Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Microsoft Dismantles Malware-Signing Network Exploiting Azure Artifact Signing Service

  Microsoft has announced the disruption of a large-scale malware-signing-as-a-service (MSaaS) operation that exploited its Azure Artifact ...

All the recent news you need to know
Phishing Attacks
Android Malware Android Security APK Fraud Cyber Security Cybercrime Karnataka Digital Fraud Fake APK Apps Mobile Banking Scam Phishing Attacks

Fake APK Apps Fuel 190% Rise in Digital Fraud Across Karnataka

 


Cybercrime is rapidly changing in Karnataka. Threat actors are increasingly shifting their focus from traditional phishing and investment scams to highly sophisticated APK-based attacks designed specifically for Android platforms. It has been reported by security experts and law enforcement agencies that the number of Android Package Kit (APK) fraud cases has increased by 190% during the first four months of 2026, demonstrating how malicious application files are used to intrude smartphones, gather sensitive credentials, and carry out unauthorized financial transactions using malicious applications. 

By April, there were 458 complaints filed, and it is anticipated that the number will surpass 1,300 before the year is up, according to investigators. The misuse of fake APK installers has emerged as an aggressive and technically dangerous form of mobile-enabled financial cybercrime currently affecting users across the state, particularly senior citizens and those without digital experience. 

Cybersecurity experts and investigators continue to find that seniors are disproportionately susceptible to APK-based attacks, primarily due to limited familiarity with Android security architecture and the increasing sophistication of social engineering techniques embedded within fraudulent messages. 

APK installers are increasingly being masked as urgent service notifications involving electricity bill disconnection, pending KYC verification, unclaimed credit card rewards points, courier updates, or even digital wedding invitations distributed through WhatsApp and Telegram platforms. When downloaded and manually installed outside of official app markets, these files can be silently gaining intrusive permissions on a device, allowing threat actors to monitor SMS-based OTPs, capture bank credentials, access contact lists, and manipulate financial applications remotely. 

Exclusive data obtained by DH indicates that Karnataka has experienced a steep 190.46% increase in APK fraud incidents, increasing from 325 reported cases in 2024 to 944 in 2025. 458 complaints have already been filed by April 2026 alone. Authorities estimate that by the end of the year, approximately 1,374 APK-related fraud complaints could occur in the state, based on its current monthly average of 114.5 cases.

The APK fraud campaign differs from the digital arrest scams or investment-linked pig butchering operations that rely heavily on prolonged psychological manipulation. As a result, law enforcement and cybercrime response teams face significant operational challenges resulting from low public awareness and weak digital vigilance. APK fraud campaigns are designed for rapid compromise through deceptive mobile payload delivery. 

Various authorities have urged citizens to avoid downloading APK files from unverified sources, restrict unnecessary application permissions, and report suspicious digital activities as soon as possible to the national cybercrime helpline 1930 or to designated cyber police units. 

It has been attributed that the rapid expansion of APK-enabled fraud networks is due to the widespread penetration of low-cost Android smartphones, the increased use of instant messaging platforms, and the existence of a persistent digital literacy gap among a wide range of user groups. There is an increasing sophistication of cybercriminal operations, with fraudulent APK payloads embedded within region-specific and multilingual communication used to imitate legitimate service providers, financial institutions, delivery platforms, and government verification systems, according to investigators. 

Users are advised to refrain from downloading applications that may have been transmitted via WhatsApp forwards, SMS hyperlinks, Telegram attachments, or unfamiliar third-party websites. Additionally, experts recommend enabling the "Install from Unknown Sources" setting on Android devices only when absolutely necessary for verified enterprise use. 

The security analysts recommend that electricity bills, courier delivery alerts, banking updates, and KYC requests be authenticated through official websites or authorized mobile applications, in recognition of the increasing use of clones and fabricated urgency by attackers to expedite victim responses.

Investigators of cybercrime have also advised against sharing one-time passwords, facilitating screen-sharing sessions, or granting access permissions to individuals who appear to be bank officials, police personnel, or government officials, since such access can facilitate remote surveillance, credential intercept, and unauthorized financial transactions. These campaigns identify seniors as one of the most at risk demographics, and encourage them to verify suspicious communications with trusted family members before engaging in links or application files. 

