Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for India’s Answer to ...

 Cyber News

In an AI world dominated by global players like ChatGPT and DeepSeek, a new contender has emerged from India—Xanfi, a generative AI-powered chatbot that speaks more than 100 languages, including all 22 official Indian languages. At a time when most Indian startups are chasing the next big food delivery app or   show more ...

payment gateway, a young entrepreneur has taken a different route—one that prioritizes knowledge accessibility and inclusion over convenience. Launched recently at IIT Delhi, promoted by entrepreneur Pearl Kapur and developed by Zedgo 365 Technologies Pvt Ltd, Xanfi is a new AI chatbot built with a strong focus on multilingual communication and local relevance, aiming to make generative AI tools more accessible to a wider audience across India. The launch of Xanfi at one of India’s premier institutions, IIT Delhi, was more than symbolic. It signaled India’s aspiration to lead in building AI solutions that resonate with local cultures and languages while also serving a global audience. Kapur, while introducing Xanfi, put it succinctly: “While the ecosystem is busy building food and grocery delivery apps, we are delivering intelligence, creativity, and knowledge.” Let’s Understand Xanfi More Closely Xanfi is a real-time, generative AI assistant capable of answering complex queries, generating written and visual content, and offering insights across diverse areas such as: Content creation (blogs, video scripts, captions) Market & financial analysis Legal & astrological consultations Relationship advice AI art generation in a distinctive Ghibli-inspired style [caption id="attachment_102356" align="aligncenter" width="1024"] Source: Xanfi website Screenshot[/caption] What sets Xanfi apart is its strong multilingual capability. It supports over 100 languages, with deep integration of Indian cultural and linguistic contexts—something few global AI models can claim. This means someone in a remote part of India can interact with the chatbot in Maithili, Assamese, or Marathi as seamlessly as someone else using English or Hindi. Built for India, Ready for the World As claimed, the key differentiator is the dataset used to train Xanfi. Unlike many AI tools built on Western-centric data, Xanfi claims that it is developed using Indian datasets to enhance its performance on local queries. This gives it an edge in understanding cultural references, regional nuances, and language intricacies that even some of the most popular global platforms often overlook. While platforms like ChatGPT and Gemini cater to a global audience, they struggle with the depth of Indian language support. Xanfi aims to bridge that gap. In doing so, it addresses a longstanding issue in India’s tech evolution: linguistic exclusion. Despite being one of the most linguistically diverse nations in the world, AI tools for Indian languages remain woefully underdeveloped. Another notable aspect is Xanfi’s pricing—or lack thereof. While ChatGPT Plus comes with a monthly fee of around Rs 1650, Xanfi is currently free and offers a wide range of services out of the box. Even its full-featured premium plan, if opted for, is priced at just Rs 299 per month, making it more accessible to students, rural users, and small businesses. For a country where affordability determines adoption rates, this pricing model could be the catalyst that brings AI to the masses. Beyond the Hype: Challenges Ahead That said, it’s still early days. Whether Xanfi can maintain accuracy across such a wide range of domains—from astrology to market analysis—remains to be tested at scale. With powerful incumbents like OpenAI, Google, and Baidu throwing massive resources behind their chatbots, the competition is steep. Moreover, user retention, data privacy, and regulatory compliance will be critical challenges as the tool gains traction. And though accessibility and multilingualism are Xanfi’s strengths, scalability will depend on how well the tool adapts to the ever-evolving expectations of a diverse user base. A Shift in the Indian Startup Narrative Launch of Xanfi comes at a time when India’s AI sector is poised for exponential growth. The country’s artificial intelligence (AI) market is expected to reach a value of USD 7.84 billion in 2025, with projections indicating a compound annual growth rate of over 26% through 2031. Despite trailing behind the U.S. in raw numbers, India’s investments in AI are significant—Rs 5,000 crore allocated in 2024 alone to advance AI research, education, and infrastructure. Indian cities like Bengaluru, Hyderabad, and Delhi are becoming hubs for AI talent and startups. Meanwhile, Indian government initiatives like NITI Aayog’s National AI Strategy are aimed at integrating AI into healthcare, education, and smart city development, while simultaneously advocating for ethical standards in its use. Yet, the enthusiasm around AI is tempered by persistent challenges. India still lacks a comprehensive data protection law, with the Personal Data Protection Bill remaining under discussion as of 2024. This regulatory gap raises serious concerns about how AI systems collect, process, and store user data. Moreover, despite India’s vast IT workforce, the country faces a shortage of around 200,000 AI professionals, especially in specialized fields like deep learning and natural language processing. Only 20% of IT graduates currently receive formal training in AI, leaving a substantial skills gap that hinders scalable innovation. It’s within this complex context that Xanfi enters the scene—not as a mere competitor to existing global AI platforms, but as a product of India’s evolving priorities. By doing so, it challenges not just technical conventions, but also the linguistic and cultural hierarchies embedded in AI development today. Importantly, Xanfi is free to use, at least for now, making advanced AI capabilities accessible to people far beyond India's urban elite or English-speaking population. While competitors like ChatGPT or Gemini cater largely to global audiences with premium models and English-first logic, Xanfi builds from the ground up with inclusivity as a design principle, not an afterthought. This isn’t just about feature comparison or pricing models. Xanfi’s emergence poses a broader, more philosophical question to India’s tech sector: Can Indian innovation evolve from solving for convenience to solving for capacity? Can we move beyond the obsession with “faster delivery” to offering tools that genuinely empower people intellectually, economically, and creatively? For a country where nearly 80% of the population now uses the internet, but where many still lack access to advanced educational or productivity tools, this kind of shift could be transformational. If AI is going to shape the future of work, education, and communication, then tools like Xanfi could help ensure that future isn’t limited to the urban, English-speaking few. In this way, India's newly launched chatbot does not just reflect a product launch—it represents a growing aspiration within India’s startup ecosystem to think bigger, deeper, and more inclusively. In just five days, ChatGPT reached one million users. Whether Xanfi will follow in those footsteps remains to be seen, but it has already sparked a meaningful conversation: Can India build not just for India, but for the world? Pearl Kapur seems to believe it can. And with Xanfi, he’s betting not on convenience, but on intelligence.

image for Ukraine Reports 48% ...

