Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Shinhan Card Faces Regulatory Review Over Internal Data Sharing Incident

  Shinhan Card, one of South Korea’s largest credit card companies, has disclosed a data leak involving the personal information of approxim...

All the recent news you need to know
web domain seizure
bank account takeover Cyber Crime CyberCrime Fraud fraudulent ads US Justice Department web domain seizure

US Justice Department Seizes Web Domain Linked to Large-Scale Bank Account Takeover Fraud

 

The U.S. Justice Department (DoJ) on Monday revealed that it has taken control of a web domain and its associated database that were allegedly used to support a criminal operation aimed at defrauding Americans through bank account takeover fraud.

Authorities identified the seized domain, web3adspanels[.]org, as a backend control panel that enabled cybercriminals to store, manage, and exploit unlawfully obtained online banking credentials. Visitors attempting to access the site now encounter a seizure notice stating that the takedown was part of a coordinated international law enforcement effort involving officials from the United States and Estonia.

"The criminal group perpetrating the bank account takeover fraud delivered fraudulent advertisements through search engines, including Google and Bing," the DoJ said. "These fraudulent advertisements imitate the sponsored search engine advertisements used by legitimate banking entities."

According to investigators, the deceptive ads redirected users to counterfeit banking websites controlled by the attackers. These fake portals were embedded with malicious software that captured login details entered by unsuspecting victims. The stolen credentials were then used to access real bank accounts, allowing the criminals to seize control and siphon off funds.

So far, the fraud scheme is believed to have impacted 19 victims across the United States, including two businesses located in the Northern District of Georgia. Officials estimate attempted financial losses of around $28 million, with confirmed losses reaching approximately $14.6 million.

The DoJ further noted that the seized domain contained banking login data belonging to thousands of victims and continued to function as an operational backend for account takeover fraud as recently as last month.

Separately, data from the U.S. Federal Bureau of Investigation (FBI) indicates a sharp rise in such incidents. Since January 2025, the Internet Crime Complaint Center (IC3) has logged more than 5,100 complaints related to bank account takeover fraud, with total reported losses exceeding $262 million.

Law enforcement agencies are urging the public to remain cautious when sharing personal information online or on social media. Users should regularly review bank statements for unusual activity, use strong and unique passwords, carefully verify banking website URLs before logging in, and remain alert to phishing attempts or suspicious calls.

Read more »
Tracking
Cookies GDPR Mobile Security Online Privacy Tracking

Cookies Explained: Accept or Reject for Online Privacy

 

Online cookies sit at the centre of a trade-off between convenience and privacy, and those “accept all” or “reject all” pop-ups are how websites ask for your permission to track and personalise your experience.Understanding what each option means helps you decide how much data you are comfortable sharing.

Role of cookies 

Cookies are small files that websites store on your device to remember information about you and your activity. They can keep you logged in, remember your preferred settings, or help online shops track items in your cart. 
  • Session cookies are temporary and disappear when you close the browser or after inactivity, supporting things like active shopping carts. 
  • Persistent cookies remain for days to years, recognising you when you return and saving details like login credentials. 
  • Advertisers use cookies to track browsing behaviour and deliver targeted ads based on your profile.
Essential vs non-essential cookies

Most banners state that a site uses essential cookies that are required for core functions such as logging in or processing payments. These cannot usually be disabled because the site would break without them. 

Non-essential cookies generally fall into three groups:
  • Functional cookies personalise your experience, for example by remembering language or region.
  • Analytics cookies collect statistics on how visitors use the site, helping owners improve performance and content.
  • Advertising cookies, often from third parties, build cross-site, cross-device profiles to serve personalised ads.

Accept all or reject all?

Choosing accept all gives consent for the site and third parties to use every category of cookie and tracker. This enables full functionality and personalised features, including tailored advertising driven by your behaviour profile. 

Selecting reject all (or ignoring the banner) typically blocks every cookie except those essential for the site to work. You still access core services, but may lose personalisation and see fewer or less relevant embedded third-party elements.Your decision is stored in a consent cookie and many sites will ask you again after six to twelve months.

