's GPT-4o-mini model to generate tailored spam messages and evades filters by customizing content for each target site.
AkiraBot's capabilities include defeating CAPTCHAs like hCAPTCHA and reCAPTCHA, with logs of spam activities recorded in submissions.csv.
A Russia-linked group, Gamaredon, is targeting Western military missions in Ukraine using malicious .LNK files and the GammaSteel infostealer.
The group employs tactics like obfuscation, legitimate service usage for communication, and reconnaissance scripts to steal sensitive documents.
Gamaredon's campaign reflects a focus on stealth and persistence, with efforts to gather intelligence and spread risks to Western networks in the region.
The use of AI in cybercriminal activities and the ongoing threats from sophisticated malware highlight the importance of enhancing cybersecurity defenses.

Read Full Article

20 Likes

Sentinelone

Image Credit: Sentinelone

The AI Inflection Point | How Agentic & GenAI Are Reshaping Security Operations

The adoption of Generative AI (GenAI) and Agentic AI is reshaping security operations by augmenting human analysts, improving efficiency, and laying the foundation for a more autonomous SOC.
Organizations are increasing spending on security tools with AI capabilities, with a focus on threat intelligence analysis, workflow automation, and threat hunting using AI-powered solutions.
AI is not replacing human analysts but helping to alleviate workload pressures, enabling strategic work, and improving overall security postures.
Security leaders emphasize the importance of AI seamlessly fitting into existing workflows and meeting performance, usability, and privacy requirements.
There is a challenge of 'AI washing', where vendors overpromise AI capabilities, making it harder for security professionals to make informed decisions.
Organizations see AI as the bridge to a more autonomous SOC, where AI-driven automation enhances human expertise without full replacement.
AI-driven automation enables SOC teams to anticipate and mitigate cyber risks proactively, reshaping security operations from detection to response processes.
SentinelOne's Purple AI aims to deliver agentic systems for security work, training AI grounded in real-world security scenarios to enhance human decision-making.
The future of AI-powered SOC involves GenAI and Agentic AI amplifying human expertise, automating tasks, and enhancing cybersecurity resilience without replacing analysts.
Organizations are rapidly adopting AI to improve efficiency, streamline investigations, and strengthen security postures, moving towards a more autonomous SOC.

Read Full Article

1 Like

Securityaffairs

188

Image Credit: Securityaffairs

Gamaredon targeted the military mission of a Western country based in Ukraine

Gamaredon, a Russia-linked APT group, targeted a foreign military mission based in Ukraine.
The group used an updated version of the GamaSteel infostealer, with the campaign starting in February 2025.
The initial infection vector used was an infected removable drive.
The group's campaign demonstrates a laser-like focus on targeting entities within Ukraine for espionage purposes.

Read Full Article

11 Likes

Hackingblogs

109

Image Credit: Hackingblogs

Day 1: What is Cryptography? Why It Matters in Cybersecurity

Cryptography is essential in protecting secrets by transforming plaintext into ciphertext and vice versa in the digital age.
It provides control, proof, integrity, and privacy, allowing us to secure communication and confirm identities.
Claude Shannon is known as the father of modern cryptography, emphasizing perfect secrecy where ciphertext reveals nothing about the message.
Whitfield Diffie and Martin Hellman revolutionized cryptography with asymmetric cryptography and the Diffie-Hellman Key Exchange.
The creators of RSA algorithm, Ron Rivest, Adi Shamir, and Leonard Adleman, laid the foundation for secure web traffic.
Historically, cryptography played a crucial role from Julius Caesar's Caesar Cipher to cracking the German Enigma machine in WWII.
In modern times, encryption safeguards online banking, messaging apps, password storage, VPN services, and email security.
Key terms include encryption, decryption, key, ciphertext, hashing, salting, digital signature, and public/private keys in asymmetric encryption.
Symmetric encryption, asymmetric encryption, and hashing are different types of cryptography that serve various encryption and decryption purposes.
The fundamentals of keys, ciphers, and algorithms in practical systems will be explored in Day 2 of this cryptography series.