 Cyber Warfare

In Ukraine, cyber warfare is no longer just code and servers. It’s frontline infrastructure, psychological warfare, and kinetic attacks rolled into one. According to the Computer Emergency Response Team of Ukraine’s latest report for cyber incidents in H2 2024, Russia-backed hackers have escalated their tactics:   show more ...

more aggressive, more automated, and far more coordinated with on-the-ground military action. The illusion of isolated cyberattacks is long gone. What Ukraine is facing now is digital siege warfare. [caption id="attachment_102359" align="aligncenter" width="600"] YoY Sector-wise Attack Statistics (Source: SSSCIP)[/caption] Volume Up, Stealth Down CERT-UA handled 2,576 cyber incidents in H2 2024 alone—a 48% jump from the previous half. But while the total number of incidents skyrocketed, critical and high-severity incidents dropped by 77%. That sounds like progress, until you realise it may reflect better attack obfuscation, not lower risk. [caption id="attachment_102348" align="aligncenter" width="600"] (Source: SSSCIP)[/caption] The malware playbook is also changing. There was a 112% increase in malware distribution campaigns, with phishing becoming increasingly industrialised. In many cases, attackers used cloud services like Google Drive and GitHub for malware hosting—effectively turning legitimate infrastructure into threat vectors. [caption id="attachment_102351" align="aligncenter" width="600"] (Source: SSSCIP)[/caption] The Energy Sector: A Persistent Bullseye If there’s one thing Russia has been consistent about, it’s their obsession with Ukraine’s energy grid. CERT-UA confirms that cyberattacks now often precede missile strikes, following a coordinated pattern that merges cyber with kinetic warfare. These attacks are long-term projects—often executed over 6 to 8 months—with threat actors reusing previously compromised OT infrastructure and targeting supply chain vendors with weaker defenses. That’s not just espionage. That’s sabotage. Defense Targets and Military Devices: No Longer Untouchable The military is no longer just a target—it’s an active battlefield. New malware variants like FIRMACHAGENT and legacy toolkits like SPECTR were deployed against personnel and defense firms. These implants stole everything from GPS coordinates to Signal credentials. [caption id="attachment_102353" align="aligncenter" width="600"] (Source: SSSCIP)[/caption] CERT-UA tracked multiple clusters like UAC-0020 (Vermin) and UAC-0180 that targeted military communications, file shares, and even surveillance systems. In one instance, adversaries delivered malware disguised as fake mobile versions of legitimate battlefield software, exploiting the trust placed in internal systems. Also read: Vermin Hackers Resurface to Target Ukrainian Defense Forces with SPECTR Malware The infection chain was brutally efficient: APK downloads via Signal messages, Java code injected into cloned apps, remote control over infected phones. Once inside, the attackers weren’t just collecting data—they were shaping battlefield outcomes. Civilian Infrastructure as a Weaponized Domain The December breach of Ukraine’s Ministry of Justice state registries didn’t just delay services. It froze passport issuance, halted property transactions, and disrupted border crossings. It was a textbook demonstration of how civilian systems can become attack vectors with strategic impact. The cyberattack didn’t just inconvenience users. It paralyzed national functions—highlighting that for modern states, digital infrastructure is statecraft. Supply Chains: The New Soft Target While energy and defense sectors are hardened, attackers are pivoting to softer entry points: vendors. Several campaigns exploited unpatched vulnerabilities in third-party software like GeoServer (CVE-2024-36401) and WinRAR (CVE-2023-38831), compromising organizations through backdoor dependencies. CERT-UA warns that supply chain intrusions are now the norm, not the exception. Threat actors are learning to hijack trust relationships to scale their reach. Think SolarWinds, but localised and ongoing. Russia’s APT Clusters: Same Names, New Tricks Familiar threat actors like UAC-0001 (APT28) and UAC-0050 returned with updated playbooks. QR-code phishing campaigns, fake CAPTCHAs delivering PowerShell payloads, and archive-based exploits replaced older VBS-based malware. The evolution wasn’t in concept—it was in delivery. Also read: ‘I’m not a Robot’ reCAPTCHA Trojanized by Russian Hackers to Target Local Ukrainian Government Meanwhile, UAC-0185 (UNC4221) ran credential-stealing campaigns targeting Signal, Telegram, and battlefield coordination apps. They disguised payloads as conference invitations or legitimate correspondence, relying on social engineering as much as technical delivery. These aren’t spray-and-pray operations. They’re spear phishing at military precision. Also read: Russian State-Backed Hackers Intensify Attacks on Signal Messenger Accounts Rethinking Detection: The Case for Pre-Incident Intelligence Ukraine’s defenders aren’t just reacting. CERT-UA has built out a growing network of sensors and analytics platforms, many deployed with international support. Several attacks were classified as "near misses"—interrupted mid-execution thanks to early threat visibility. But the challenge is scale. With adversaries exploiting zero-days within 12 to 24 hours of disclosure, even minute delays in patching can be catastrophic. The only sustainable defense is anticipatory: threat hunting, telemetry sharing, and proactive adversary mapping. Information-Psychological Ops: The Silent Front Beyond the backdoors and RATs lies a subtler war. Russia’s cyber strategy includes IPSO—information-psychological operations. These aim to induce fear, panic, or doubt among civilians and service members alike. Even botched attacks serve a purpose if they shake trust in the system. CERT-UA confirms ongoing phishing attempts targeting individuals via Signal and WhatsApp, designed to exfiltrate private data and weaponize it for disinformation. In this hybrid war, the line between cyberattack and propaganda is intentionally blurred. The Cyberwar That Doesn’t End at the Keyboard The report makes one thing painfully clear: Ukraine’s cyber battlefield isn’t confined to code or firewalls. It’s phones, passports, electricity, and morale. Every compromised registry, spoofed mobile app, or hijacked vendor account is part of a broader effort to erode national resilience. Now in 2025, the question isn’t whether attacks will continue—it’s whether defenders can adapt faster than adversaries evolve. That’s the real arms race.

