Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cloning. Show all posts
Hackers
Cloning cyber attack Cyber Attacks Cybersecurity Hackers

Cyberattacks Shift Tactics as Hackers Exploit User Behavior and AI, Experts Warn

 

Cybersecurity threats are evolving rapidly, forcing businesses to rethink how they approach digital security. Experts say modern cyberattacks are no longer focused solely on breaking technical defenses but are increasingly designed to exploit everyday user behavior. 
 
According to industry observers, files downloaded by employees have become a common entry point for cybercriminals. Items such as invoices, installers, documents, and productivity tools are often downloaded without careful verification, creating opportunities for attackers. 

“The Downloads folder has quietly become one of the hottest pieces of real estate for cybercriminals,” said Sanket Atal, senior vice president of engineering and country head at OpenText India. 

“Attackers are not trying to break cryptography anymore. They’re hijacking habits.” Research cited by the company indicates that more than one third of consumer malware infections are first detected in the Downloads directory. 

Security specialists say this reflects a broader shift in how cyberattacks are designed, with attackers relying more on social engineering and multi-stage malware. Atal said malicious files frequently appear harmless when first opened. “These files often look completely harmless at first,” he said. 

“They only later pull in ransomware components or credential-stealing payloads. It is a multi-stage approach that is very difficult to catch with signature-based tools.” Experts say the rise in such attacks is also linked to the growing industrialization of cybercrime. 

Modern ransomware groups and information-stealing operations increasingly operate like structured businesses that continuously test and refine their methods. “Ransomware-as-a-service groups and info-stealer operators are constantly refining their lures,” Atal said. 

“They are comfortable using SEO-poisoned websites, fake update prompts, and even ‘productivity tools’ to get users to download something that looks normal.” India’s rapidly expanding digital ecosystem has made it an attractive target for attackers. 

The combination of millions of new internet users, the widespread use of personal devices for work, and the overlap between personal and professional computing environments increases exposure to risk. 

“When a poisoned file lands in a Downloads folder on a personal device, it can easily become an entry point into enterprise systems,” Atal said. “Especially when that same device is used for banking, office work, and email.” Artificial intelligence is further changing the threat landscape. 

Generative AI tools can now produce convincing phishing messages that mimic corporate communication styles and reference real projects. “AI has removed the traditional visual cues people relied on to spot scams,” Atal said. 

“Generative models now write in perfect business language, reuse an organisation’s tone, and reference real projects scraped from public sources.” Security analysts say deepfake technology is also being used to manipulate business processes. 

Synthetic video calls and cloned voices have been used to approve financial transactions in some cases. Another emerging pattern is the rise of malware-free intrusions, where attackers rely on stolen credentials or legitimate remote access tools instead of traditional malicious software. 

“We’re also seeing a rise in malware-free intrusions,” Atal said. “Attackers use stolen credentials and legitimate remote access tools. Nothing matches a known signature, yet the breach is very real.” Experts say these developments are forcing organizations to shift their security strategies. 

Instead of focusing solely on scanning files and attachments, security teams are increasingly monitoring behavior patterns across users, devices, and systems. “The first shift is moving from content to behaviour,” Atal said. 

“Instead of just scanning attachments, organisations need to focus on whether a user or service account is behaving consistently with historical and peer norms.” Security specialists also emphasize the importance of integrating identity verification with threat detection systems. 

When phishing messages become difficult to distinguish from legitimate communication, identity context becomes a key factor in identifying suspicious activity. In addition, companies are beginning to rely on artificial intelligence for defensive purposes. 

Automated systems can help security teams manage the growing volume of alerts by identifying patterns and highlighting potential threats more quickly. “Security teams are overwhelmed by alerts,” Atal said. 

“AI-based triage is essential to reduce noise, correlate weak signals, and generate plain-language narratives so analysts can act faster.” Despite increased awareness of cybersecurity threats, several misconceptions persist. 