Privacy, GDPR and control

Under the EU’s GDPR, cookies that identify users count as personal data, so sites must request consent, explain what is being tracked, document that consent and make it easy to refuse or withdraw it. Many websites outside the EU follow similar rules because they handle European traffic.

To reduce consent fatigue, a specification called Global Privacy Control lets browsers send a built-in privacy signal instead of forcing users to click through banners on every site, though adoption remains limited and voluntary. If you regret earlier choices, you can clear cookies in your browser settings, which resets consent but also signs you out of most services.
Read more »
personal data leak
Cyber Attacks Data Leak data security Data Theft employee data exposed Jaguar Jaguar Land Rover cyberattack payroll security breach personal data leak

Jaguar Land Rover Confirms Employee Data Theft After August 2025 Cyberattack

 

British luxury carmaker Jaguar Land Rover has confirmed that a cyberattack uncovered in August 2025 led to the theft of payroll and personal data of thousands of current and former employees. After this disclosure, the company asked the affected people to remain alert about identity theft, phishing attempts, and financial fraud. 

The breach represents the first official acknowledgement from JLR that employee personal information was compromised during the incident. Earlier statements had focused largely on the operational disruption caused by the attack, which forced the temporary shutdown of vehicle production across several manufacturing facilities for several weeks. The company employs more than 38,000 people worldwide. Records pertaining to former employees and contractors were also affected. 

Internal communications shared with staff revealed that forensic investigations determined attackers took unauthorized access to payroll administration systems. These systems would include sensitive employment-related records, including data associated with salaries, pension contributions, employee benefits, and information about dependents. While JLR has stated that there is currently no evidence that the stolen information has been publicly leaked or actively misused, the nature of the exposed data creates a heightened risk profile.  

Cybersecurity experts point out that payroll systems usually host very sensitive identifiers such as bank account details, national insurance numbers, tax information, residential addresses, and compensation records. Even partial data exposure could increase the chances of identity fraud, account takeover attempts, and targeted social engineering attacks by a great degree. In response, JLR has recommended that the affected keep themselves aware of unsolicited communications and enhance passwords related to personal and professional accounts. 

For the sake of mitigation, the company has declared two years of free credit and identity monitoring services for its current and former affected employees. A dedicated helpline is also established for phone support, to assist with queries, advise on protective measures, and take reports of suspected fraudulent activity. This decision by JLR comes after forensic analysis had continued post-restoration of safe production operations. 

The breach has been formally reported to the UK's Information Commissioner's Office (ICO), which has confirmed it is conducting enquiries into the incident. The regulator has asked for more information about the extent of the breach, what security controls were in place at the time of the attack, and what remedial action has been taken since the intrusion was detected. The after-effects of the cyberattack spilled over beyond JLR's workforce. 

The disruption reportedly affected almost 5,000 supplier and partner organizations, reflecting the interconnected nature of modern manufacturing supply chains. Estimates place the overall economic impact of the incident at roughly ₹20,000 crore. Official figures suggest the disruption contributed to a measurable contraction in the UK economy during September 2025. JLR also announced that the attack resulted in the quarterly sales decline of an estimated ₹15,750 crore, along with a one-time recovery and remediation cost of around ₹2,060 crore. 

The costs comprised restoration of systems, security controls enhancement, and incident response. The intrusion, which was earlier claimed by a hacking group named "Scattered Lapsus Hunters" that had earlier been involved with attacks on major retail organizations, has alleged that the organization also accessed customer data. 
However, Jaguar Land Rover claims that evidence supporting those claims has not been found. Investigations are ongoing, and the firm has announced that it will keep informing employees, regulators, and other stakeholders as more information becomes available.
Read more »
WiFi Hotspot Spoofing
Airport WiFi Security Endpoint Device Security malware Man in the Middle Attacks Mobile Malware Threats Public WiFi Risks USB Port VPN for Travel WiFi Hotspot Spoofing

TSA Cautions Travelers on Public Wi-Fi Security Threats

 


There are growing concerns about digital safety as global travel surges during one of the busiest mobility windows of the year, and airport advisory boards are increasingly focusing on digital safety. 

