Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Threats. Show all posts
Malicious Activities
Adaptive AccessTechnologies Cyber Threats CyberCrime Cybersecurity Danish Government’s National Strategy for Cyber and Information Security 2022-2024 Deepfakes Digital Forensics Malicious Activities

Denmark Empowers Public Against Deepfake Threats


 

A groundbreaking bill has been proposed by the Danish government to curb the growing threat of artificial intelligence-generated deepfakes, a threat that is expected to rise in the future. In the proposed framework, individuals would be entitled to claim legal ownership rights over their own likeness and voice, allowing them to ask for the removal of manipulated digital content that misappropriates their identity by requesting its removal. 

According to Danish Culture Minister Jakob Engel-Schmidt, the initiative has been launched as a direct response to the rapid advancements of generative artificial intelligence, resulting in the alarmingly easy production of convincing audio and video for malicious or deceptive purposes. According to the minister, current laws have failed to keep up with the advancement of technology, leaving artists, public figures, and ordinary citizens increasingly vulnerable to digital impersonation and exploitation. 

Having established a clear property right over personal attributes, Denmark has sought to safeguard its population from identity theft, which is a growing phenomenon in this digital age, as well as set a precedent for responsible artificial intelligence governance. As reported by Azernews, the Ministry of Culture has formally presented a draft law that will incorporate the images and voices of citizens into national copyright legislation to protect these personal attributes. 

The proposal embodies an important step towards curbing the spread and misuse of deepfake technologies, which are increasingly being used to deceive audiences and damage reputations. A clear prohibition has been established in this act against reproducing or distributing an individual's likeness or voice without their explicit consent, providing affected parties with the legal right to seek financial compensation should their likeness or voice be abused. 

Even though exceptions will be made for satire, parody, and other content classified as satire, the law places a strong stop on the use of deepfakes for artistic performances without permission. In order to comply with the proposed measures, online platforms hosting such material would be legally obligated to remove them upon request or face substantial fines for not complying. 

While the law is limited to the jurisdiction of Denmark, it is expected to be passed in Parliament by overwhelming margins, with estimates suggesting that up to 90% of lawmakers support it. Several high-profile controversies have emerged over the past few weeks, including doctored videos targeted at the Danish Prime Minister and escalating legal battles against creators of explicitly deepfake content, thus emphasizing the need for comprehensive safeguards in the age of digital technology. 

It has recently been established by the European Union, in its recently passed AI Act, that a comprehensive regulatory framework is being established for the output of artificial intelligence on the European continent, which will be categorized according to four distinct risks: minimal, limited, high, and unacceptable. 

The deepfakes that fall under the "limited risk" category are not outright prohibited, but they have to adhere to specific transparency obligations that have been imposed on them. According to these provisions, companies that create or distribute generative AI tools must make sure that any artificial intelligence-generated content — such as manipulated videos — contains clear disclosures about that content. 

To indicate that the material is synthetic, watermarks or similar labels may typically be applied in order to indicate this. Furthermore, developers are required to publicly disclose the datasets they used in training their AI models, allowing them to be held more accountable and scrutinized. Non-compliance carries significant financial consequences: organisations that do not comply with transparency requirements could face a penalty of up to 15 million euros or 3 per cent of their worldwide revenue, depending on which figure is greater. 

In the event of practices which are explicitly prohibited by the Act, such as the use of certain deceptive or harmful artificial intelligence in certain circumstances, a maximum fine of €35 million or 7 per cent of global turnover is imposed. Throughout its history, the EU has been committed to balancing innovation with safeguards that protect its citizens from the threat posed by advanced generative technologies that are on the rise. 

In her opinion, Athena Karatzogianni, an expert on technology and society at the University of Leicester in England, said that Denmark's proposed legislation reflects a broader effort on the part of international governments and institutions to combat the dangers that generative artificial intelligence poses. She pointed out that this is just one of hundreds of policies emerging around the world that deal with the ramifications of advanced synthetic media worldwide. 

According to Karatzogianni, deepfakes have a unique problem because they have both a personal and a societal impact. At an individual level, they can violate privacy, damage one's reputation, and violate fundamental rights. In addition, she warned that the widespread use of such manipulated content is a threat to public trust and threatens to undermine fundamental democratic principles such as fairness, transparency, and informed debate. 

A growing number of deepfakes have made it more accessible and sophisticated, so robust legal frameworks must be put in place to prevent misuse while maintaining the integrity of democratic institutions. As a result of this, Denmark's draft law can serve as an effective measure in balancing technological innovation with safeguards to ensure that citizens as well as the fabric of society are protected. 