image for A Shift From Browser ...

 Vulnerability News

Google's Threat Intelligence Group (GTIG) released its annual analysis of zero-day exploitation, detailing how 2024 saw attackers increasingly target enterprise software and infrastructure over traditional consumer platforms like browsers and mobile devices. While the total number of zero-days dropped from 98 in   show more ...

2023 to 75 in 2024, the data points to a continued evolution in adversary behavior and more sophisticated targeting of enterprise tech stacks. [caption id="attachment_102371" align="aligncenter" width="421"] (Source: Google Threat Intelligence Group)[/caption] Enterprise Tool Attacks Hit Record Enterprise software and networking appliances accounted for 44% of all zero-day vulnerabilities exploited in 2024—a record high. GTIG reported that threat actors gravitated toward products like VPNs, security gateways, and cloud infrastructure tools, recognizing their privileged position in organizational networks and their potential to bypass endpoint detection. Among the most targeted were products from Ivanti, Palo Alto Networks, and Cisco. Exploits in these systems typically allowed for remote code execution or privilege escalation, often requiring no exploit chain. This shift signals a widening threat surface for enterprise defenders and points to attackers optimizing for high-impact intrusions with minimal exposure. [caption id="attachment_102369" align="aligncenter" width="518"] Number of unique enterprise vendors targeted (Source: Google Threat Intelligence Group)[/caption] In a notable twist, security software itself emerged as a frequent target. GTIG observed 20 zero-days exploited in networking and security tools—over 60% of all enterprise-specific zero-days. These tools are highly attractive because they're deeply embedded in the infrastructure they protect and are often not monitored by traditional endpoint detection and response (EDR) tools. Vulnerabilities in these products can give attackers immediate high-privilege access, GTIG warned. The report called for EDR vendors to adapt their visibility strategies to account for these increasingly targeted platforms. End-User Platforms: A Relative Decline Although end-user technologies still made up the majority of zero-day activity (56%), GTIG saw a significant drop in exploitation for browsers and mobile platforms. Chrome remained the most targeted browser, but attacks fell by nearly a third. Mobile zero-day usage halved from the previous year. In contrast, Windows exploitation rose again—22 zero-days were tracked in Microsoft's OS, up from 16 the previous year. With Windows still ubiquitous in enterprise and home environments, threat actors continue to find value in chaining privilege escalation bugs and kernel exploits. [caption id="attachment_102373" align="aligncenter" width="489"] Zero-days in end-user products in 2023 and 2024 (Source: Google Threat Intelligence Group)[/caption] The Players Behind the Exploits State-sponsored espionage remains the primary driver behind zero-day use, accounting for over 50% of all attributed cases. PRC-affiliated actors exploited five zero-days, primarily in Ivanti appliances, in complex campaigns like one executed by UNC5221. North Korean groups, meanwhile, tied with China for the first time, also exploiting five zero-days. These campaigns often blended espionage with financially motivated attacks, such as ad fraud and ransomware precursors. Commercial surveillance vendors (CSVs) like Cellebrite continued to play a major role, especially in physical-access attack chains. Although GTIG noted fewer CSV-attributed zero-days than in 2023, the researchers attributed this decline to improved operational security rather than reduced activity. Most Attacked Vulnerability Types Three vulnerability types led the charts in 2024: use-after-free, command injection, and cross-site scripting. Many of these were tied to core enterprise tools, suggesting attackers are deliberately seeking out systemic weaknesses. Google's report took CVE-2024-44308 and CVE-2024-44309 as key examples—used together in a WebKit exploit chain to steal authentication cookies from government users visiting compromised websites. In another case, the CIGAR threat group leveraged CVE-2024-49039 in Firefox to escalate privileges from a sandboxed browser process all the way to SYSTEM. What's Ahead GTIG expects enterprise product targeting to grow even further in 2025. The report urges vendors of business infrastructure and security software to invest in secure-by-design principles, embrace zero-trust architectures, and harden remote access pathways. More broadly, Google says zero-day prevention isn't just about patching quickly. It involves proactive mitigation strategies, tighter access controls, and architectural decisions that limit blast radius if a vulnerability is exploited. Attackers are learning what defenders overlook, the report concludes. The industry needs to evolve to defend not just endpoints, but the systems that secure them. For those keeping score, zero-days may have dropped in volume this year, but they got smarter, stealthier, and a whole lot more dangerous for the enterprise world.

image for Threat Groups Aren ...