As a result of the renewed warning from the Transportation Security Administration, travelers are advised to be cautious when charging their own personal devices inside terminals, especially as both physical charging points and public internet networks are becoming increasingly vulnerable to cyber attack.

An international security agency has issued a warning against using public USB charging ports that are found in airports around the world, citing the possibility that embedded malware can compromise an electronic device, according to a recent statement released on social media. There were many concerns raised about this holiday season, with the administration stating that free airport Wi-Fi networks are unreliable and unsecured. 

The administration stressed that this could create a fertile ground for hackers to target sensitive personal and corporate data during the holiday season. This alert extended beyond wired connections. It is becoming increasingly common for public Wi-Fi to be a staging point for information theft among millions of passengers navigating crowded terminals, particularly when traveling during peak travel season, because there is a high risk of information theft, particularly for business travelers, whose financial and operational consequences can be severe. 

A number of risk mitigation tools, including VPNs and offline safeguards, provide partial protection against cyberattacks, but authorities emphasize that prevention remains the most effective form of defense. It is recommended that travelers download entertainment and reading materials before arriving at airports as well as essential files in order to minimize their risk of exposure to digital threats. 

As the global travel and remote work industries continue to expand the digital attack surface, security firms have begun voicing their alarm over public Wi-Fi exposure. Several days ago, a leading provider of mobile defense solutions, Zemperium, warned smartphone users that when they travel, when they tend to lose sight of device security habits and awareness, they should remain vigilant. 

The firm emphasized that ubiquitous free wireless connectivity—whether in airports, hotels, cafes, or ride-share transit zones—has created predictable entry points that attackers are exploiting increasingly accurately in recent years. According to the company, which is echoing earlier warnings from the Transportation Security Administration, travelers will experience an increase in vulnerability to attacks due to the traveling environment, and these vulnerabilities will be heightened significantly if the passengers move through urban areas with a high density of population. 

A number of U.S. metropolitan centers are showing an increase in mobile malware activity, including Los Angeles, New York, Portland, Miami, and Seattle, where mobile malware is becoming increasingly sophisticated and more prevalent than ever before. The firm has emphasized that international travel is one of the most important concerns in the world. Industry leaders have pointed out that this issue extends far beyond smartphones alone, as well. 

According to David Matalon, a founder of the company Venn that provides secure workspaces, as remote working becomes the norm in the long run, employees tend to connect their personal laptops and mobile devices to unsecured public networks, which are often outside the monitoring of corporate security protocols. 

In light of this shift in business travelers' mindsets, compromised devices may serve as unintended conduits for access to company systems that are unmonitored. Several cybersecurity experts, including those from Zimperium, have cautioned that breaches in mobile devices can quickly evolve into access gateways into more widespread corporate intrusions if security controls are not enforced, or endpoint visibility is lacking. 

Analysts from SlashNext, a threat-prevention firm, as well as endpoint defense experts, have also warned that mobile devices remain high-value targets, particularly when users download applications that are not from official sources or connect to open networks that are not protected from attacks. 

A number of security experts, including J Stephen Kowski, who works for SlashNext, have emphasized that enterprise security teams need to expand endpoint oversight and enforce stricter policies to prevent unsafe network connections and unauthorised applications from getting through, particularly as mobile endpoints increasingly interrelate with corporate environments. 

Due to the sheer amount of travelers who use complimentary Wi-Fi networks in airports as a source of information, the TSA's advisory is particularly important given how frequently travelers check their itinerary, get their boarding information, or download stuff last minute before they leave. There has been a strong emphasis on the fact that the vulnerability that was flagged by the government echoes the risks associated with public Wi-Fi networks, which tend to operate without encryption or verification layers. 

Google has previously advised users to avoid public networks, describing them as unencrypted and easy to manipulate by cybercriminals, echoes similar concerns. Although digital safety advocates point out that a lot of the challenges are faced, a lot of it is not a matter of specialized technical knowledge that can be overcome, but rather disciplined browsing behavior and layers of protection. 

