Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Features

by Shomiron Das Gupta, Founder and Chief Executive Officer of DNIF HYPERCLOUD By entering the digital era, the ever-evolving landscape of cybersecurity is shaped by the relentless innovation of technology and the persistent efforts of cybercriminals. By the completion of the coming year, the financial impact of   show more ...

cyber-attacks on the global economy is anticipated to reach $10.5 trillion. Whether small or large organizations, corporations, or even governments, reliance on computerized systems for day-to-day operations underscores the pivotal role of cybersecurity in safeguarding data against various online threats and unauthorized access. Today, incidents like data breaches, ransomware attacks, and hacks have become commonplace, reinforcing the importance of staying abreast of the latest developments in the cybersecurity landscape. As a result, there has been a discernible surge in technical advancements across diverse domains, signaling a concurrent evolution in cybersecurity trends. Let’s delve into some of the top cybersecurity trends to watch out for 2024. Underdeveloped Generative AI Applications The dominance of artificial intelligence (AI), especially large language models like ChatGPT, has been a headline-grabbing phenomenon. Business owners, with over 60% anticipating increased productivity, are witnessing a gold rush of new players capitalizing on niche generative AI applications. The accelerated development of these apps, facilitated by Large Language Models (LLMs), raises concerns. The emphasis on speed may come at the expense of robust controls over user security and privacy in the development process. Users trusting these apps may unknowingly expose sensitive information, and with AI projected to grow at an annual rate of 37.3%, this trend remains a focal point in cybersecurity well into the future. Ransomware as a Service (RaaS) Ransomware has emerged as a pressing concern for businesses, institutions, and individuals. Shockingly, ransomware attack payments have surged, reaching an average of USD 1.54 billion over the past 10 months, a figure that has doubled since 2022. Examining the Indian landscape, the nation has experienced an alarming average of 2,126 cyber attacks per week in the last six months. This surpasses the global average of 1,108, resulting in significant financial losses and reputational damage. Cybercriminals no longer need to develop their own malware; instead, they can purchase it from a seller, democratizing the ability to carry out attacks. Ransomware as a Service operates akin to legitimate businesses, allowing affiliates to purchase and customize ransomware. Organizations must prioritize good cyber hygiene as a baseline defense against this trend. Data Breaches: A Prime Target for Cyber Threats The recognition of cyber threats‘ potential impact on national security and economic prosperity is increasingly gaining traction among governments and organizations. The awareness of the potential social and political fallout resulting from large-scale data breaches has spurred the development of new regulations addressing cybersecurity concerns. In the early days of August 2023, the Indian Parliament ratified the Digital Personal Data Protection (DPDP) Act, 2023, presenting a framework for the protection of personal data. However, regulatory frameworks alone are insufficient to ensure effective data privacy. As organizations continue to accumulate and store extensive volumes of sensitive data, fortifying defenses against data breaches becomes imperative. Therefore, implementing robust data protection measures and cultivating a cybersecurity-aware culture are essential components of a comprehensive defence strategy. Cyber Warfare and State-Sponsored Attacks State-sponsored cyber warfare involves a government or state either endorsing or conducting cyberattacks against other governments, businesses, organizations, or individuals. In the contemporary landscape, this form of cyber warfare stands as a formidable threat to both national security and global stability. Governments and various entities deploy advanced techniques to execute cyber-attacks on their targets, employing diverse methods such as malware, phishing scams, ransomware, denial-of-service attacks, and social engineering. Cyber espionage is also a prominent strategy employed by governments to gather sensitive information, ranging from trade secrets to military plans and diplomatic communications. Despite the uncertainty surrounding the future trajectory of state-sponsored cyber warfare, it remains evident that it will persist as a significant and evolving threat. Deepfake Proliferation: A Growing Threat to Cybersecurity In today’s digital age, the proliferation of deepfake technology poses a significant cybersecurity threat. Deepfakes, powered by advanced artificial intelligence (AI) and machine learning (ML) algorithms, have the potential to deceive individuals, organizations, and even entire nations. While deepfakes have been around for as long as vishing scams, advancements in video technology make them harder to detect. Forums offering source code for deepfake technology further increase the risk, as malicious actors can recreate identities on video using scraped high-quality images and videos from the internet. Face recognition authentication and conference calls could become new attack vectors soon. Next Up With Cybersecurity Trends These cybersecurity trends are bound to cause more fear in organizations to stack their security measures. It is expected that organizations will spend more than ever with US$100+ Billion on protecting their assets alone this year. By gearing up the security game, organizations can fortify their cybersecurity defences and navigate the evolving threat landscape successfully. By embracing innovative technologies and adopting a proactive approach to cybersecurity, businesses can better protect their assets and sensitive information from the ever-present and ever-evolving threat of cybercrime. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

