Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label trending news. Show all posts
trending news
Cybersecurity Attack malware News online threats trending news

Beware of Fake Viral Video Links Spreading Malware

 

McAfee Labs has uncovered a rise in cyber scams where fraudsters use fake viral video links to trick people into downloading malware. These attacks rely on social engineering, enticing users with promises of exclusive or leaked content. 

Once a user clicks on the deceptive link, they are redirected through several malicious websites before unknowingly downloading a harmful file. The scheme typically begins with a fake message or document containing a link to a trending video. Clicking the link leads to an unsafe website filled with misleading advertisements, fake download buttons, and sometimes adult content. 

These sites trick users into downloading a file—often a ZIP folder—that seems harmless but actually contains malware hidden within a password-protected archive. Once downloaded and extracted, the file reveals a setup program that, when executed, launches the malware. To make it appear legitimate, a CAPTCHA screen is displayed first. 

However, once the user clicks “OK,” the malware installs itself discreetly, injecting harmful files into the system and running hidden processes that steal data or compromise the device. While McAfee’s security measures have intercepted many such attacks, experts warn that these scams continue to evolve. 

Cybercriminals use clickbait tactics to manipulate people’s curiosity, making it crucial to stay vigilant. To protect yourself, avoid clicking on links that claim to provide exclusive or leaked videos, as these are often traps designed to distribute malware. 

Be cautious of unfamiliar websites that prompt you to download files, as they may contain hidden threats. Always scan downloaded files with reliable security software before opening them. Additionally, keep your antivirus software updated to ensure real-time protection against emerging cyber threats. Since online scams are constantly evolving, staying informed and cautious is the best defense against potential cyber risks.
Read more »
trending news
cybersecurity concerns cybersecurity news DeepSeek-R1 trending news

DeepSeek-R1 AI Under Fire for Severe Security Risks

 

DeepSeek-R1, an AI model developed in China, is facing intense scrutiny following a study by cybersecurity firm Enkrypt AI, which found it to be 11 times more vulnerable to cybercriminal exploitation compared to other AI models. The research highlights significant security risks, including the AI’s susceptibility to generating harmful content and being manipulated for illicit activities. 

This concern is further amplified by a recent data breach that exposed over a million records, raising alarms about the model’s safety. Since its launch on January 20, DeepSeek has gained immense popularity, attracting 12 million users in just two days—surpassing ChatGPT’s early adoption rate. However, its rapid rise has also triggered widespread privacy and security concerns, leading multiple governments to launch investigations or impose restrictions on its usage.  
Enkrypt AI’s security assessment revealed that DeepSeek-R1 is highly prone to manipulation, with 45% of safety tests bypassing its security mechanisms. The study found that the model could generate instructions for criminal activities, illegal weapon creation, and extremist propaganda. 

Even more concerning, cybersecurity evaluations showed that DeepSeek-R1 failed in 78% of security tests, successfully generating malicious code, including malware and trojans. Compared to OpenAI’s models, DeepSeek-R1 was 4.5 times more likely to be exploited for hacking and cybercrime. 

Sahil Agarwal, CEO of Enkrypt AI, emphasized the urgent need for stronger safety measures and continuous monitoring to mitigate these threats. Due to these security concerns, several countries have initiated regulatory actions. 

Italy was the first to launch an investigation into DeepSeek’s privacy and security risks, followed by France, Germany, the Netherlands, Luxembourg, and Portugal. Taiwan has prohibited government agencies from using the AI, while South Korea has opened a formal inquiry into its data security practices. 

The United States is also responding aggressively, with NASA banning DeepSeek from federal devices. Additionally, lawmakers are considering legislation that could impose severe fines and even jail time for those using the platform in the country. The growing concerns surrounding DeepSeek-R1 come amid increasing competition between the US and China in AI development. 