According to industry data, a significant portion of the internet ecosystem is now using encrypted HTTPS instead of the unsecured HTTP protocol, which is widely used by service providers to protect their data transmissions. By the year 2023, roughly 95 percent of Google's services should have migrated to HTTPS. In contrast to earlier internet infrastructure, where intercepted data packets were exchanged in plaintext, intercepted data packets will remain encrypted. 

It has been noted that platforms like Chrome and Firefox offer HTTPS-only mode to further strengthen browser-level security, resulting in a further restriction on access to unencrypted endpoints. Furthermore, VPN usage has been shown to be one of the most reliable safeguards for travelers accessing cloud storage, financial accounts, or internal corporate systems, especially when they are travelling on business and face higher operational and financial consequences. 

In addition to cybersecurity experts like Norton, regulatory agencies such as the U.S. Federal Trade Commission and the U.S. Consumer Protection Agency have also warned travelers that they should disable Bluetooth, file-sharing functions, and other open-channel device connectivity when inside terminals, along with enabling multi-factor authentication to access their accounts. 

A number of key warning signs, such as public networks that bypass login screens, captive portals, or terms-and-conditions of service agreements, are increasingly recognized as red flags for malicious spoofing, and these are becoming increasingly prominent. 

A consensus among digital defense analysts is that casual browsing, such as checking flight schedules, interacting with social media, or streaming entertainment, is deemed to pose a low risk. On open airport networks, authenticated portals and sensitive login-based services should be avoided as much as possible, unless protective measures are taken to keep users safe. 

A security breach of a public Wi-Fi network has emerged as one of the most pressing challenges facing travelers today, particularly in international transit hubs, where free wireless networks are often used as a default function rather than a security risk. 

Airports, according to cybersecurity analysts, present a particularly attractive environment for malicious actors due to the fact that their networks are unencrypted, not to mention that cybercriminals are deploying counterfeit Wi-Fi hotspots that resemble legitimate service names, which have become increasingly popular among cybercriminals. 

The fraudulent network is often labeled with a familiar-sounding name to attract hurried passengers to it without checking the source, and is often marketed with familiar-sounding identifiers. An attacker can silently observe data traffic flowing over an unsecured network for an extended period of time by using man-in-the-middle attack methods, injecting malware into the active session, or even capturing saved credentials and personal files once a device joins the network. 

A number of experts indicate that the consequences go beyond individual privacy, particularly for business travelers, who can inadvertently serve as entry points into corporate systems through the use of personal laptops and smartphones, which have become increasingly popular for remote working. There have been many voices throughout the industry which have stressed the importance of taking preventative measures rather than waiting for technical expertise.

One of the most widely accepted safeguards for mobile hotspots is the use of Virtual Private Networks, which allow a secure connection between a device and an external server that is encrypted. During 2024, Eric Plam, a senior executive at mobile hotspot provider SIMO, said VPN frameworks provide a security buffer between the devices and the servers they access, an important measure to take when dealing with congested terminals where digital surveillance is much easier to accomplish. 

It is not only encryption that has gained popularity among frequent travelers, but also the ancillary benefits such as airfare comparisons and hotel bookings by region. As airlines calibrate pricing based on market, analysts have observed several cost-effective flight purchase regions, such as India, Malaysia, Thailand, Mexico, Argentina, Brazil, Sri Lanka, the Philippines, and Turkey, that are among the most cost-efficient flight purchase regions. 

In addition to alternative connectivity options, security researchers have also highlighted the importance of avoiding public networks altogether as a means of connecting passengers. By using physical international SIM cards or preactivated eSIM services such as Airalo's, travelers can ensure that they have protected mobile data access without having to deal with unsecured wireless networks. 

The mobile industry is also doing its part to strengthen device-level network privacy, as Samsung, for instance, has recently introduced enhanced public-network security protocols for its smartphones, which gives users a better chance of connecting to open networks without having to worry about theft. Though digital defense specialists claim that the safest networks are usually those one travelers do not have to use, despite these advances. 