As a further warning, fraud syndicates are increasingly utilizing emotional manipulation, fear-based narratives, and professionally formatted communication templates for bypassing user suspicions and taking advantage of impulsive behavior. 

Considering the proliferation of APK fraud campaigns in social media ecosystems and regional languages, cybersecurity professionals believe technological safeguards alone are insufficient in the absence of parallel investments in community-driven awareness initiatives, multilingual cyber hygiene education, improved law enforcement coordination and stronger enforcement of mobile application security. 

It is evident that the escalating trend is indicative of how India’s increased adoption of digital technologies has simultaneously led to an increased attack surface for financially motivated cybercrime, according to experts. Through this transformation, cybersecurity is becoming a broader challenge of public awareness and social resilience that requires coordination between authorities, banks, and technology providers. 

As APK-based fraud escalates across Karnataka, it symbolizes a broader shift in the landscape of cyber threats in India, where mobile devices have evolved into both essential digital lifelines and high-value attack surfaces for financially motivated hackers. Social engineering tactics and malicious application delivery methods continue to be refined by cybercriminals. 

The most effective defences, experts believe, will require not only advanced cybersecurity infrastructure but also sustained public awareness, responsible digital behavior, and rapid incident reporting. Increasingly, mobile-first services are being utilized in an ecosystem in which sensitive financial and personal information can be compromised as soon as a single unverified download is completed. Therefore, authorities and cybersecurity professionals stress the importance of vigilance, verification, and informed digital practices as routine parts of everyday online activity rather than reactive measures in response to fraud.
Read more »
technology
AI Development Anthropic Job Automation Microsoft ai technology

Microsoft AI Chief Says White-Collar Jobs Could Face AI Automation Within 18 Months

 






For decades, university degrees in business, law, finance, and management were widely viewed as reliable pathways to stable office careers and long-term financial security. Throughout much of the late 20th century, white-collar professions became deeply associated with economic mobility, especially in countries like the United States where corporate and professional employment expanded rapidly.

Now, artificial intelligence is forcing technology leaders, economists, and workers to confront a different question: what happens if software systems become capable of performing many of those office-based jobs faster and at lower cost than humans?

That debate intensified after Mustafa Suleyman, the CEO of Microsoft AI, warned earlier this year that AI systems may soon handle most professional computer-based tasks with minimal human involvement. In an interview with the Financial Times, Suleyman predicted that the transition could happen far sooner than many people expect, estimating that major disruption may begin within the next 12 to 18 months.

According to Suleyman, artificial intelligence models are moving toward what he described as “human-level performance” across a wide range of professional responsibilities. He argued that jobs centered around sitting at a computer, processing information, reviewing documents, writing reports, managing workflows, or analyzing data are particularly vulnerable to automation.

The Microsoft AI executive specifically pointed to industries such as accounting, legal services, marketing, and project management as sectors where AI systems could eventually replace large portions of repetitive and administrative work.

His remarks add to a growing list of warnings from major AI executives who believe artificial intelligence may fundamentally reshape white-collar employment. The conversation has become increasingly urgent as businesses rapidly adopt generative AI systems capable of writing text, generating code, summarizing documents, automating customer support, and completing analytical tasks.

Suleyman’s prediction closely mirrored concerns raised this week by AI researcher Matt Shumer, whose widely circulated essay compared the current state of AI development to the early weeks of 2020 before the COVID-19 pandemic dramatically altered everyday life. Shumer argued that many people may still be underestimating the speed and scale of disruption AI could introduce into the global economy.

He suggested the impact of widespread automation may ultimately exceed the societal changes caused by the pandemic because AI has the potential to affect nearly every knowledge-based profession simultaneously.

One of Suleyman’s key arguments centers around the rapid expansion of computational power, often referred to within the industry as “compute.” Compute describes the hardware infrastructure and processing capability used to train and operate artificial intelligence models. As companies invest billions of dollars into advanced chips, data centers, and AI infrastructure, newer models are becoming increasingly capable of handling sophisticated tasks that previously required trained professionals.

Suleyman said improvements in compute could eventually allow AI systems to write software code more effectively than many human programmers. The claim reflects a broader trend in the technology industry, where AI-assisted coding tools are already being integrated into software engineering workflows to generate code, identify errors, and automate portions of development.