Both nations are pushing the boundaries of AI for military, economic, and technological dominance. However, Enkrypt AI’s findings suggest that DeepSeek-R1’s vulnerabilities could make it a dangerous tool for cybercriminals, disinformation campaigns, and even biochemical warfare threats. With regulatory scrutiny intensifying worldwide, the AI’s future remains uncertain as authorities weigh the risks associated with its use.
Read more »
trending news
AI AI news Quantum Technology trending news

AI and Quantum Computing Revive Search Efforts for Missing Malaysia Airlines Flight MH370

 

A decade after the mysterious disappearance of Malaysia Airlines Flight MH370, advancements in technology are breathing new life into the search for answers. Despite extensive global investigations, the aircraft’s exact whereabouts remain unknown. However, emerging tools like artificial intelligence (AI), quantum computing, and cutting-edge underwater exploration are revolutionizing the way data is analyzed and search efforts are conducted, offering renewed hope for a breakthrough. 

AI is now at the forefront of processing and interpreting vast datasets, including satellite signals, ocean currents, and previous search findings. By identifying subtle patterns that might have gone unnoticed before, AI-driven algorithms are refining estimates of the aircraft’s possible location. 

At the same time, quantum computing is dramatically accelerating complex calculations that would take traditional systems years to complete. Researchers, including those from IBM’s Quantum Research Team, are using simulations to model how ocean currents may have dispersed MH370’s debris, leading to more accurate predictions of its final location. Underwater exploration is also taking a major leap forward with AI-equipped autonomous drones. 

These deep-sea vehicles, fitted with advanced sensors, can scan the ocean floor in unprecedented detail and access depths that were once unreachable. A new fleet of these drones is set to be deployed in the southern Indian Ocean, targeting previously difficult-to-explore regions. Meanwhile, improvements in satellite imaging are allowing analysts to reassess older data with enhanced clarity. 

High-resolution sensors and advanced real-time processing are helping experts identify potential debris that may have been missed in earlier searches. Private space firms are collaborating with global investigative teams to leverage these advancements and refine MH370’s last known trajectory. 

The renewed search efforts are the result of international cooperation, bringing together experts from aviation, oceanography, and data science to create a more comprehensive investigative approach. Aviation safety specialist Grant Quixley underscored the importance of these innovations, stating, “New technologies could finally help solve the mystery of MH370’s disappearance.” 

This fusion of expertise and cutting-edge science is making the investigation more thorough and data-driven than ever before. Beyond the ongoing search, these technological breakthroughs have far-reaching implications for the aviation industry.

AI and quantum computing are expected to transform areas such as predictive aircraft maintenance, air traffic management, and emergency response planning. Insights gained from the MH370 case may contribute to enhanced safety protocols, potentially preventing similar incidents in the future.
Read more »
Zyxel
cyber attack Cyber Attacks News trending news Zero day vul Zyxel

Critical Zero-Day Vulnerability in Zyxel Devices Sparks Widespread Exploitation


Cybersecurity researchers at GreyNoise have uncovered widespread exploitation of a critical zero-day vulnerability in Zyxel CPE Series devices, months after it was initially reported to the manufacturer. The flaw, identified as CVE-2024-40891, allows attackers to execute arbitrary commands on affected devices, potentially leading to data breaches, network infiltration, and complete system compromise. GreyNoise has disclosed the issue to raise awareness among organizations and individuals at risk, as mass exploitation attempts have already been observed.

Details of the Vulnerability and Exploitation

The vulnerability, CVE-2024-40891, was first reported to Zyxel by researchers at VulnCheck in August 2024. However, Zyxel has yet to release a public advisory or an official CVE entry for the flaw, leaving users without a patch to mitigate the risk. GreyNoise collaborated with VulnCheck to disclose the issue, following standard security policies. A GreyNoise spokesperson stated, “Due to first-hand, confirmed mass exploitation attempts for this vulnerability, we chose to disclose this to raise awareness among those who may be impacted.”