On public Wi-Fi, authorities and independent experts have consistently urged passengers to avoid logging into banking platforms, email portals, internal dashboards, or any authentication-protected service while on the internet. 

As a precaution, travelers are advised to download the boarding passes, tickets, media libraries, podcasts and playlists before arriving at terminals to minimize both the risk involved and the dependence upon free wireless internet. 

According to experts in the field of security, as travel becomes more digitized, the conversation must switch from awareness to habit. The warnings about public charging ports and unsecured Wi-Fi are not intended to discourage travelers from connecting, but rather to alter how travelers interact with each other in transient environments where anonymity benefits attackers more than the travelers.

In addition to pre-downloading essentials, cybersecurity analysts advise travelers to prevent accidental connection by enabling automatic network blocking on their devices, keeping their operating systems current, and regularly clearing stored Wi-Fi networks to prevent accidents. 

In order to secure the devices, even when they are used outside managed office networks, firms are increasingly recommending browser isolation tools, encrypted cloud access gateways, and endpoint monitoring applications for corporate travelers. Observers in the industry also point to a silver lining as well. 

As mobile security innovations accelerate, from encryption to device-level threat defense to safer global adoption of e-SIM cards, passengers have access to options that were not available a decade ago. In spite of this, digital defense leaders keep reassuring their clients that they must remain disciplined in order to keep their data secure. 

Experts say that the freedom of choice should never outweigh the cost of compromise, especially where one must make a decision that impacts millions of people each day Overcoming our evolving landscape of travel security, experts believe that preparation, layers of protection, and thoughtful connectivity are the driving factors that will establish the safest journeys forward.
Read more »
Scam
Bangladesh Cybersecurity FBI Identity Fraud Privacy Scam

U.S. Authorities Shut Down Online Network Selling Fake Identity Templates

 



United States federal authorities have taken down an online operation accused of supplying tools used in identity fraud across multiple countries. The case centers on a Bangladeshi national who allegedly managed several websites that sold digital templates designed to imitate official government identification documents.

According to U.S. prosecutors, the accused individual, Zahid Hasan, is a 29-year-old resident of Dhaka. He is alleged to have operated an online business that distributed downloadable files resembling authentic documents such as U.S. passports, social security cards, and state driver’s licenses. These files were not physical IDs but editable digital templates that buyers could modify by inserting personal details and photographs.

Court records indicate that the operation ran for several years, beginning in 2021 and continuing until early 2025. During this period, the websites reportedly attracted customers from around the world. Investigators estimate that more than 1,400 individuals purchased these templates, generating nearly $2.9 million in revenue. Despite the scale of the operation, individual items were sold at relatively low prices, with some templates costing less than $15.

Law enforcement officials state that such templates are commonly used to bypass identity verification systems. Once edited, the counterfeit documents can be presented to banks, cryptocurrency platforms, and online services that rely on document uploads to confirm a user’s identity. This type of fraud poses serious risks, as it enables financial crimes, account takeovers, and misuse of digital platforms.

The investigation intensified after U.S. authorities traced a transaction in which Bitcoin was exchanged for fraudulent templates by a buyer located in Montana. Following this development, federal agents moved to seize multiple domains allegedly connected to the operation. These websites are now under government control and no longer accessible for illegal activity.

The case involved extensive coordination between agencies. The FBI’s Billings Division and Salt Lake City Cyber Task Force led the investigation, with support from the FBI’s International Operations Division. Authorities in Bangladesh, including the Dhaka Metropolitan Police’s Counterterrorism and Transnational Crime Unit, also assisted in tracking the alleged activities.

A federal grand jury has returned a nine-count indictment against Hasan. The charges include multiple counts related to the distribution of false identification documents, passport fraud, and social security fraud. If convicted, the penalties could include lengthy prison sentences, substantial fines, and supervised release following incarceration.

The case is being prosecuted by Assistant U.S. Attorney Benjamin Hargrove. As with all criminal proceedings, the charges represent allegations, and the accused is presumed innocent unless proven guilty in court.