 Cyber News

Nation-state threat actors are using generative AI tools to refine their attack techniques, but they aren’t yet using GenAI to create new attack vectors, according to a presentation at this week’s RSAC Conference that offered insight into how hackers are using GenAI tools. “Our analysis shows that while AI is a   show more ...

useful tool for common tasks, we haven’t yet seen indications of adversaries developing any fundamentally new attack vectors with these models,” Sandra Joyce, VP for Google Threat Intelligence, told the RSAC 2025 Conference. “Ultimately attackers are using GenAI the way many of us are, as a productivity tool. They help to brainstorm, to refine their work, that sort of thing.” The role of AI in cybersecurity was a key topic in well over 100 sessions at the annual RSAC Conference, which became independent from security vendor RSA in 2022 and rebranded as RSAC this year. Iran, China and North Korea Threat Groups are Biggest GenAI Users Joyce said APT groups from more than 20 countries accessed Google’s public Gemini GenAI services. Iranian threat actors were the heaviest users, and Google also saw “notable activity” from China and North Korea-linked threat actors. Guardrails and security measures restricted adversarial capabilities, Joyce said, and more malicious requests generated safety responses from Gemini. Threat actors are using Gemini’s GenAI capabilities for four attack phases in particular, she said. Those attack phases are: Reconnaissance Vulnerability research Malicious scripting Evasion techniques “These are existing attack phases being made more efficient, not fundamentally new AI-driven attacks,” she said. Joyce didn’t say how Google was able to correlate Gemini use with specific threat groups, but she gave several examples of how nation-state threat actors are using GenAI tools. Iranian advanced persistent threat (APT) groups used Gemini to research “specific defense systems,” seeking information on topics such as unmanned aerial vehicles, jamming F-35 fighter jets, anti-drone systems, and Israel’s missile defense systems. North Korean APT actors researched nuclear technology and power plants in South Korea, including location and information on the security status of specific plants. Threat actors are also using GenAI for help with malware development. A North Korean APT group used Gemini for assistance developing code for sandbox evasion and to detect VM environments. Threat groups are also using GenAI to develop phishing lures and campaigns, including seeking help with translation and localization, such as requests for “fluent specific colloquial English,” Joyce said. Developing personas to make phishing campaigns more convincing is another APT use. GenAI Helps Cybersecurity Defenders Too Joyce said a number of effective security use cases are also making GenAI useful to security teams. She cited vulnerability detection, incident workflows, malware analysis and fuzzing as some defensive GenAI use cases. Also at the conference, Jeetu Patel, Cisco Executive Vice President and Chief Product Officer, unveiled the Foundation AI security model, an open source alerting and workflow Large Language Model (LLM) that was purpose-built for security. The Foundation AI base model is currently available on Hugging Face, and a multi-step reasoning model will be released soon, Patel said.

image for Creating a strong an ...

 Privacy

The flow of new information were bombarded with never ebbs. In 2025, you get less and less room in your head for things like the password for the email account you set up back in 2020 to sign your mom up for that online marketplace. On World Password Day, which falls on May 1 this year, we suggest putting in a little   show more ...