Even some of the people building advanced AI systems have publicly acknowledged concerns about how quickly the technology is progressing. OpenAI CEO Sam Altman and Matt Shumer have both written about the emotional discomfort of watching artificial intelligence evolve to the point where parts of their own expertise could become less valuable over time.

Warnings about large-scale job disruption have circulated repeatedly throughout 2025. Last May, Anthropic CEO Dario Amodei cautioned that AI could potentially eliminate up to half of entry-level white-collar positions. Although Amodei later moderated some of those predictions, his comments contributed to growing anxiety surrounding the future of professional employment.

Ford CEO Jim Farley also predicted that artificial intelligence may eventually reduce the number of white-collar jobs in the United States by approximately 50%, highlighting how concerns over AI automation are spreading beyond technology companies into traditional industries.

In a separate analysis published by The Atlantic, journalist Josh Tyrangiel argued that the United States remains largely unprepared for the economic and social consequences of rapid AI adoption. Tyrangiel compared the recent silence from many corporate leaders to spotting “a shark fin break the water,” suggesting that warning signs are visible even if the full disruption has not yet arrived.

The discussion surrounding artificial intelligence intensified further after SpaceX CEO Elon Musk stated during the World Economic Forum in Davos that artificial general intelligence, commonly known as AGI, could emerge as early as this year. AGI refers to hypothetical AI systems capable of matching or exceeding human intelligence across nearly all cognitive tasks rather than specializing in only one function.

Despite increasingly dramatic predictions from technology executives, current evidence suggests that AI’s real-world impact on professional jobs remains more limited than many forecasts imply.

A 2025 report published by Thomson Reuters found that professionals in industries such as law, accounting, and auditing are primarily using AI tools for targeted tasks including document review, routine analysis, summarization, and administrative support. While these tools have improved efficiency in some workflows, the report did not indicate widespread replacement of human professionals.

Several economists have also argued that the financial benefits of AI remain concentrated within large technology firms rather than spreading evenly across the broader economy.

Research conducted by Apollo Global Management chief economist Torsten Slok found that profit margins among major technology companies increased by more than 20% during the fourth quarter of 2025. However, companies included in the broader Bloomberg 500 Index showed little measurable improvement during the same period.

Slok also noted that many Wall Street investors remain unconvinced that artificial intelligence will generate substantial earnings growth outside the technology sector in the near future.

At the same time, there are early indicators that AI-related restructuring is beginning to affect parts of the workforce. Employment consultancy Challenger, Gray & Christmas reported that approximately 49,135 job cuts this year were linked to artificial intelligence.

Microsoft itself laid off around 15,000 employees last year. Although the company did not officially identify AI as the direct reason behind the cuts, CEO Satya Nadella stated in a memo released after the layoffs that Microsoft needed to “reimagine” its mission for what he described as a new technological era.

Financial markets have also reacted strongly to the possibility that AI systems could disrupt existing software business models. Earlier this year, software stocks experienced a major selloff driven by investor fears that advanced AI agents could reduce the need for traditional software-as-a-service products, commonly known as SaaS platforms.

Industry analysts referred to the market downturn as the “SaaSpocalypse.” The decline accelerated after Anthropic and OpenAI introduced enterprise-focused agentic AI systems capable of independently completing complex digital tasks that previously required multiple software tools and human oversight.

Agentic AI systems are designed to perform sequences of actions autonomously, including making decisions, interacting with applications, and executing workflows with limited human input.

Despite skepticism from some economists and analysts, Suleyman remains highly confident about AI’s long-term capabilities. He argued that organizations may eventually be able to customize AI systems for virtually any operational need, allowing businesses, institutions, and even individuals to create specialized AI models tailored to specific tasks.

Suleyman compared the future creation of AI models to producing a podcast or publishing a blog, suggesting the process may eventually become simple and accessible for ordinary users.

A major part of Suleyman’s strategy at Microsoft AI involves pursuing what he described as “superintelligence,” a term used to describe AI systems that significantly exceed human cognitive abilities.

Microsoft is also reportedly attempting to reduce its dependence on OpenAI by investing more heavily in its own internal AI models and infrastructure. Developing independent foundation models has become increasingly important for major technology companies competing in the global AI race.

However, skepticism surrounding the technology continues to grow. Critics argue that many current AI systems still struggle with factual accuracy, reasoning consistency, hallucinations, legal accountability, cybersecurity concerns, and reliability in high-risk professional environments.