Looking ahead, Denmark's legislative initiative signals a broader recognition that regulatory frameworks need to evolve along with technological developments in order to prevent abuse before it becomes ingrained in digital culture. As ambitious as the measures proposed are, they also demonstrate the delicate balance policymakers need to strike between protecting individual rights while preserving legitimate expression and creativity at the same time. 

The development of generative artificial intelligence tools, as well as the collaboration between governments, technology companies, and civil society will require governments, technology companies, and civil society to work together closely to establish compliance mechanisms, public education campaigns, and cross-border agreements in order to prevent misuse of these tools.

In this moment of observing the Danish approach, other nations and regulatory bodies have a unique opportunity to evaluate both the successes and the challenges it faces as a result. For emerging technologies to contribute to the public good rather than undermining trust in institutions and information, it will be imperative to ensure that proactive governance, transparent standards, and sustained public involvement are crucial. 

Finally, Denmark's efforts could serve as a catalyst for the development of more resilient and accountable digital landscapes across the entire European continent and beyond, but only when stakeholders act decisively in order to uphold ethical standards while embracing innovation responsibly at the same time.
Read more »
Power Outage
Cyber Defenses Cyber Security Cyber Threats Cyberattack Hacker attack Hacking Portugal Cyber Army Portugese Power Grids Power Outage

Spain Investigates Cybersecurity of Power Suppliers After Widespread Grid Outage

 

Spain is investigating the cybersecurity practices of its power suppliers following a major power outage that affected much of the Iberian Peninsula at the end of April. While initial assessments by Spanish and Portuguese grid operators ruled out a cyberattack, authorities are now questioning whether smaller, independent energy producers may have inadvertently opened vulnerabilities within the national power infrastructure. 

The outage disrupted electricity supply across both Spain and Portugal, with most regions regaining power after ten hours. However, it took nearly a full day—23 hours—for Spain’s grid to be fully restored. Although no immediate signs of hacking were found, the duration and scale of the disruption raised alarms, prompting deeper scrutiny into the resilience of Spain’s decentralized energy network. According to a report from the Financial Times, Spain’s National Cybersecurity Institute (INCIBE) has reached out to various smaller renewable energy producers, asking whether they experienced any unusual activity before the blackout on April 28. 

The inquiries also covered their use of recent security patches and whether their systems could be remotely accessed, signaling a broader concern over cybersecurity readiness among these suppliers. This line of investigation is significant given Spain’s heavy reliance on renewable energy, much of which is generated by smaller, less centralized plants. The concern is that these entities, though critical to Spain’s green transition, may lack the robust cyber defenses maintained by larger grid operators. 

While this doesn’t point to renewable energy as unreliable, it highlights how a fragmented supplier ecosystem could pose a collective security risk. Cybersecurity experts have also weighed in. A blog post by security firm Specops Software compared the Spanish outage to known cyberattacks on power grids, such as those in Ukraine in 2015 and 2016. While Specops acknowledged the Spanish grid operators’ conclusion that no breach was detected through their internal monitoring systems, the firm noted similarities in how the shutdown unfolded. 

However, Barracuda Networks’ regional director Miguel López suggested that if a cyberattack had indeed compromised critical systems, it would have taken significantly longer to recover, casting doubt on hacking as the root cause. Still, the possibility that attackers exploited a less secure third-party provider has not been ruled out. This renewed scrutiny comes amid global concerns over cyber threats to critical infrastructure. 

The U.S. and U.K. have both issued alerts about increased activity by pro-Russian hacktivists targeting industrial control systems. With recent research showing that 95% of critical infrastructure organizations experienced a data breach in the past year, Spain’s situation underscores the urgent need for improved cyber vigilance across all levels of the energy supply chain.
Read more »
Technology
AI Security Cyber Threats Cybersecurity Strategy Data Breach human risk insider risk Phishing Attacks Technology

Over Half of Organizations Lack AI Cybersecurity Strategies, Mimecast Report Reveals

 

More than 55% of organizations have yet to implement dedicated strategies to counter AI-driven cyber threats, according to new research by Mimecast. The cybersecurity firm's latest State of Human Risk report, based on insights from 1,100 IT security professionals worldwide, highlights growing concerns over AI vulnerabilities, insider threats, and cybersecurity funding shortfalls.

The study reveals that 96% of organizations report improved risk management after adopting a formal cybersecurity strategy. However, security leaders face an increasingly complex threat landscape, with AI-powered attacks and insider risks posing significant challenges.