Security analysts at Censys estimate that approximately 1,500 devices are online and potentially vulnerable, though definitive confirmation of affected versions is still pending. The National Vulnerability Database (NVD) has not yet provided additional details about the issue. To assess the extent of malicious activity, GreyNoise and VulnCheck conducted a joint investigation, revealing that attackers are actively targeting the flaw.

Researchers noted that CVE-2024-40891 shares similarities with another Zyxel vulnerability, CVE-2024-40890, which also involves authentication and command injection exploits. The key difference is that CVE-2024-40891 is exploited via telnet, while CVE-2024-40890 is HTTP-based. This latest vulnerability follows a recent warning from the Cybersecurity and Infrastructure Security Agency (CISA) and German authorities about another security flaw in Zyxel firewalls, CVE-2024-11667, which was exploited to deploy Helldown ransomware in early December.

Mitigation Strategies and Recommendations

With no official patch available, Zyxel users remain vulnerable to exploitation. Security experts urge organizations to implement temporary mitigation strategies to reduce the risk of compromise. Key recommendations include:

  1. Monitor Network Traffic: Closely monitor network traffic for unusual activity, particularly on devices running Zyxel CPE Series firmware.
  2. Restrict Access: Limit access to potentially affected devices by disabling unnecessary services, such as telnet, and implementing strict access controls.
  3. Apply Workarounds: If possible, apply any available workarounds or configuration changes recommended by cybersecurity experts until an official patch is released.
  4. Stay Informed: Keep track of updates from Zyxel and cybersecurity agencies like CISA for the latest information on vulnerability and mitigation measures.

A VulnCheck spokesperson confirmed that the firm is actively working with Zyxel on the disclosure process and expects to share further insights in the coming week. In the meantime, organizations are advised to remain vigilant and take proactive steps to protect their networks.

The widespread exploitation of CVE-2024-40891 highlights the critical importance of timely vulnerability disclosure and patch management. As attackers continue to target Zyxel devices, organizations must prioritize cybersecurity measures to safeguard their systems and data. While waiting for an official patch, implementing temporary mitigation strategies and staying informed about updates can help reduce the risk of exploitation. This incident serves as a reminder of the ongoing challenges in securing network devices and the need for collaboration between manufacturers, researchers, and users to address vulnerabilities effectively.

Read more »
trending news
AI cybersecurity Emerging tech news Generative AI latest news News Technology Technology News trending news

Generative AI in Cybersecurity: A Double-Edged Sword

Generative AI (GenAI) is transforming the cybersecurity landscape, with 52% of CISOs prioritizing innovation using emerging technologies. However, a significant disconnect exists, as only 33% of board members view these technologies as a top priority. This gap underscores the challenge of aligning strategic priorities between cybersecurity leaders and company boards.

The Role of AI in Cybersecurity

According to the latest Splunk CISO Report, cyberattacks are becoming more frequent and sophisticated. Yet, 41% of security leaders believe that the requirements for protection are becoming easier to manage, thanks to advancements in AI. Many CISOs are increasingly relying on AI to:

  • Identify risks (39%)
  • Analyze threat intelligence (39%)
  • Detect and prioritize threats (35%)

However, GenAI is a double-edged sword. While it enhances threat detection and protection, attackers are also leveraging AI to boost their efforts. For instance:

  • 32% of attackers use AI to make attacks more effective.
  • 28% use AI to increase the volume of attacks.
  • 23% use AI to develop entirely new types of threats.

This has led to growing concerns among security professionals, with 36% of CISOs citing AI-powered attacks as their biggest worry, followed by cyber extortion (24%) and data breaches (23%).

Challenges and Opportunities in Cybersecurity

One of the major challenges is the gap in budget expectations. Only 29% of CISOs feel they have sufficient funding to secure their organizations, compared to 41% of board members who believe their budgets are adequate. Additionally, 64% of CISOs attribute the cyberattacks their firms experience to a lack of support.