 Features

by Karan Rai, Chief Product and Technology Officer, Ennoventure In a time when technology is advancing at an unprecedented rate, the field of brand protection is changing. The advanced counterfeiting and fraudulent activities of today render traditional brand protection approaches ineffective. Brands have a difficult   show more ...

time preserving their reputation and winning over customers. Traditional security solutions such as serial numbers are unable to keep out counterfeiters nowadays. The revolutionary function of invisible signatures in brand protection is a cutting-edge innovation that is transforming brand defense tactics. Brand Protection: The Pervasive Threat of Counterfeiting The plague of counterfeiting has spread around the world, ruining countless firms’ reputations and resulting in enormous financial losses. The conventional approaches to brand protection have shown that they are susceptible to these changing dangers when making imitation goods. Overt markers like serial numbers are easily copied, resulting in an increase in counterfeit goods flooding the market. This necessitates a paradigm shift in brand defense tactics. One important aspect of invisible signatures on product packaging is how simple it is to verify them, primarily due to smartphones. Customers and authorities can obtain a potent mechanism for gathering evidence by simply scanning the product package with a smartphone. This mechanism consists of a virtual ‘picture’ that reveals the true identity of a counterfeit product. These signatures are very challenging to replicate because, in contrast to conventional anti-counterfeiting solutions, they are seamlessly integrated into the product package itself. Their covert nature provides an extra degree of protection, keeping them safe from the prying eyes of counterfeiters trying to imitate the real markings. The merging of cryptography and artificial intelligence provides the technological foundation for these invisible signatures. Together, they give the signatures a level of sophistication that surpasses traditional anti-counterfeiting techniques. The incorporation of artificial intelligence guarantees flexibility and perpetual advancement, whereas cryptography contributes an unbreakable barrier to the authentication procedure. Using these invisible signatures is a high-tech and strategic solution as firms struggle with the ubiquitous problem of counterfeit goods. These signatures are more than just deterrents; they are a paradigm shift in the fight against counterfeiters, offering a subtle but effective instrument to protect product integrity and build consumer-brand confidence. The Diverse Advantages Effective Counterfeit Monitoring: The use of invisible signatures makes it possible to closely monitor the distribution and prevalence of counterfeit goods, providing a focused strategy for locating hotspots and important actors in particular areas. This is a powerful disincentive that tells smaller counterfeiters to stop their illegal activity, in addition to providing legal authorities with actionable intelligence. Evidence Collection: By using scanned photographs to provide geolocation and timestamp information, invisible signatures go beyond conventional anti-counterfeiting techniques. This priceless information provides hard proof by pinpointing the exact location of phony goods. Authorities can demonstrate the length of time that counterfeit items have been in circulation by assessing several scans over time. This helps to enhance legal cases and enable more effective law enforcement measures. Economical Approach: Legal battles against counterfeiting are frequently quite expensive; in fact, legal costs frequently exceed damages that are awarded. Since invisible signatures provide unquestionable evidence of validity, they present a financially sensible option. T hese invisible signatures serve the brand’s interest by reducing the complexity and expenses of legal actions, particularly in cases with several defendants or potential claims of wrongful seizure. Using invisible signatures gives customers the ability to confirm the legitimacy of the goods they buy, which goes beyond just providing security. This covert brand protection technology offers a complex approach that combines surveillance, evidence collection, and cost-effective legal measures, going beyond merely being a technological innovation to reshape the dynamics of anti-counterfeiting activities. Invisible signatures provide a concealed barrier that preserves authenticity and the consumer-brand confidence in the ever-changing world of brand protection. By being more transparent, the company protects its reputation and grows a base of devoted customers. Prospects for the Future The use of invisible signatures in the never-ending fight against counterfeiting is revolutionary for companies looking for a strong brand protection tool. They provide a level of security that is both cutting-edge and necessary in our technologically advanced society. By adopting these invisible signatures, companies can protect themselves from financial losses and help create a market where truthfulness prevails over deceit. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