“Despite the complexity of challenges facing organisations—including increased insider risk, larger attack surfaces from collaboration tools, and sophisticated AI attacks—organisations are still too eager to simply throw point solutions at the problem,” said Mimecast’s human risk strategist VP, Masha Sedova. “With short-staffed IT and security teams and an unrelenting threat landscape, organisations must shift to a human-centric platform approach that connects the dots between employees and technology to keep the business secure.”

The report finds that 95% of organizations are leveraging AI for threat detection, endpoint security, and insider risk analysis. However, 81% express concerns over data leaks from generative AI (GenAI) tools. More than half lack structured strategies to combat AI-driven attacks, while 46% remain uncertain about their ability to defend against AI-powered phishing and deepfake threats.

Insider threats have surged by 43%, with 66% of IT leaders anticipating an increase in data loss from internal sources in the coming year. The report estimates that insider-driven data breaches, leaks, or theft cost an average of $13.9 million per incident. Additionally, 79% of organizations believe collaboration tools have heightened security risks, amplifying both intentional and accidental data breaches.

Despite 85% of organizations raising their cybersecurity budgets, 61% cite financial constraints as a barrier to addressing emerging threats and implementing AI-driven security solutions. The report underscores the need for increased investment in cybersecurity staffing, third-party security services, email security, and collaboration tool protection.

Although 87% of organizations conduct quarterly cybersecurity training, 33% of IT leaders remain concerned about employee mismanagement of email threats, while 27% cite security fatigue as a growing risk. 95% of organizations expect email-based cyber threats to persist in 2025, as phishing attacks continue to exploit human vulnerabilities.

Collaboration tools are expanding attack surfaces, with 44% of organizations reporting a rise in cyber threats originating from these platforms. 61% believe a cyberattack involving collaboration tools could disrupt business operations in 2025, raising concerns over data integrity and compliance.

The report highlights a shift from traditional security awareness training to proactive Human Risk Management. Notably, just 8% of employees are responsible for 80% of security incidents. Organizations are increasingly turning to AI-driven monitoring and behavioral analytics to detect and mitigate threats early. 72% of security leaders see human-centric cybersecurity solutions as essential in the next five years, signaling a shift toward advanced threat detection and risk mitigation.
Read more »
News
Cyber Security Cyber Threats Cybersecurity Attack financial attack News

Lending App Data Breach Leaves Sensitive Customer Information Unprotected

 

A major digital lending platform has reportedly exposed sensitive customer data due to a misconfigured Amazon AWS S3 bucket that was left unsecured without authentication. Security researchers discovered the breach on November 28, 2024, but the issue remained unresolved until January 16, 2025, leaving the data vulnerable for over a month. While there is no direct evidence that cybercriminals accessed the information, experts warn that only a thorough forensic audit could confirm whether any unauthorized activity took place.  

The exposed data reportedly includes Know Your Customer (KYC) documents, which financial institutions use to verify identity, address, and income details. This type of information is particularly valuable to cybercriminals, as it can be exploited to fraudulently obtain loans, orchestrate identity theft, or carry out sophisticated social engineering attacks. 

According to researchers, attackers could leverage leaked loan agreements or bank details to manipulate victims into making unauthorized payments or providing further account verification. Furthermore, such personal data often ends up being aggregated and sold on the dark web, amplifying risks for affected individuals and making it harder to protect their privacy. 

To minimize the risks associated with such breaches, experts recommend monitoring bank statements and transaction histories for any suspicious activity and immediately reporting irregularities to financial institutions. Users are also advised to set strong, unique passwords for different accounts, especially those containing financial or sensitive information, and to update them immediately if a breach is suspected. Enabling multi-factor authentication (MFA) adds an extra layer of security and can significantly reduce the likelihood of unauthorized access. 

Another major concern following such incidents is the increased likelihood of social engineering attacks like phishing, where criminals use leaked data to craft convincing fraudulent messages. Attackers may impersonate banks, service providers, or even personal contacts to trick victims into revealing sensitive details, clicking malicious links, or scanning fraudulent QR codes. 

Users should remain cautious of unexpected emails or messages, verify the sender’s identity before clicking any links, and contact companies directly through their official websites. It is crucial to remember that banks and legitimate financial institutions will never request sensitive account details via phone or email or ask customers to transfer funds to another account.
Read more »
Ransomware attack
Amsterdam cybercrime investigation Black Basta Cyber Threats Cybersecurity Data Breach Hacking phishing Ransomware Ransomware attack

Internal Chat Logs of Black Basta Ransomware Gang Leaked Online

 

A previously unidentified source has leaked what is claimed to be an archive of internal Matrix chat logs linked to the Black Basta ransomware group. The individual behind the leak, known as ExploitWhispers, initially uploaded the stolen messages to the MEGA file-sharing platform, which has since taken them down. However, they have now made the archive available through a dedicated Telegram channel.