effort to combat poor memory, weak passwords, and cybercrooks. As our experts have repeatedly proven, its only a matter of time — and money — before someone targeting your password cracks it. Often, it takes very little time and money, too. Our mission is to complicate cracking your password as much as possible, so hackers lose any desire to go after your data. Our study last year found that intelligent algorithms — whether running on a powerful graphics card like the RTX 4090 or on inexpensive leased cloud hardware — can crack 59% of all passwords in the world in under an hour. Were in the middle of that studys phase two, and were about to share whether the situation has changed for the better over the year, so subscribe to our blog or Telegram channel to be among the first to know. Todays conversation covers more than just the most secure authentication methods and ways to make strong passwords. Well discuss techniques for remembering passwords, and answer the question of why using a password manager in 2025 is a really good idea. How to sign in more securely in 2025 There are several options for signing in to online services and websites today: The traditional login-and-password combination Logging in with a third-party service like Google, Facebook, Apple, etc. Two-factor authentication using one of the following methods for verification: SMS one-time code Authenticator app like Kaspersky Password Manager, Google Authenticator, or Microsoft Authenticator Hardware key like Flipper, YubiKey, or a USB token Passkeys and biometric authentication Naturally, any of these methods can be compromised (for example, by leaving your hardware token sticking out of the USB port of an unattended computer in a public place), or toughened up (for example, by creating a complex password of more than 20 random characters). And so, as the era of traditional passwords isnt over just yet, lets try to figure out how we can improve our current standing by coming up with and memorizing an easy-to-remember password. How do you remember a complex password? Before answering this question, lets recall the basic truths about passwords: Recommended length: 12–16 characters. A password should use different types of characters: numbers, lowercase and uppercase letters, and special characters. A password shouldnt contain personal information easily traced back to the user. A password needs to be unique to each of your accounts. Got it? Good. Now for the key issue: a complex password is easy to forget; a simple one — easy to crack. To help you achieve a balance between the two, weve put together some well-known, but still effective rules for creating easy-to-remember passwords. Basic level String together some unrelated words like the ones used in seed phrases when registering crypto wallets. And add a couple of numbers and special characters on the end that are meaningful to you but wont be easily guessed by an attacker. Example: DryLandStandGift2015;) Shorter words are easier to remember, and the number shouldnt be the year you or a loved one was born. It could be any memorable combination, such as the year you first went to Disneyland, the license plate of your first car, or your wedding date. Advanced level Think of a favorite line from a song or a memorable quote from a movie, and then replace, say, every second or third letter with special characters that arent in sequential order on the keyboard. Using easily accessible special characters (those you see on your phones on-screen keyboard in numeric mode) is handier. This is how you can make a strong password thats quick to type and makes your life easier. For example, if youre a fan of the Harry Potter saga, you may try to use the Avada Kedavra spell for a good cause. Lets try transforming this killing curse according to the rule above while peppering it generously with capital letters: A!ad@Kd$vr%. At first glance, a password like that looks impossible to remember, but all it takes is a little typing practice. Type it up two or three times, and youll see your fingers reaching for the right keys by themselves. How about entrusting password generation to neural networks? With the recent surge of ChatGPT and other large language models (LLMs), users have started turning to them for passwords. And its easy to see why that would be an appealing option: instead of straining to come up with a strong password, you just ask the AI assistant to generate it — with immediate results. And you can ask to make that password mnemonic if you wish to. Alas, the danger of using AI as a strong password generator is that it creates combinations of characters that only appear random to the human eye. Passwords generated by AI are not as reliable as they may seem at first glance… Alexey Antonov, Data Science Team Lead at Kaspersky, who conducted the previous password strength study, has generated a thousand passwords with ChatGPT, Llama, and DeepSeek each. It turned out each model knew that a good password consisted of at least a dozen characters, including both uppercase and lowercase letters, numbers, and special characters. However, DeepSeek and Llama sometimes generated passwords consisting of dictionary words, with some letters replaced with similar-looking numbers or symbols, such as B@n@n@7 or S1mP1eL1on. Amusingly, both models seemed to have a soft spot for the Password password, providing such variations as P@ssw0rd, P@ssw0rd!23, P@ssw0rd1, or P@ssw0rdV. Needless to say, these are not secure passwords, as intelligent brute-forcing algorithms are well aware of the letter substitution trick. ChatGPT does a better job. Here are some examples of what it came up with: qLUx@^9Wp#YZ LU#@^9WpYqxZ YLU@x#Wp9q^Z P@zq^XWLY#v9 v#@LqYXW^9pz These seem to be completely random sets of letters, special characters, and numbers. However, if you look closely, you can easily find some patterns. Some characters, for example, 9, W, p, x, and L, are used more often than others. We compiled a character frequency histogram for all generated passwords, and heres what we found: ChatGPTs favorite letters are x and p, Llama loves the character # and is partial to p too, while DeepSeek is hooked on t and w. Meanwhile, a perfectly random number generator would never favor any particular letter over others, but use every character roughly an equal number of times, making the passwords less predictable. Frequency of character usage by different language models when generating a thousand passwords. Note that almost every password generated by ChatGPT contains the letters x, p, I, and L. In addition, LLMs, like humans, often neglect to insert special characters or numbers into passwords. A lack of these symbols was found in 26% of passwords generated by ChatGPT, 32% of those generated by Llama, and 29% by DeepSeek. Awareness of these specifics can help cybercriminals bruteforce AI-generated passwords significantly faster. We ran the entire set of AI-generated passwords through the same algorithm we used for the previous study, only to find a discouraging trend: 88% of passwords generated by DeepSeek, and 87% by Llama, proved insufficiently secure. ChatGPT came out on top — with only 33% of its passwords insecure. Sadly, LLMs dont create a truly random distribution, and their output is predictable. Besides, they can easily generate the same password for you as for other users. So what should we do? Combined approach We recommend using our Password Checker service or, better yet, Kaspersky Password Manager, to generate passwords. These two use cryptographically secure generators to make passwords that dont contain detectable patterns, which guarantees true randomness. After generating a strong password, you can then come up with a mnemonic phrase to remember it. Lets say the password generator gives you the following combination: HSVpk*VR0Gkq#R Then, a phrase to help you remember the password might look like this: In a high-speed vehicle (HSV), you go over a peak (pk) and see a star (*) in virtual reality (VR). Then you fall at zero gravity (0G) and see the king and queen (kq) behind the bars (#) in a big tower shaped like a chess rook (R). Only mnemonics can help with this, so we hope you like abstract and absurd imagery. You can also try drawing the scene that describes your password as shown above. Few would be able to understand the picture besides you. Thats an easy way to memorize one password. But what if there are hundreds of them? How about storing passwords in a browser? Not a good idea. To address the issue of remembering passwords, browser developers provide options to generate and save passwords right in the browsers. This is naturally very convenient: the browser itself fills in the password for you whenever needed. Unfortunately, a browser is not password manager, and storing passwords there is extremely insecure. The problem is, cybercriminals figured out a long time ago how to use simple scripts to pull passwords stored in browsers in mere seconds. And the way browsers sync data across different devices in the cloud — such as through a Google account — is a disservice to users. All it takes is to hack or trick someone into giving up the password for that account, and all their other passwords are an open book. Use a password manager A real password manager stores all passwords in an encrypted vault. For example, Kaspersky Password Manager stores all your passwords in a vault encrypted with the AES-256 symmetric encryption algorithm, used by the U.S. National Security Agency to store state secrets. The algorithm uses a master password, which only you know (even we dont know it) as the encryption key. Each time Kaspersky Password Manager is accessed, the app requests this password from you and decrypts the vault for the current session. In this same encrypted vault you can also store other important information such as bank card numbers, document scans, or notes. Kaspersky Password Manager offers other useful features too: It can be used to generate unique and truly random password combinations. It can fill in your passwords for you both on computers and mobile devices. The app is provided for both major mobile platforms as well as macOS and Windows computers; there are also extensions for popular browsers. The password database is synchronized across all your devices in encrypted form. You can use it instead of Google Authenticator to generate 2FA codes for all your online accounts. It checks if your passwords have been leaked or compromised and alerts you if you need to change any of them. With Kaspersky Password Manager, all you need do is use the methods described above to come up with and remember one master password, which is used to encrypt the password manager vault. Just remember: youll have to memorize this password extremely well, because if you lose it youre back to square one. No one — not even Kaspersky employees — can access your encrypted vault. We dont know your master password either. Lets recap So how do you properly handle passwords in 2025? Follow the guidelines above to come up with a secure master password, and use our Password Checker service to test its cryptographic strength. Cant think of a strong master password? Create one right there, and use mnemonic rules to memorize it. Install Kaspersky Password Manager on all your devices. With this app, you only need to remember the master password. The app will remember the rest for you. Use passkeys and various two-factor authentication methods wherever possible — preferably through the app. Combining a strong password with secure authentication methods creates a powerful synergy, which significantly enhances protection against unauthorized access to your accounts. Most importantly, read Kaspersky Daily to stay safe. These posts can help you create the strongest passwords and manage them correctly: How to create strong passwords and where to store them How hackers can crack your password in an hour How to store passwords securely Passwords 101: dont enter your passwords just anywhere theyre asked for Kaspersky Password Manager gets a new look

image for Alleged ‘Scattered ...