Despite these challenges, there is hope. A vast majority of cybersecurity experts (86%) believe that AI can help attract entry-level talent to address the skills shortage, while 65% say AI enables seasoned professionals to work more productively. Collaboration between security teams and other departments is also improving:

  • 91% of organizations are increasing security training for legal and compliance staff.
  • 90% are enhancing training for security teams.

To strengthen cyber defenses, experts emphasize the importance of foundational practices:

  1. Strong Passwords and MFA: Poor password security is linked to 80% of data breaches. Companies are encouraged to use password managers and enforce robust password policies.
  2. Regular Cybersecurity Training: Educating employees on risk management and security practices, such as using antivirus software and maintaining firewalls, can significantly reduce vulnerabilities.
  3. Third-Party Vendor Assessments: Organizations must evaluate third-party vendors for security risks, as breaches through these channels can expose even the most secure systems.

Generative AI is reshaping the cybersecurity landscape, offering both opportunities and challenges. While it enhances threat detection and operational efficiency, it also empowers attackers to launch more sophisticated and frequent attacks. To navigate this evolving landscape, organizations must align strategic priorities, invest in AI-driven solutions, and reinforce foundational cybersecurity practices. By doing so, they can better protect their systems and data in an increasingly complex threat environment.

Read more »
trending news
Google Chrome extensions attack malware News trending news

Google Chrome Extensions Compromised in Widespread Cyberattack

A cybersecurity incident has compromised at least 35 Google Chrome extensions, affecting approximately 2.6 million users globally. Over 400,000 devices have reportedly been infected with malicious code as part of a coordinated attack.

Timeline and Attack Methodology

An investigation revealed that the attack began on December 5, although related domains were registered as early as March 2024. This indicates the attackers had been preparing for months before launching their campaign.

One targeted entity was a data loss prevention startup, whose Chrome extension was exploited. The breach reportedly began with a phishing email impersonating a Google policy alert, urging a developer to install a "Privacy Policy Extension." This malicious extension, when granted permissions, allowed attackers to access the developer’s account.

Once access was obtained, the attackers uploaded a malicious update to the compromised extensions. This update bypassed security protocols and was automatically distributed to users, facilitating the infection. The primary objective appeared to be data harvesting, with an emphasis on collecting Facebook-related information from users.

Company Response and Security Observations

The affected company reported that the compromised employee had Google Advanced Protection and multi-factor authentication (MFA) enabled. Despite following standard protocols, the employee inadvertently authorized a malicious third-party application. The company clarified that no suspicious MFA prompts were received, and the employee's Google credentials remained secure.

Domains associated with the attack were initially registered in March 2024, with additional registrations occurring closer to the campaign’s escalation in November and December.

This incident underscores the evolving tactics of cybercriminals and the importance of constant vigilance and robust cybersecurity measures, particularly in the face of sophisticated phishing campaigns.

Read more »
trending news
Cyber Secuirty Cyber Security News Passkeys authentication trending news

Are Passkeys the Future of Authentication? Current Hurdles Say Otherwise

For years, cybersecurity experts have criticized passwords as outdated and insecure. Frequently re-used, susceptible to phishing, and vulnerable to leaks, they remain one of the weakest links in online security. Passkeys have been hailed as the solution — a frictionless and secure alternative that leverages biometric authentication while addressing many of the vulnerabilities associated with traditional passwords.

However, despite their promise, passkeys face challenges that could hinder their widespread adoption. While the technology offers undeniable advantages, issues like inconsistent functionality and platform lock-ins complicate the user experience.

How Passkeys Work

Passkeys represent a safer and more streamlined authentication method. Instead of typing a password, users authenticate through biometric verification, such as Face ID, Touch ID, or similar local methods. This approach shifts the security focus to the device itself, adopting a trust model akin to mobile payment systems like Apple Pay. In theory, this allows for seamless logins across devices.

The Reality of Cross-Platform Challenges

In practice, however, the experience is less cohesive. Within Apple’s ecosystem, passkeys function smoothly, with iCloud synchronization ensuring consistency. Yet outside this "walled garden," complications arise.