 Firewall Daily

Passkeys and biometrics have long been regarded as the new frontier for cybersecurity, with many organizations requiring their employees to use them. These two technologies alone have paved a long road for organizational security, protecting organizations from data breaches and cyberattacks — making a safer   show more ...

environment for corporations. Like every technology, passkeys, and biometrics will soon become outdated. Due to the constantly changing technologies and the threat actors who always have a way of exploiting vulnerabilities in them. Here is a quick look at the implications of passkeys and biometrics in office spaces, the potential vulnerabilities they pose, and the impact on user privacy. The Good and the Bad: Navigating the Perils Shiva Nathan, the Founder & CEO of Onymos, envisions a future where alternative authentication mechanisms, especially biometrics, will gain prevalence. Highlighting the use of passkeys and biometrics states that “more websites and apps will offer alternate authentication mechanisms to passwords, many of which will involve biometrics. The two major platform players — Apple & Google — will increase the adoption of passkeys/FIDO”.  The 2022 State of Phishing Report by SlashNext highlights a stark reality—76% of attacks focused on credential harvesting, emphasizing the persistent threat to security. Passkeys and biometrics, though formidable, face challenges in an era where technological advancements are met with equally sophisticated threat actors. Multi-factor authentication (MFA) emerges as a crucial defense mechanism, urging users to diversify passwords and embrace routine changes. However, as good as it sounds, hackers have their methods to bypass MFA, and one of those technologies is social engineering and dark web access. By social engineering, hackers can access online accounts and the technologies associated with them.  Moreover, the dark web has played a crucial part in this ordeal where sellers advertise ‘access’ to the users wherein interested parties can buy login credentials to corporate accounts for less than $100.  Password Dilemma: A Breach Waiting to Happen While biometrics is still considered a safer option, the use of passwords and passkeys is often associated with data breaches. According to reports, the most extensive password collection to date has recently surfaced on a popular hacker forum, shared by a user in a colossal 100 GB TXT file comprising 8.4 billion passwords.  Biometric systems, often considered a safer alternative, navigate a precarious path in ensuring user privacy. Earlier this year, the Federal Trade Commission warned users of misuse of biometric information. Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, emphasized the escalating sophistication and prevalence of biometric surveillance, presenting fresh challenges to privacy and civil rights.  At the core of this search, the FTC laid down several key points, adhering to the ongoing abuse of biometrics authentication. These points include:  Neglecting assessment of potential consumer harms before collecting biometric data. Delaying action on known or foreseeable risks and not implementing tools to mitigate them. Conducting clandestine or unanticipated collection and use of biometric information. Neglecting evaluation of third-party practices and capabilities related to biometric data access. Inadequate training for employees and contractors handling biometric information. Failing to monitor and ensure the proper functioning of biometric technologies to prevent harm to consumers. The Use of Passkeys and Biometrics: The legal outlook  The biometric data protection lacks global specificity, with most legal provisions relying on broader personal data protection legislation. The General Data Protection Regulation (GDPR) in the European Member States is a notable exception, providing a comprehensive framework for biometric data protection. The GDPR’s impact extends to 28 countries, including the U.K. Despite the absence of a comprehensive federal law in the U.S., individual states like Illinois, Texas, California, New York, and Virginia have enacted biometric privacy laws. The legal framework for biometric data protection in the U.S. is evolving rapidly, with a focus on issues such as consent, data breach notification, and penalties for non-compliance in cases of data breaches and cyber-attacks.  In India, the Supreme Court has recognized privacy as a fundamental right, influencing the regulation of biometric data, particularly in the context of the Aadhaar identification program. China, following a unique approach, balances consumer privacy and state surveillance through laws like the Cybersecurity Law and the Personal Information Protection Law (PIPL). Despite the challenges and ongoing developments, there is a growing global consensus on the importance of privacy. Many countries, from Europe to Brazil, India, China, and Africa, have enacted or updated privacy laws, emphasizing the need for robust accountability and imposing significant fines for inadequate data protection.  As the cybersecurity narrative unfolds, a global consensus on privacy gains momentum. From the GDPR’s impact on personal and biometric data protection to the enactment of stringent privacy laws across continents, the call for robust accountability resonates. In this dynamic dance between innovation and security, organizations must remain vigilant, adapting to new threats while upholding the sanctity of user data. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Feed