Some analysts have also questioned whether current levels of investment in artificial intelligence are sustainable if measurable productivity gains outside the technology industry remain limited.

Competition within the AI industry is also intensifying rapidly. Anthropic’s Claude models have recently gained stronger traction among enterprise customers, increasing competitive pressure on OpenAI in the race to dominate business-focused AI services.

Even so, Suleyman continues to reject the idea that AI development is slowing down. In an interview featured by MIT Technology Review in April, he maintained that artificial intelligence research and capabilities are still accelerating rather than approaching a plateau.

For now, experts remain divided on how quickly AI will transform the workforce. While some executives believe widespread automation is approaching rapidly, others argue that human judgment, oversight, regulation, ethics, and organizational trust will continue to play a critical role in many professions for years to come.

The next few years may ultimately determine whether artificial intelligence becomes primarily a productivity assistant for professionals or a technology capable of permanently reshaping the structure of white-collar employment across the global economy.

Read more »
Threat Intelligence
Authentication Tokens Browser Cookie Theft Cybercrime Marketplace malware Password Manager Security REMUS Infostealer Threat Intelligence

REMUS Infostealer Reveals the Growing Sophistication of MaaS Platforms


Cybercrime is increasingly becoming an industrialized business as infostealer operations adopt the structure, speed, and feature-based development cycles of legitimate software platforms. The emergence of REMUS, as well as the development cycles associated with it, mark another shift in the industrialization of cybercrime. 


Flare researchers examined 128 underground posts published from February to May 2026, and observed the malware's rapid evolution into a full-scale malware-as-a-service ecosystem designed to facilitate operational scalability and persistent account compromise over a period of five years. This initial effort focused on harvesting saved credentials and collecting browser information, but later expanded into hijacking sessions, targeting password managers, abuse of restore tokens, and automated Telegram delivery methods, reflecting a deliberate shift toward long-term access theft rather than simple credential extraction. 

By combining REMUS's rapid updates with improved operator visibility and modular deployment capabilities, it has become apparent that REMUS will not only be used as a malware payload, but also as a commercially managed cybercrime platform aimed at supporting broader distribution, easier affiliate adoption, and increasingly resilient post-compromise operations. 

There has been an overall transformation within the underground infostealer economy that has led to operations such as REMUS maturing rapidly, where malware distribution has evolved into a highly structured commercial ecosystem, characterized by defined supply chains, subscription-based access models, dedicated log brokers and affiliate operators. 

Information theft is no longer considered as an isolated malware family but rather as the foundation for many layers of financial-motivated cybercrime. They are now playing a greater role than just stealing credentials, serving as an entry point for larger compromise operations, which include the deployment of ransomware and unauthorized access to corporate networks. 

Recent DBIR assessments indicate that credentials linked to 54 percent of ransomware victims were previously disclosed through infostealer logs, and nearly 40 percent of those datasets contained corporate email accounts, indicating that harvested session data can play a valuable role in enterprise attacks. 

A type of advanced remote access Trojan called an infostealer operates silently within infected systems, gathering cookies, authentication tokens, stored passwords, fingerprints, and other telemetry from the infected system before packaging the information into standardized "stealer logs" for exfiltration. 

In turn, these logs are sold as monetizable access assets on dark web marketplaces, cybercrime forums, and encrypted Telegram channels. Operators routinely distribute free log samples as promotional materials to attract buyers and expand their criminal subscriber base, further enhancing the commercialization of the infostealer ecosystem and its scalability. 

A detailed examination of the operator's advertisements, feature announcements, support discussions, and update logs offers an exceptional chronological perspective on REMUS' evolution from a relatively lightweight credential stealer to a continuous, operationally efficient and commercially successful MaaS platform. 

Based on the activities observed between February and May 2026, a development model that closely resembles legitimate software operations was observed, where iterative features were released, customer-oriented improvements were made, and backend management improvements were improved rapidly. 

A number of early campaigns in February created a perception of REMUS as a trustworthy, accessible, and reliable stealer that specialized in stealing browser credentials, cookie theft, extracting Discord tokens, delivering logs through Telegram, and simplifying log management. 