As highlighted by Ars Technica, users attempting to log into the same service with passkeys across platforms—such as PayPal on Windows versus iOS — encounter varying experiences. Some services further restrict passkey usage to specific browsers, frustrating users who frequently switch between platforms.

Platform Lock-In and User Frustration

A more pressing issue is platform dominance. Tech giants like Apple and Google often push users toward their proprietary passkey management systems, sometimes overriding user preferences. For instance, even if a passkey is synced via a third-party password manager, users may still be redirected to Google’s system when logging into certain sites, such as LinkedIn.

Adding to the frustration, many services operate passkeys alongside passwords rather than replacing them entirely. This undermines the very purpose of passkeys, as users are still required to create passwords during registration, perpetuating traditional security risks.

The Push for a Password-Free Future

Despite these setbacks, some organizations are leading the charge toward a password-free future. As Grayson Mixon, a user commenting on the issue, noted:

"The company I work for introduced passkeys months ago. Now they are disabling passwords as an option. It will be passkeys only in 2025."

While such initiatives signal progress, the path to universal adoption of passkeys is far from straightforward. For passkeys to truly replace passwords, the industry must overcome challenges related to interoperability, user convenience, and platform neutrality.

Passkeys have the potential to revolutionize online authentication, offering a more secure and convenient alternative to passwords. Yet, current inconsistencies and platform restrictions highlight the need for continued innovation and collaboration across the tech industry. Until these hurdles are addressed, the journey toward a password-free digital landscape will remain a work in progress.

Read more »
trending news
Cybersecurity Breach Data Breach EU News SecurityScorecard trending news

Third-Party Data Breaches Expose Cybersecurity Risks in EU's Largest Firms

A recent report by SecurityScorecard has shed light on the widespread issue of third-party data breaches among the European Union’s top companies. The study, which evaluated the cybersecurity health of the region’s 100 largest firms, revealed that 98% experienced breaches through external vendors over the past year. This alarming figure underscores the vulnerabilities posed by interconnected digital ecosystems.

Industry Disparities in Cybersecurity

While only 18% of the companies reported direct breaches, the prevalence of third-party incidents highlights hidden risks that could disrupt operations across multiple sectors. Security performance varied significantly by industry, with the transport sector standing out for its robust defenses. All companies in this sector received high cybersecurity ratings, reflecting strong proactive measures.

In contrast, the energy sector lagged behind, with 75% of firms scoring poorly, receiving cybersecurity grades of C or lower. Alarmingly, one in four energy companies reported direct breaches, further exposing their susceptibility to cyber threats.

Regional differences also emerged, with Scandinavian, British, and German firms demonstrating stronger cybersecurity postures. Meanwhile, French companies recorded the highest rates of third- and fourth-party breaches, reaching 98% and 100%, respectively.

Ryan Sherstobitoff, Senior Vice President of Threat Research and Intelligence at SecurityScorecard, stressed the importance of prioritizing third-party risk management. His remarks come as the EU prepares to implement the Digital Operational Resilience Act (DORA), a regulation designed to enhance the cybersecurity infrastructure of financial institutions.

“With regulations like DORA set to reshape cybersecurity standards, European companies must prioritise third-party risk management and leverage rating systems to safeguard their ecosystems,” Sherstobitoff stated in a media briefing.

Strengthening Cybersecurity Resilience

DORA introduces stricter requirements for banks, insurance companies, and investment firms to bolster their resilience against cyberattacks and operational disruptions. As organizations gear up for the rollout of this framework, addressing third-party risks will be crucial for maintaining operational integrity and adhering to evolving cybersecurity standards.

The findings from SecurityScorecard highlight the urgent need for EU businesses to fortify their digital ecosystems and prepare for regulatory demands. By addressing third-party vulnerabilities, organizations can better safeguard their operations and protect against emerging threats.

Read more »
Subscribe to: Posts (Atom)