 A Little Sunshine

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of   show more ...

companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Scattered Spider is a loosely affiliated criminal hacking group whose members have broken into and stolen data from some of the world’s largest technology companies. Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024. As first reported by KrebsOnSecurity, Buchanan (a.k.a. “tylerb”) fled the United Kingdom in February 2023, after a rival cybercrime gang hired thugs to invade his home, assault his mother, and threaten to burn him with a blowtorch unless he gave up the keys to his cryptocurrency wallet. Buchanan was arrested in June 2024 at the airport in Palma de Mallorca while trying to board a flight to Italy. His extradition to the United States was first reported last week by Bloomberg. Members of Scattered Spider have been tied to the 2023 ransomware attacks against MGM and Caesars casinos in Las Vegas, but it remains unclear whether Buchanan was implicated in that incident. The Justice Department’s complaint against Buchanan makes no mention of the 2023 ransomware attack. Rather, the investigation into Buchanan appears to center on the SMS phishing campaigns from 2022, and on SIM-swapping attacks that siphoned funds from individual cryptocurrency investors. In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls to the victim’s device — including one-time passcodes for authentication and password reset links sent via SMS. In August 2022, KrebsOnSecurity reviewed data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations. The security firm Group-IB called them by a different name — 0ktapus, because the group typically spoofed the identity provider Okta in their phishing messages to employees at targeted firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022. The complaint against Buchanan (PDF) says the FBI tied him to the 2022 SMS phishing attacks after discovering the same username and email address was used to register numerous Okta-themed phishing domains seen in the campaign. The domain registrar NameCheap found that less than a month before the phishing spree, the account that registered those domains logged in from an Internet address in the U.K. FBI investigators said the Scottish police told them the address was leased to Buchanan from January 26, 2022 to November 7, 2022. Authorities seized at least 20 digital devices when they raided Buchanan’s residence, and on one of those devices they found usernames and passwords for employees of three different companies targeted in the phishing campaign. “The FBI’s investigation to date has gathered evidence showing that Buchanan and his co-conspirators targeted at least 45 companies in the United States and abroad, including Canada, India, and the United Kingdom,” the FBI complaint reads. “One of Buchanan’s devices contained a screenshot of Telegram messages between an account known to be used by Buchanan and other unidentified co-conspirators discussing dividing up the proceeds of SIM swapping.” U.S. prosecutors allege that records obtained from Discord showed the same U.K. Internet address was used to operate a Discord account that specified a cryptocurrency wallet when asking another user to send funds. The complaint says the publicly available transaction history for that payment address shows approximately 391 bitcoin was transferred in and out of this address between October 2022 and February 2023; 391 bitcoin is presently worth more than $26 million. In November 2024, federal prosecutors in Los Angeles unsealed criminal charges against Buchanan and four other alleged Scattered Spider members, including Ahmed Elbadawy, 23, of College Station, Texas; Joel Evans, 25, of Jacksonville, North Carolina; Evans Osiebo, 20, of Dallas; and Noah Urban, 20, of Palm Coast, Florida. KrebsOnSecurity reported last year that another suspected Scattered Spider member — a 17-year-old from the United Kingdom — was arrested as part of a joint investigation with the FBI into the MGM hack. Mr. Buchanan’s court-appointed attorney did not respond to a request for comment. The accused faces charges of wire fraud conspiracy, conspiracy to obtain information by computer for private financial gain, and aggravated identity theft. Convictions on the latter charge carry a minimum sentence of two years in prison. Documents from the U.S. District Court for the Central District of California indicate Buchanan is being held without bail pending trial. A preliminary hearing in the case is slated for May 6.

 Feed

A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January 2025. The complaint alleged its staff had received e-mails containing obscene, abusive

 Feed

Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct

 Feed

How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without

 Feed

A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. "Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and

 Feed

Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:  “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen

 Feed

Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since

 Feed

As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable. MCP, launched by Anthropic in November 2024, is a framework designed to connect

 Feed

Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging

 Threat Lab

In today’s digital world, passwords have become a necessary part of life. But even though you use them for almost everything you do online, you probably don’t give them the thought they truly deserve. May 1, 2025, is World Password Day, a reminder that passwords are the unsung heroes of cybersecurity, the first   show more ...