Throughout the promotional language, the operator emphasized a commercial mindset, including advertising "24/7 support" alongside claims that the malware was "simple enough that even a child can figure it out," as well as boasting that its callback success rate was near 90 percent through the use of dedicated intermediary infrastructure and custom encryption algorithms. After entering an aggressive expansion phase in March, the operation shifted focus from data theft toward campaign administration and operator visibility in an effort to increase efficiency. 

In addition to enhanced delivery workflows, restore-token capabilities, worker tracking, duplicate-log filtering, and expanded statistics dashboards were introduced to provide affiliates with a greater understanding of failed executions and infection performance. 

April marked another strategic transition in REMUS's evolution, this time toward authentication-based session persistence and browser-side artifact collection. These changes signaled the emergence of a managed operational ecosystem rather than merely a standalone malignant binary.

SockS5 proxy integration, antivirtualization controls, gaming-platform targeting, as well as deeper password harvesting were all added to the malware. It also included IndexedDB extractions linked to browser extensions associated with the 1Password and LastPass browser extensions, and references to Bitwarden-related collection mechanisms. 

A noticeable shift occurred towards maintaining active authenticated environments through stolen session material instead of only relying on exposed credentials. Early May showed a slowdown in the addition of entirely new features as development focused on platform stability, restoring function refinements, optimizing collection, adjusting delivery schedules, and resolving bugs. It indicated that the operator was moving from rapid capability expansion to long-term operational reliability and service maturity. 

REMUS reflected a broader shift in the priorities of the underground malware economy by clearly pivoting towards session theft and authenticated access preservation as a defining characteristic of its operation. 

Information thieves in the previous generations primarily focused on obtaining usernames and passwords for later exploitation, REMUS consistently promoted browser cookies, authentication tokens, workflows to restore sessions, and proxy-assisted continuity mechanisms as central operational features of their operations. 

There were repeated references throughout the campaign to "Restore" capabilities, multi-proxy compatibility, and token recovery workflows indicating that the malware was designed specifically to maintain active authenticated environments as opposed to simply capturing credentials on its own. As modern security controls increasingly rely on multi-factor authentication, device trust verification, behavioral analytics, and risk-based login verification, this distinction has significant operational value for threat actors.

Through the use of stolen session artifacts, rather than raw credentials alone, attackers may be able to bypass many of these layered defenses without triggering immediate authentication challenges. This objective was further reinforced by repeated targeting of Discord, Steam, Riot Games, and Telegram environments, as persistent authenticated sessions within such platforms can be used to resell accounts, conduct fraud operations, abuse social engineering, and monetize access over the long term. 

As part of its session-focused development, REMUS has demonstrated a growing interest in browser-based password management systems as well. As of April 2026, the operator has implemented collection capabilities associated with Bitwarden, 1Password, LastPass, and IndexedDB-based browser storage mechanisms commonly used to retain locally authenticated data by modern extensions and web applications. 

While the observed activity cannot independently confirm vault decryption or direct compromise of password-manager databases, it indicates that development priorities had expanded toward harvesting browser-side storage artifacts associated with password-management workflows, although there is no independent confirmation of either. 

In addition, the campaign infrastructure itself displayed a high degree of operational maturity. Throughout the deployment cycle, the operator maintained a steady cadence of versioned releases, troubleshooting refinements, feature additions, bug remediation, statistics enhancements, and backend management improvements. These practices closely resemble legitimate software maintenance practices.

Throughout the report, references to worker management, log categorization systems, infection visibility dashboards, and loader monitoring were made, implying a structured multi-role environment, where development, deployment, infrastructure management, and monetization functions were increasingly segmented. These organizational models are similar to the organizational models found in mature malware-as-a-service ecosystems today. 

REMUS illustrates how modern infostealer campaigns have evolved from opportunistic credential theft to scalable, persistent, and monetizable platforms that enable access. As a result of the rapid development cycle, a focus on authenticated session continuity, and an increasing interest in browser-based authentication ecosystems, cybercrime has experienced a broad shift, demonstrating the increasing value of stolen access in the cybercrime landscape. 

A reminder to defenders that password protection alone is not sufficient to protect against threats increasingly engineered to exploit trusted sessions, browser storage artifacts, and post-authentication workflows.