Cybersecurity experts note that the availability of such tools highlights the growing sophistication of digital fraud networks. The case is an alarming call for the importance of international cooperation and continuous monitoring to protect identity systems and prevent large-scale misuse of personal data.



Read more »
visa security
Data Breach e-visa system vulnerability Flaw passport data exposure Personal Data personal data leak Somalia Somalia cyber security Somalia data breach visa security

Security Flaw Exposes Personal Data on Somalia’s E-Visa System Weeks After Major Breach

 

A recently uncovered weakness in Somalia’s electronic visa system has triggered fresh alarm over the protection of travelers’ personal information, coming just weeks after authorities admitted to a large-scale data breach affecting tens of thousands of applicants. Findings indicate that the Somalia e-visa platform is missing basic security safeguards, allowing unauthorized access to and downloading of sensitive documents with little technical effort.

The vulnerability was confirmed this week by Al Jazeera following a tip from a source with professional web development experience. The source explained that flaws in the e-visa system could be exploited to extract large volumes of visa application files containing highly confidential data. This exposed information reportedly includes passport details, full names, and dates of birth, data that could be abused for criminal activities or intelligence purposes.

According to the source, evidence of the security lapse was shared with Al Jazeera, along with proof that Somali authorities had been formally notified about the vulnerability a week earlier. Despite these warnings, the source said there was no response from officials and no sign that corrective measures had been taken.

Al Jazeera independently confirmed the claims by recreating the flaw as described. During testing, journalists were able to download e-visa documents belonging to dozens of individuals in a short time. The affected records included applicants from multiple countries, such as Somalia, Portugal, Sweden, the United States, and Switzerland.

“Breaches involving sensitive personal data are particularly dangerous as they put people at risk of various harms, including identity theft, fraud, and intelligence gathering by malicious actors,” Bridget Andere, a senior policy analyst at the digital rights organization Access Now, said in comments to Al Jazeera. She added that such incidents go beyond technical shortcomings and can have long-term implications for personal safety and privacy.

New Vulnerability Surfaces After Earlier Mass Data Leak

This latest Somalia e-visa security issue emerges less than a month after officials announced an investigation into a prior cyberattack on the same system. That earlier breach drew warnings from both the United States and the United Kingdom. According to official alerts, personal data belonging to more than 35,000 Somalia e-visa applicants had been exposed. The US Embassy in Somalia previously said the leaked information included names, photographs, dates and places of birth, email addresses, marital status, and home addresses.

Following that incident, Somalia’s Immigration and Citizenship Agency (ICA) shifted the e-visa platform to a new web domain, stating that the move was intended to improve security. On November 16, the agency said it was treating the breach with “special importance” and confirmed that an investigation was underway. However, the emergence of a new vulnerability suggests that deeper security weaknesses may still persist.

Security Praise Contrasts With Legal Responsibilities

Earlier the same week, Somalia’s Defence Minister, Ahmed Moalim Figi, publicly commended the e-visa system, saying it had helped prevent ISIL (ISIS) fighters from entering the country amid ongoing military operations against a regional affiliate in northern Somalia.

“The government's push to deploy the e-visa system despite being clearly unprepared for potential risks, then redeploying it after a serious data breach, is a clear example of how disregard for people's concerns and rights when introducing digital infrastructures can erode public trust and create avoidable vulnerabilities,” Andere said. She also voiced concern that Somali authorities had not issued a public notice regarding the serious data breach reported in November.

Under Somalia’s data protection law, organizations handling personal data are required to inform the national data protection authority when breaches occur. In cases involving high risk, particularly where sensitive personal data is exposed, affected individuals must also be notified. “Extra protections should apply in this case because it involves people of different nationalities and therefore multiple legal jurisdictions,” Andere added.

Al Jazeera stated that it could not publish specific technical details of the newly discovered flaw because it remains unpatched and could be exploited further if disclosed. Any sensitive data accessed during the investigation was destroyed to safeguard the privacy of those impacted.
Read more »
Subscribe to: Comments (Atom)

Featured