Weekly Cybersecurity Digest: Top 5 News Stories in the Digital Sphere
1. AI vs Cybersecurity: Sam Altman’s Vision for 2025
The Future of Coding is Here—But at What Cost?
Sam Altman, CEO of OpenAI , predicts a groundbreaking shift in software development by 2025. AI won't just assist programmers—it will become the programmer. But while this unlocks rapid innovation, it also opens doors for cyber threats.
Imagine AI writing code, running tests, and even catching bugs – all at lightning speed. This means faster development, more efficient software, and potentially, a boom in innovation. But with great power comes great vulnerability.
?? AI: The New Developer
?? AI vs Cybersecurity: The Double-Edged Sword
? AI will democratize software development, enabling non-coders to build apps.
? This may flood the market with poorly secured software, increasing cyber risks.
? AI-powered security tools can predict, detect, and mitigate threats in real time.
???? The Changing Role of Software Engineers & Cyber Experts
2. Fortinet & Kerala Govt Join Forces for Free Cybersecurity Training Bridging the Cybersecurity Skills Gap
Fortinet has signed an MoU with Kerala’s Department of Higher Education to offer free cybersecurity training under the Additional Skill Acquisition Programme (ASAP). The initiative aims to equip students with industry-ready skills to combat evolving cyber threats.
What’s in the Training Program?
? Fortinet's Network Security Expert (NSE) Certification (5 levels, 11 certifications)
? Covers AI-driven security, Zero Trust, Cloud Security, and Security-Driven Networking
? Virtual labs & exam vouchers for hands-on experience
?? "This collaboration will empower students with industry-relevant expertise." | Dr. Usha Titus (Chairperson, ASAP Kerala)
?? The Global Cybersecurity Workforce Shortage
Fortinet’s 2024 Cybersecurity Skills Gap Report states:
?? 70% of organizations struggle with security risks due to a lack of skilled professionals
?? 4.8 million cybersecurity workers needed worldwide to bridge the gap
?? "We aim to build a strong talent pipeline to tackle cyber threats." | Vivek Srivastava (Country Manager, Fortinet)
3. DeepSeek App Found Transmitting Unencrypted User Data
A new audit by NowSecure has uncovered serious security flaws in the DeepSeek AI app for iOS. The app transmits sensitive user and device data without encryption, making it vulnerable to interception and manipulation attacks.
?? How is DeepSeek Exposing Users?
?? Sends mobile app registration & device data over the internet without encryption.
?? Uses insecure encryption algorithms (3DES) and hard-coded keys.
?? Globally disables App Transport Security (ATS), allowing unencrypted data transmission.
?? Sends data to ByteDance’s Volcano Engine servers, raising privacy concerns.
?? DeepSeek’s AI & Cyber Threats
Cybersecurity firm Check Point warns that threat actors are using DeepSeek’s AI engines to:
? Develop info stealers & mass spam scripts.
? Generate uncensored or unrestricted content.
? Bypass security protections using jailbreaking techniques.
领英推荐
?? DeepSeek’s Growing Privacy Concerns
4. Fake Google Chrome Sites Spreading ValleyRAT Malware via DLL Hijacking
?? A New Cyber Threat Targeting Windows Users
Cybercriminals are using fake Google Chrome websites to distribute ValleyRAT, a remote access trojan (RAT) linked to the Silver Fox hacking group. The attack exploits DLL hijacking techniques to infect victims, particularly targeting Chinese-speaking users in finance, accounting, and sales roles.
?? How the Attack Works
1?? Victims searching for Google Chrome are redirected to fake sites via drive-by download schemes.
2?? They unknowingly download a malicious ZIP archive containing a trojanized Chrome installer (Setup.exe).
3?? On execution, the installer downloads additional malware payloads, including:
4?? The malware logs keystrokes, monitors screens, and establishes persistence while awaiting further instructions.
?? Who is Being Targeted?
? High-value professionals in finance, sales, and accounting.
? Users in Hong Kong, Taiwan, and Mainland China.
? Individuals searching for legitimate Chrome downloads.
?? ValleyRAT’s Capabilities
?? Steals sensitive data & logs keystrokes.
?? Monitors screen activity.
?? Executes malicious DLLs & binaries remotely.
?? Uses signed executables for stealth attacks.
5. RBI Launches Exclusive “bank.in” Domain to Curb Digital Banking Fraud
?? Strengthening Cybersecurity in India's Banking Sector
The Reserve Bank of India (RBI) has introduced an exclusive “bank.in” domain for Indian banks to combat phishing attacks and enhance digital banking security. This initiative aims to reduce cyber threats, streamline secure transactions, and boost consumer trust in online financial services.
?? Key Highlights of the Initiative
? Exclusive “bank.in” domain for registered banks, managed by IDRBT (Institute for Development and Research in Banking Technology).
? Registrations begin April 2025.
? A separate "fin.in" domain for non-banking financial institutions is also in the pipeline.
??? RBI Introduces Additional Factor Authentication (AFA)
To enhance security in cross-border card-not-present (CNP) transactions, RBI is rolling out multi-factor authentication (MFA) for digital payments via cards, prepaid instruments, and mobile banking.
? Extra security for international transactions.
? No mandatory AFA method, but SMS-based OTPs remain the preferred option in India.
Follow us on LinkedIn and Subscribe to our newsletter ?? for the latest cyber security updates, insightful articles, and exclusive content to help you navigate the ever-changing threat landscape.
Don't forget to check out our Website ?? to make your cyberspace safe and secure ??, and join our growing community on Instagram ?? for bite-sized cyber security tips and trends. ?? ??