In the near future, organizations will face increased pressure to strengthen session monitoring practices, token invalidation practices, endpoint visibility, browser hardening, and anomaly-based access controls as MaaS operations continue to adopt the speed, structure, and operational discipline commonly associated with legitimate software companies. 

There is less significance to the evolution observed in REMUS with regard to any single malware capability than it has in relation to the emergence of a professional and commercialized cyber intrusion ecosystem.
Read more »
User Privacy
Cyber Crime French Teacher Minor Safety Sexual Exploitation User Privacy

AI Vigilante Sting Catches Alleged Paedophile Ex-Teacher in France

 

A retired French physical education teacher has been placed in custody after an online sting operation exposed what investigators say was a serious attempt to solicit a minor. The case has drawn wide attention because the “girl” he was speaking to was not real, but a digitally created identity controlled by an influencer known for targeting alleged predators. The meeting was streamed live, turning a criminal investigation into a public spectacle. 

According to the BBC report, the 66-year-old man, identified as Dominique B, surrendered to authorities in eastern France one day after the exchange was broadcast. During the 40-minute interaction, he believed he was speaking with a 14-year-old girl, but the image and voice were being operated by a male influencer. Even though the visual disguise was imperfect, the setup was convincing enough to lead the retired teacher into inappropriate conversation. 

The exchange reportedly attracted more than 40,000 live viewers and later approached a million views online. In the footage, the man is seen relaxing in a chair while the fake persona appears on screen, with the influencer adjusting his appearance to help maintain the illusion. The stunt’s reach shows how online platforms can amplify both exposure and controversy when criminal behavior is broadcast in real time. 

French prosecutors in Vesoul say the man now faces charges for making sexual propositions to a person under 15 and for soliciting pornographic images from a minor. Those allegations carry serious legal and social consequences, especially given his former role as an educator. The case is likely to fuel further debate over the line between citizen-led vigilance and public shaming in digital spaces. 

The influencer involved said his aim was to raise awareness, but the incident also highlights the growing use of deceptive online identities in anti-predator campaigns. While such tactics can expose dangerous behavior, they also raise questions about evidence, ethics, and the influence of livestream culture. For now, the French case stands as a stark reminder that online anonymity can be abused, and that public exposure is no substitute for lawful accountability.
Read more »
Iran-based hacker group
Critical Infrastructure Cyber Attacks Hacker attack Infrastructure Infrastructure Security Iran hackers Iran-based hacker group

Iran-Linked Hackers Targeted US Fuel Tank Systems Through Exposed ATG Networks

 

A cyber incident linked to suspected Iranian hackers targeted U.S. gas station fuel monitoring systems, exposing weaknesses in critical infrastructure. Internet-connected ATG systems lacking password protection reportedly allowed attackers to gain access without stolen credentials. Though designed to track fuel levels automatically, these systems became vulnerable because of poor security controls. 

The incident highlights how basic operational technology flaws can create major risks. Weakly protected infrastructure remains an attractive target for cyberattacks. Remote access features, while convenient, can become dangerous when left exposed online. 

Many of these monitoring tools operate quietly in the background until compromised. Security experts warn that even simple protections could have blocked the intrusion. Each exposed device increases risks across connected infrastructure networks. Although the attackers reportedly altered displayed fuel readings, authorities said the actual fuel levels inside storage tanks were not changed. 

Even so, cybersecurity specialists stressed that compromised ATG systems could still disrupt operations or create confusion during emergencies. Experts have warned for years that insecure fuel monitoring systems could become targets for hackers or state-backed groups seeking to impact critical services. Growing tensions involving the United States, Iran, and Israel have fueled suspicions around Iranian-linked cyber activity. Analysts noted similarities between this incident and earlier attacks tied to Iran targeting fuel distribution infrastructure. 

While officials have not publicly confirmed attribution, researchers said the timing and techniques resemble previous Iran-associated operations. Cybersecurity and Infrastructure Security Agency acknowledged reports of malicious activity involving automated tank gauge systems across critical sectors. While the agency stopped short of blaming Iran directly, it urged organizations to strengthen protections immediately. 

Recommendations included removing ATG systems from direct internet exposure, implementing strong passwords, reviewing logs regularly, and improving monitoring for suspicious behavior. Experts say modern geopolitical conflicts increasingly extend into digital systems supporting everyday life. Attacks targeting fuel infrastructure can trigger economic disruption, supply chain instability, and public panic even without causing physical damage. 