Read Full Article

6 Likes

Schneier

340

Reimagining Democracy

Reimagining democracy involves considering new governance systems without the burden of legacy systems from existing countries, adapting to advancements in technology, communication, and philosophy.
Modern democracy can explore alternatives to representative government, such as organizing representation by age or randomly, adjusting terms for elected officials, and incorporating more direct democracy through plebiscites.
Discussions on democracy evolution focus on misinformation, conflicts between economic and political interests, capitalism's compatibility with democracy, and the integration of artificial intelligence in governance.
Considerations include ceding power to AI systems, the potential for AI-written legislation, and the implications of AI tools suggesting policy options beyond human comprehension.
Workshop discussions also address the scale of governance, incorporating historical practices like sortition and modern concepts such as liquid democracy that eliminate traditional elections in favor of continuous voting.
Questions arise regarding participation rights, including voting age, representation of future generations and non-human interests, and the balance between individual and societal rights in democratic governance.
Challenges in designing a resilient government system resistant to manipulation, aligning individual and collective interests, and navigating ethical and practical boundaries in democracy are crucial considerations for the future.
The workshops emphasize the need for radical, forward-thinking changes in political systems rather than limited incremental improvements to address evolving societal needs and adapt to technological advancements.
The exploration of innovative governance models beyond traditional democracy signifies the ongoing discourse on reshaping political systems for a more effective and inclusive future.

Read Full Article

20 Likes

Sentinelone

Image Credit: Sentinelone

Re-Assessing Risk | Subdomain Takeovers As Supply Chain Attacks

The cyber landscape is constantly changing, with new vulnerabilities and risks emerging regularly.
Security teams should monitor vulnerabilities for potential exploitability, as low-risk issues can quickly escalate into major threats.
Subdomain takeovers pose a supply chain threat when attackers gain control of unused subdomains.
Dangling DNS, a common subdomain takeover scenario, can occur due to misconfigurations or expired subdomains.
Attackers can exploit Dangling DNS from cloud providers, leading to subdomain takeovers and potential malicious activities.
There have been over 1,250 instances of subdomain takeover risks identified by SentinelOne due to deprovisioned cloud resources.
Subdomain takeovers can result in defaced websites, phishing campaigns, and other malicious activities.
Supply chain risks from subdomain takeovers include asset references in cloud services, potentially leading to attacks on users.
SentinelOne emphasizes the importance of runtime security to protect against supply chain threats and recommends a proactive security approach.
Staying vigilant with cloud security is crucial, and SentinelOne offers tools to detect and prioritize subdomain takeover risks.

Read Full Article

1 Like

Infoblox

328

Image Credit: Infoblox

And There Was Much Rejoicing: New Draft of NIST SP 800-81 Released

The U.S. National Institute of Standards and Technology (NIST) released a draft of a new version of their Secure Domain Name System (DNS) Deployment Guide.
The previous version, NIST SP 800-81, was published in 2013 and did not cover encrypted DNS or Protective DNS.
The new draft recognizes the importance of Protective DNS as a foundational layer of network security and recommends its incorporation into security strategies.
A comment period for the draft extends until May 26, allowing stakeholders to provide feedback to NIST.

Read Full Article

19 Likes

Securityaffairs

290

Image Credit: Securityaffairs

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Linux Kernel flaws to its Known Exploited Vulnerabilities catalog.
The vulnerabilities, CVE-2024-53197 and CVE-2024-53150, were identified in the Linux Kernel's ALSA USB-audio driver.
CVE-2024-53197 involved incorrect handling of USB configuration data, leading to potential memory corruption or system instability.
CVE-2024-53150 failed to validate a field in USB audio clock descriptors, potentially resulting in out-of-bounds reads.

Read Full Article

17 Likes

For uninterrupted reading, download the app