line of defense for all your sensitive personal data. This annual event encourages you to level up your password game and strengthen your online defenses. World Password Day is more relevant than ever in today’s evolving threat landscape. Data breaches are on the rise, and according to the 2024 Verizon Data Breach Investigations Report, a staggering 81% of them are linked to weak or compromised passwords. The bottom line? If you’re still relying on “Fluffy123”, you could be putting your personal information at risk. Let’s explore password-based attacks, and some steps you can take to lock down your logins, once and for all. Threats to your passwords Managing all your passwords can be a hassle. They’re easy to forget and hard to keep track of, so people tend to use and reuse simple passwords they can remember. But here’s the issue – cybercriminals are getting smarter and their attacks are only getting more sophisticated. If a scammer gains access to your personal details, they can create havoc with your finances and cause you stress for years to come. In the past, brute force attacks were the go-to method, which involved simply using trial and error to crack passwords. Today, hackers use much more complex methods – here are a few examples. Password phishing: In a phishing attack, scammers will use emails, phone calls, or texts to pose as trusted businesses and service providers. They may send you a fake invoice to pay. They might offer you an amazing deal on an upgraded service. Sometimes they threaten to cut off a service if you don’t respond immediately. The goal is to trick you into giving up your username and password so they can access your data and steal your money.  Credential stuffing: Once hackers have your login details, they often try what’s called credential stuffing – using your stolen credentials (username and password combinations) to try and break into your other accounts. Why does this work so often? Because more than two in three people admit they reuse passwords across multiple accounts. Malware: Infostealer malware can be used by hackers in the background to steal your personal information including your passwords. Once the malware is on your device it can search your web browsers, email clients, digital wallets, files, applications, etc. looking for sensitive information. They can even look for old forms you filled out with passwords, record your keyboard strokes, and take screenshots of your computer dashboard.  The malware then sends this information back to hackers’ servers, sometimes within seconds.  Hackers can use this type of malware for large attacks as seen by the targeted attack on Snowflake customers. Password security checklist  Create strong passwordsLonger is stronger: Aim for passwords that are at least 16 characters long. Research shows this number of characters takes exponentially longer to crack.Difficulty matters: “12345” may be an easy password to remember, but it isn’t going to keep the cybercriminals away. Create a unique mix of uppercase, lowercase, numbers, and symbols for each password.Be unpredictable: Avoid using obvious patterns and personal details that will be easy for hackers to figure out. This means no street addresses or phone numbers, and especially no personal details you might be sharing on social media.Did you know? More than 50% of people admit to using familiar names for their passwords, such as their kid’s name or their pet’s name. 15% said they use their own first name in their passwords! Change reused passwordsIf you’re reusing the same password across accounts, it’s time for a refresh. All it takes is one compromised account for a hacker to potentially unlock dozens more. Start with your most sensitive accounts, such as banking, email, and healthcare and update those first.Did you know? According to a study by Forbes Advisor, on average, people reuse the same password for at least four accounts. Use multi-factor authenticationEven if a hacker obtains your password, you can still stop them in their tracks by adding a second layer of security to your login process. Multi-factor authentication (MFA) includes things like one-time codes sent to your phone or scans of biometric features, such as your face or fingerprints.Did You Know? Using MFA can stop over 99% of account compromise attacks. Consider using passphrases or passkeysThese are two alternatives to passwords that you might want to consider. A passphrase is a string of unrelated words that’s easy to recall and tough to crack. For example, something nonsensical like “FancyGoldEmuDancing “ will be hard for a hacker to guess, but it might be easier for you to memorize than a string of numbers and symbols. A passkey is an authentication method that uses biometric data, like facial recognition or a fingerprint. It can also use a swipe pattern (a three-by-three grid of dots) or a PIN. A passkey is used across all your devices, creating a password-free login.Did you know? Not only does signing in with a passkey make your data              much more secure, it’s also three times faster than using a conventionalpassword. Use a password managerPassword managers are tools that make your life easier by doing the hard work for you. By automatically generating and storing your strong passwords, they reduce the risk of recycled or forgotten logins and provide secure access across all your devices. Webroot solutions include password managers and much more, including features like real-time phishing detection to prevent credential theft.Did you know? Users who rely on password managers are less likely to experience identity theft or credential theft than those who don’t. Protect your devices          Antivirus software scans detect and defend against any virus or malicious program like malware, trojans, adware and more that might cause damage to your devices. Webroot products offer robust antivirus protection that continuously scours the internet to identify and block the latest threats.Did you know? Hackers are moving away from browser-based attacks and embedding malicious software into everyday files like documents, installers and media. More than 50% of all consumer malware now enters through downloads and desktop. Never forget that your passwords are the very foundation of your digital defense strategy. With cyberattacks becoming more and more sophisticated, creating strong passwords is no longer optional – it’s essential. This World Password Day, take the time to check in on your password practices. Update those old logins, enable MFA, and let Webroot do the heavy lifting. Just a few simple steps today can save you a world of trouble tomorrow. Looking for more information and solutions? Passkeys – the key to seamless authentication Protecting your digital life Anatomy of a credential-stuffing attack Dangers of password reuse Picking safe passwords Nastiest malware 2024 The post Strengthen your digital defenses on World Password Day appeared first on Webroot Blog.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson A proof-of-concept program has been released to demonstrate a so-called monitoring “blind spot” in how some Linux antivirus and other endpoint protection tools use the kernel’s io_uring interface. That interface allows applications to make IO   show more ...

requests without using traditional system calls. That’s a problem for security tools that rely […] La entrada Watch out for any Linux malware sneakily evading syscall-watching antivirus – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones Google says that despite a small dip in the number of exploited zero-day vulnerabilities in 2024, the number of attacks using these novel bugs continues on an upward trend overall. Data released by Google Threat Intelligence Group (GTIG) today, timed with the   show more ...

ongoing RSA Conference 2025, revealed that 75 […] La entrada Enterprise tech dominates zero-day exploits with no signs of slowdown – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 China

Source: go.theregister.com – Author: Iain Thomson RSAC Russia used to be considered America’s biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it. This shift was signified by the Volt Typhoon attacks against the US last year, retired   show more ...