A relatively small cyber incident can still send a strategic message by demonstrating access to systems relied upon by millions. Many cybersecurity professionals continue warning that operational technology environments remain especially vulnerable because they often rely on outdated systems, weak segmentation, and limited visibility. Attackers frequently focus on these environments because even simple techniques can produce large-scale disruption. 

Researchers also pointed to lessons from the Colonial Pipeline ransomware attack, which caused fuel shortages and emergency declarations across multiple U.S. states in 2021. Experts believe similar attacks today could create ripple effects well beyond the originally targeted facilities. 

Security specialists now argue that industrial systems and connected devices should receive the same level of protection as traditional IT networks. Stronger segmentation, automated compliance checks, continuous monitoring, and recovery planning are increasingly viewed as necessary safeguards as cyber threats against critical infrastructure continue to grow.
Read more »
Verification
Data & Privacy Google Phone Storage Technology Verification

Google Tests 5GB Gmail Storage Limit for New Users Without Phone Verification

 


Google is experimenting with a new Gmail policy that limits some newly created accounts to 5GB of cloud storage unless users add a phone number to their account. Once a phone number is linked, the full 15GB of free storage becomes available.

The company confirmed the trial to Android Authority, explaining that the initiative is being tested in select regions to ensure a “high-quality storage experience.” Google also stated that phone number verification can improve account security and make account recovery easier. However, critics argue that tying the standard storage allocation to phone number submission raises privacy concerns.

There are several reasons why Google may be considering such a move. Adding a phone number can provide an additional method for recovering access to an account. That said, users already have alternative recovery options available, including backup email addresses and recovery contacts.

Google further claims that linking a phone number can help strengthen account protection. However, cybersecurity experts often regard methods such as passkeys, authentication apps, and Google prompts as more secure than SMS-based verification, which remains vulnerable to SIM-swapping attacks, phishing attempts, and other security threats.

Another possible motivation is reducing spam and fraudulent account creation. Spammers and scammers frequently create multiple accounts, and requiring phone verification could make this process more difficult. Still, some regions already mandate phone verification during account registration, while cybercriminals can often access temporary or burner numbers through VoIP services. Additionally, the 5GB restriction may not significantly impact bad actors who only use accounts for short-term activities.

Since Google has described the initiative as a test, it may never become a permanent feature. Nevertheless, some observers question the approach, arguing that restricting two-thirds of the standard free storage allocation until users provide personal information is problematic. A more transparent option, they suggest, would be requiring phone verification during account creation rather than limiting storage afterward.

The reduced storage limit could also affect other Google services. Because Google Drive storage is shared across products, users relying on cloud backups—such as WhatsApp backups—could encounter limitations much sooner under the 5GB cap.

Google has previously incentivized users to enhance account security by rewarding them with additional storage. In earlier years, the company offered an extra 2GB of cloud storage to users who completed a security checkup. By contrast, the current test restricts access to storage users would typically receive for free.

The trial also places Gmail closer to Apple’s free iCloud Mail tier, which offers 5GB of storage. However, competitors such as Microsoft Outlook and Yahoo Mail continue to provide 15GB ori more of free storage in many regions.

Some critics view the test as another example of technology companies gradually reducing the benefits of free services while requesting either payment or additional personal information. Similar concerns emerged when Google Photos ended its unlimited free photo backup policy and shifted users to a shared 15GB storage limit in 2021. Others point to the company's efforts to promote YouTube Premium by making the free viewing experience less attractive.

One positive aspect is that the reported storage restriction currently appears to affect only new accounts. Existing Gmail users who already have less than 5GB of stored data do not seem to be impacted. However, individuals looking to create secondary email accounts may still find the policy inconvenient, despite Google allowing multiple accounts to be linked to a single phone number.

The timing of the test has also fueled privacy debates, particularly among users concerned about sharing additional personal information with major technology companies. As discussions around data privacy and government access to information continue, some users may be hesitant to provide more identifying details than necessary.

For now, the phone number-linked storage limit remains an experimental feature. While Google cites security, account recovery, and spam prevention as key reasons behind the test, questions remain about whether restricting storage is the right way to encourage users to verify their accounts.
Read more »
Subscribe to: Posts (Atom)

Featured