Many organizations assume that the most serious cyberattacks originate from sophisticated state-backed actors. “One big myth is that serious attacks only come from exotic nation-state actors,” Atal said. “The truth is, most breaches begin with everyday issues such as phishing, malicious downloads, weak passwords, or cloud misconfigurations.” 

Another misconception is that smaller organizations are less likely to be targeted. However, experts say attackers often focus on industries with weaker security controls, including healthcare providers, hospitality companies, and smaller financial institutions. 

Cybersecurity specialists also warn that many attacks no longer rely on traditional malware. Techniques such as identity-based attacks, business email compromise, and misuse of legitimate administrative tools often bypass standard antivirus defenses. “Identity-based attacks, business email compromise, and abuse of legitimate tools often never trigger traditional antivirus,” Atal said. 

“The starting point can be any user, device, or partner that has access to data.” Industry leaders say the challenge is compounded by the fact that many cybersecurity systems were designed for a different technological environment. 

Vinayak Godse, chief executive of the Data Security Council of India, said existing security frameworks were built before the widespread adoption of digital services and artificial intelligence. 

“In the digitalisation space, we are creating tremendous experiences, productivity gains, and new possibilities,” Godse said. “But the security frameworks we have in place were designed for an older paradigm.” He added that attackers today are capable of identifying and exploiting even a single vulnerability in complex digital systems. 

“The current attack ecosystem can identify and exploit even one vulnerability out of millions, or even billions,” Godse said. Experts say the erosion of traditional network boundaries has further complicated security efforts. Remote work, cloud computing, software-as-a-service platforms, and third-party integrations mean that sensitive systems can now be accessed from a wide range of devices and locations. 

“A user on a personal phone, accessing a SaaS application from home Wi-Fi, is still inside your risk perimeter,” Atal said. As a result, organizations are increasingly focusing on continuous verification and context-aware monitoring rather than relying solely on perimeter defenses. 

According to Atal, the effectiveness of AI-driven security tools ultimately depends on the quality of underlying data. If data sources are fragmented or poorly labeled, even advanced analytics systems may struggle to detect threats. 
 
“Every advanced AI-driven security use case boils down to whether you can see your data and whether you can trust it,” he said. Security experts say that integrating identity signals, access patterns, and data sensitivity into unified monitoring systems can help organizations identify suspicious activity more effectively. 

“When data, identity, and threat signals are unified, security teams can see a connected narrative,” Atal said. “A login, a download, and a data access event stop being isolated alerts and start telling a story.” 

 
Despite advances in technology, experts say human behavior remains a critical factor in cybersecurity. 

“In today’s cyber landscape, the front line is no longer the firewall,” Atal said. “It is the file you choose to open and the behaviour that follows.”
Read more »
financial risks
AI Clonning AI cybersecurity AI Deepfakes AI technology Cloning Cyber Fraud Deepfake deepfake videos Financial Fraud financial risks

How Scammers Use Deepfakes in Financial Fraud and Ways to Stay Protected

 

Deepfake technology, developed through artificial intelligence, has advanced to the point where it can convincingly replicate human voices, facial expressions, and subtle movements. While once regarded as a novelty for entertainment or social media, it has now become a dangerous tool for cybercriminals. In the financial world, deepfakes are being used in increasingly sophisticated ways to deceive institutions and individuals, creating scenarios where it becomes nearly impossible to distinguish between genuine interactions and fraudulent attempts. This makes financial fraud more convincing and therefore more difficult to prevent. 

One of the most troubling ways scammers exploit this technology is through face-swapping. With many banks now relying on video calls for identity verification, criminals can deploy deepfake videos to impersonate real customers. By doing so, they can bypass security checks and gain unauthorized access to accounts or approve financial decisions on behalf of unsuspecting individuals. The realism of these synthetic videos makes them difficult to detect in real time, giving fraudsters a significant advantage. 

Another major risk involves voice cloning. As voice-activated banking systems and phone-based transaction verifications grow more common, fraudsters use audio deepfakes to mimic a customer’s voice. If a bank calls to confirm a transaction, criminals can respond with cloned audio that perfectly imitates the customer, bypassing voice authentication and seizing control of accounts. Scammers also use voice and video deepfakes to impersonate financial advisors or bank representatives, making victims believe they are speaking to trusted officials. These fraudulent interactions may involve fake offers, urgent warnings, or requests for sensitive data, all designed to extract confidential information. 