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB's formal exit from Russia earlier this year. Cloud Atlas, active since at

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Europol and ENISA spotted 443 e-stores compromised with digital skimming  |  Video game giant Ubisoft investigates reports of a data breach  |    show more ...

LockBit ransomware gang claims to have breached accountancy firm Xeinadin  |  Mobile virtual network operator […] La entrada Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Europol and ENISA spotted 443 e-stores compromised with digital skimming Pierluigi Paganini December 24, 2023 A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with   show more ...

digital skimming. Europol and ENISA collaborated in a joint law enforcement operation […] La entrada Europol and ENISA spotted 443 e-stores compromised with digital skimming – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Video game giant Ubisoft investigates reports of a data breach Pierluigi Paganini December 24, 2023 Video game publisher Ubisoft is investigating reports of an alleged data breach after popular researchers shared evidence of the hack. Ubisoft, the popular   show more ...

video game publisher, is examining reports of a potential data breach […] La entrada Video game giant Ubisoft investigates reports of a data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt It’s that time of the year again, time to head from the heat to the cold as we jump on the big plane(s) back to Europe. The next 4 weekly updates will all be from places of varying degrees colder than home, most of them done with Scott Helme […] La   show more ...

entrada Weekly Update 379 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Full Presenters List: Rose Ceccio, Sophie Stephenson, Varun Chadha, Danny Yuxing Huang, Rahul Chatterjee Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open   show more ...

Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations […] La entrada USENIX Security ’23 – ‘Sneaky Spy Devices And Defective Detectors: The Ecosystem Of Intimate Partner Surveillance With Covert Devices’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Commentary

Source: securityboulevard.com – Author: hrbrmstr Ref AP News: https://apnews.com/article/iowa-summer-ebt-food-assistance-0e878c5c0fc9dd0dd55622cb22a82561. Iowa has decided not to participate in the 2024 Summer Electronic Benefits Transfer for Children (Summer EBT) program, which provides $40 per month to each   show more ...

child in a low-income family to help with food costs while school is out. The state’s Department of Health and Human […] La entrada Democracy 2024: Pro-Hunger ≠ “Pro-Life” – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Lohrmann on Cybersecurity Where next for cyber in 2024? Here’s part two of your annual roundup of cybersecurity forecasts, top cyber trends and cybersecurity industry prediction reports as we head into calendar year 2024. December 24, 2023 •  Dan Lohrmann Adobe   show more ...

Stock/Dilok Welcome to the second installment of this comprehensive annual look […] La entrada The Top 24 Security Predictions for 2024 (Part 2) – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Atlas

Source: thehackernews.com – Author: . Dec 25, 2023NewsroomCyber Espionage / Malware The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to   show more ...

a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s […] La entrada Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: 1 After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance. In a report published on December 18, 2023, Corvus Threat Intel observed   show more ...

484 new ransomware victims posted to leak sites in […] La entrada Ransomware Leak Site Victims Reached Record-High in November – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2023-12
Aggregator history
Monday, December 25
FRI
SAT
SUN
MON
TUE
WED
THU
DecemberJanuaryFebruary