Cybersecurity
Use payment tech and still not ready for PCI DSS 4.0? You could face stiff penalties
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security requirements introduced by the Payment Card Industry Security Standards Council (PCI SSC) to protect card information from theft or fraud. Since its 2004 inception, PCI DSS has undergone multiple revisions due to the many challenges posed by the evolving sophistication of…
What is a cyberthreat hunter (cybersecurity threat analyst)? | Definition from TechTarget
A cyberthreat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that might go undetected using automated security tools, such as malware detectors and firewalls. Cyberthreat hunting involves monitoring network traffic, Internet Protocol (IP) addresses, endpoints, data sets and insider threats — often in real time — to uncover potential security incidents that…
How Spread Betting Platforms Safeguard Traders Against Cyber Risks
Spread betting has become a very popular form of trading that allows people to speculate on the movement of a financial asset without owning the asset in question. It is one of the many trading models that is exclusively digital in nature, which makes it very flexible and provides an ease of access that cannot…
SpyCloud Pioneers the Shift to Holistic Identity Threat Protection
Austin, TX, USA, February 4th, 2025, CyberNewsWire SpyCloud’s Identity Threat Protection solutions spearhead a holistic identity approach to security, illuminating correlated hidden identity exposures and facilitating fast, automated remediation. SpyCloud, a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection. By operationalizing its vast collection…
What you can do to prevent workforce fraud – Help Net Security
In this Help Net Security interview, Benjamin Racenberg, Senior Intelligence Services Manager at Nisos, discusses the threat of workforce fraud, particularly DPRK-affiliated IT workers infiltrating remote roles. With HR teams and recruiters often unprepared to detect these sophisticated schemes, businesses face significant cybersecurity and employment risks. Racenberg also discusses the tactics used by these threat…
Update: Cybercriminals still not fully on board the AI train (yet)
In November 2023, Sophos X-Ops published research exploring threat actors’ attitudes towards generative AI, focusing on discussions on selected cybercrime forums. While we did note a limited amount of innovation and aspiration in these discussions, there was also a lot of skepticism. Given the pace at which generative AI is evolving, we thought we’d take…
DeepSeek Jailbreak Reveals Its Entire System Prompt
Researchers have tricked DeepSeek, the Chinese generative AI (GenAI) that debuted earlier this month to a whirlwind of publicity and user adoption, into revealing the instructions that define how it operates. DeepSeek, the new “it girl” in GenAI, was trained at a fractional cost of existing offerings, and as such has sparked competitive alarm across…
Untrustworthy AI: How to deal with data poisoning
Business Security You should think twice before trusting your AI assistant, as database poisoning can markedly alter its output – even dangerously so 30 Jan 2025 • , 4 min. read Modern technology is far from foolproof – as we can see with, for example, the numerous vulnerabilities that keep cropping up. While designing systems…
Top 5 AI-Powered Social Engineering Attacks
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There’s no brute-force ‘spray and pray’ password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information…
FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang – Krebs on Security
The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published here since 2015. The FBI said the…