The growing realism of deepfakes means consumers must adopt new habits to protect themselves. Double-checking unusual requests is a critical step, as fraudsters often rely on urgency or trust to manipulate their targets. Verifying any unexpected communication by calling a bank’s official number or visiting in person remains the safest option. Monitoring accounts regularly is another defense, as early detection of unauthorized or suspicious activity can prevent larger financial losses. Setting alerts for every transaction, even small ones, can make fraudulent activity easier to spot. 

Using multi-factor authentication adds an essential layer of protection against these scams. By requiring more than just a password to access accounts, such as one-time codes, biometrics, or additional security questions, banks make it much harder for criminals to succeed, even if deepfakes are involved. Customers should also remain cautious of video and audio communications requesting sensitive details. Even if the interaction appears authentic, confirming through secure channels is far more reliable than trusting what seems real on screen or over the phone.  

Deepfake-enabled fraud is dangerous precisely because of how authentic it looks and sounds. Yet, by staying vigilant, educating yourself about emerging scams, and using available security tools, it is possible to reduce risks. Awareness and skepticism remain the strongest defenses, ensuring that financial safety is not compromised by increasingly deceptive digital threats.
Read more »
Technology
Cloning Hacking Technology

Encryption Flaws Allow Hackers to Steal Vehicles without Leaving a Trace


New vulnerabilities were revealed earlier this week in the encryption frameworks utilized by immobilizers, the radio-enabled gadgets within cars that usually communicate at short range with a 'key fob' to easily unlock the car's ignition and permit it to start as discovered by researchers from KU Leuven in Belgium and the University of Birmingham in the UK. 

Issues were particularly identified in Toyota, Hyundai, and Kia who utilize and further implement a Texas Instruments encryption system called DST80. Aside from these, a couple of other influenced vehicles incorporate Camry, Corolla, and RAV4; Kia Optima, Soul, and Rio; the full rundown of vehicles that the researchers have found to have the cryptographic defects in their immobilizers is below:


In spite of the fact that the list likewise incorporates the Tesla S, the researchers announced the DST80 vulnerability to Tesla a year ago, and the company pushed out a firmware update that blocked the assault. Toyota has affirmed that the cryptographic vulnerabilities the researchers discovered are genuine. 

Be that as it may, their technique likely isn't as simple to pull off as the "relay" attacks that thieves have utilized over and overused to steal luxury cars and SUVs. Those, by and large, require just a couple of radio devices to expand the range of a key fob to open and start a victim's vehicle. One can pull them off from a reasonable distance, even though the walls of a structure. 

The researchers built up their key cloning technique by purchasing an assortment of immobilizers' electronic control units from eBay and reverse engineering the firmware to break down how they communicated with key fobs. They regularly saw it far as too simple to even consider cracking the secret value that Texas Instruments DST80 encryption utilized for authentication. 

Anyway, the issue lies not in DST80 itself however in how the carmakers implemented it: The Toyota fobs' cryptographic key depended on their serial number, for instance, and furthermore openly transmitted that serial number when checked with an RFID reader. What's more, Kia and Hyundai's key fobs utilized 24 bits of randomness instead of the 80 bits that the DST80 offers, making their secret values simple to figure. At the point when the affected carmakers and Texas Instruments were reached out for comments, Kia and Texas Instruments didn't respond. 

Be that as it may, Hyundai noted in a statement that none of its affected models are sold in the US. Toyota reacted in an explanation that “the described vulnerability applies to older models, as current models have a different configuration." 

In any case, the researchers have chosen to distribute their findings to uncover the genuine condition of immobilizer security and permit car owners to choose for themselves if it's sufficient. Protective car owners with hackable immobilizers may choose, like whether or not to utilize a steering wheel lock or not.

Read more »
Subscribe to: Comments (Atom)