Rear Admiral Mark Montgomery told […] La entrada China now America’s number one cyber threat – US must get up to speed – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying. The open letter, co-signed by the   show more ...

industry bigwigs, compares the campaign against Krebs and, by extension, […] La entrada Infosec pros tell Trump to quit bullying Chris Krebs – it’s undermining security – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 China

Source: go.theregister.com – Author: Jessica Lyons RSAC The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: “China.” In an interview with The Register during RSA Conference, she said Chinese government-backed   show more ...

crews are testing out AI in every stage of the attack chain. […] La entrada China is using AI to sharpen every link in its attack chain, FBI warns – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson RSAC Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least. According to Adam Meyers, CrowdStrike’s senior veep in the counter adversary   show more ...

division, North Korean infiltrators are bagging […] La entrada The one interview question that will protect you from North Korean fake workers – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Simon Sharwood Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview in the name of science. As the researchers explain in a draft report on their work: “In r/changemyview, users share opinions   show more ...

on various topics, challenging others to change their perspectives by presenting […] La entrada Swiss boffins admit to secretly posting AI-penned posts to Reddit in the name of science – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Simon Sharwood Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic minority group. Many Uyghur people, a   show more ...

Muslim ethnic majority, live in China’s Xinjiang province and according […] La entrada Open source text editor poisoned with malware to target Uyghur users – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. The cyberattack on Marks & Spencer (M&S) is linked to the notorious Scattered Spider group. Explore the severe impact of the incident on M&S, including contactless payment failures, online delivery delays, and significant stock shortages in physical   show more ...

locations. The recent cyber-attack that significantly disrupted operations at the British retailer […] La entrada Scattered Spider Suspected in Major M&S Cyberattack – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: CyberNewswire. San Francisco, United States, April 29th, 2025, CyberNewsWire By fusing agentic AI and contextual threat intelligence, SecAI transforms investigation from a bottleneck into a force multiplier. SecAI, an AI-enriched threat intelligence company, made its official   show more ...

debut today at RSA Conference 2025 in San Francisco, marking the company’s first public appearance […] La entrada SecAI Debuts at RSA 2025, Redefining Threat Investigation with AI – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated   show more ...

India Pvt Ltd […] La entrada Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Google. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Category & Tags: – Views: 0 La entrada New security   show more ...

requirements adopted by HTTPS certificate industry – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Kimberly Samra. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/03/titan-security-keys-now-available-in.html Category & Tags: – Views: 0 La entrada Titan   show more ...

Security Keys now available in more countries – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Kimberly Samra. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/03/announcing-osv-scanner-v2-vulnerability.html Category & Tags: – Views: 1 La entrada   show more ...

Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Kimberly Samra. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/03/vulnerability-reward-program-2024-in.html Category & Tags: – Views: 0 La entrada   show more ...

Vulnerability Reward Program: 2024 in Review – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Edward Fernandez. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/03/new-ai-powered-scam-detection-features.html Category & Tags: android,android security,pixel   show more ...

– android,android security,pixel Views: 0 La entrada New AI-Powered Scam Detection Features to Help Protect You on Android – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: security.googleblog.com – Author: Kimberly Samra. Security Blog The latest news and insights from Google on security and safety on the Internet Original Post url: http://security.googleblog.com/2025/02/securing-tomorrows-software-need-for.html Category & Tags: – Views: 0 La entrada Securing   show more ...

tomorrow’s software: the need for memory safety standards – Source:security.googleblog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackercombat.com – Author: Hacker Combat. Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the primary methods of risk treatment, including forgoing   show more ...

high-risk activities or adopting more secure systems and processes. Make sure your […] La entrada Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management – Source:www.hackercombat.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons RSAC America’s top cyber-defense agency is “being undermined” by personnel and budget cuts under the Trump administration, some of which are being driven by an expectation of perfect loyalty to the President rather than the nation.   show more ...

That’s according to Jen Easterly, who led the US Cybersecurity and Infrastructure Security […] La entrada Ex-CISA chief decries cuts as Trump demands loyalty above all else – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Brandon Vigliarolo A Maryland man has pleaded guilty to fraud after landing a job with a contractor working on US government software, and then outsourcing the work to a self-described North Korean developer in China. Minh Phuong Ngoc Vong is a Vietnamese-born naturalized US   show more ...

citizen. He recently pleaded guilty conspiracy to […] La entrada Maryland man pleads guilty to outsourcing US govt work to North Korean dev in China – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones A spate of high-profile swatting incidents in the US recently forced the FBI into action with its latest awareness campaign about the occasionally deadly practice. The feds issued guidance on how members of the public can protect themselves from swatting,   show more ...

describing the action of making hoax phone calls or […] La entrada FBI steps in amid rash of politically charged swattings – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Thomas Claburn Shell scripting may finally get a proper bug-checker. A group of academics has proposed static analysis techniques aimed at improving the correctness and reliability of Unix shell programs. The team argues it’s possible to analyze shell scripts ahead of   show more ...

execution, offering developers pre-runtime guarantees more typical of statically typed […] La entrada Ghost in the shell script: Boffins reckon they can catch bugs before programs run – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cloud

Source: go.theregister.com – Author: David Gordon Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear what level of protection these provide. Weak identity and access controls, inadequate encryption,   show more ...

insecure application programming interfaces (APIs), application and service misconfigurations, denial […] La entrada Cloud doesn’t mean secure: How Intruder finds what others miss – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious   show more ...

tools, according to a new report from Tenable. […] La entrada Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional   show more ...

defenses and slip through unnoticed. Once inside, they can take over […] La entrada [Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Chinese

Source: thehackernews.com – Author: . A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. “Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6   show more ...

stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and Original Post url: […] La entrada Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Customer

Source: thehackernews.com – Author: . Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:  “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When   show more ...

I logged back in, all my shows were […] La entrada Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom “employs advanced evasion techniques, including living-off-the-land (LOTL)   show more ...

tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging Original […] La entrada Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-04
Aggregator history
Wednesday, April 30
TUE
WED
THU
FRI
SAT
SUN
MON
AprilMayJune