It remains uncertain whether ExploitWhispers is a cybersecurity researcher who infiltrated the group's internal chat server or a discontented member of the operation. While no specific reason was provided for the leak, cybersecurity intelligence firm PRODAFT suggested that it could be a direct consequence of the ransomware gang’s alleged attacks on Russian banks.

"As part of our continuous monitoring, we've observed that BLACKBASTA (Vengeful Mantis) has been mostly inactive since the start of the year due to internal conflicts. Some of its operators scammed victims by collecting ransom payments without providing functional decryptors," PRODAFT stated.

"On February 11, 2025, a major leak exposed BLACKBASTA's internal Matrix chat logs. The leaker claimed they released the data because the group was targeting Russian banks. This leak closely resembles the previous Conti leaks."

The leaked archive contains internal chat messages exchanged between September 18, 2023, and September 28, 2024. A review conducted by BleepingComputer reveals that the messages encompass a broad range of sensitive information, including phishing templates, email addresses for targeting, cryptocurrency wallets, data dumps, victims' login credentials, and confirmations of previously reported attack strategies.

Additionally, the leaked records contain 367 unique ZoomInfo links, potentially reflecting the number of organizations targeted during the specified timeframe. Ransomware groups frequently use ZoomInfo to gather intelligence on their targets, either internally or for negotiations with victims.

ExploitWhispers also disclosed information about key Black Basta members, identifying Lapa as an administrator, Cortes as a threat actor connected to the Qakbot malware group, and YY as the primary administrator. Another individual, referred to as Trump (also known as GG and AA), is believed to be Oleg Nefedov, who is suspected of leading the operation.

Black Basta operates as a Ransomware-as-a-Service (RaaS) group, first emerging in April 2022. The gang has targeted several high-profile organizations across various industries, including healthcare, government contractors, and major corporations.

Notable victims include German defense contractor Rheinmetall, Hyundai's European division, BT Group (formerly British Telecom), U.S. healthcare provider Ascension, government contractor ABB, the American Dental Association, U.K. tech outsourcing firm Capita, the Toronto Public Library, and Yellow Pages Canada.

A joint report from CISA and the FBI, published in May 2024, revealed that Black Basta affiliates compromised more than 500 organizations between April 2022 and May 2024.

Research from Corvus Insurance and Elliptic estimates that the ransomware gang collected approximately $100 million in ransom payments from over 90 victims by November 2023.

This incident bears similarities to the February 2022 data breach involving the Russian-based Conti cybercrime syndicate. At that time, a Ukrainian security researcher leaked over 170,000 internal chat messages and the source code for the Conti ransomware encryptor, following the group's public support for Russia amid the Ukraine conflict.
Read more »
News
Cyber Threats Cybersecurity Indian Government website News

Kaveri 2.0 Portal Hit by Massive DDoS Attack

 

Property registrations and citizen services in Karnataka have been severely affected since Monday due to a large-scale cyberattack on the Kaveri 2.0 portal. Initially suspected to be a technical glitch, the Revenue and E-Governance Departments have now confirmed that the disruptions are the result of a “motivated Distributed Denial of Service (DDoS) attack.” 

The Kaveri 2.0 portal, introduced in 2023 to streamline property registration and related services, has been facing issues since January 13, 2025, with attackers consistently exploiting vulnerabilities despite repeated fixes. Revenue Minister Krishna Byre Gowda stated that the evolving nature of these disruptions indicates a deliberate and sustained attempt to cripple the system. 

Officials revealed that bots are being used to conduct excessive searches for encumbrance certificates (ECs) through customer logins, overloading the system and causing it to crash. Even as authorities address certain weaknesses, attackers appear to be adapting in real-time to exploit new loopholes. 

For instance, on Monday, the system was restored by 1 p.m. after a complete outage, but it was down again by 3 p.m. The attack has had a severe impact on property registrations across the state, with daily registrations plummeting from an average of over 8,000 to just over 500 on Tuesday. 

Thousands of property transactions have been postponed indefinitely due to the disruption, leaving buyers and sellers in a state of uncertainty. Many users have been unable to log into the portal or upload necessary documents, causing widespread frustration. 

K.V. Govardhan of Arna Estates, who had registrations scheduled in Bagepalli and Banaswadi on Monday, expressed concerns over the lack of clarity on when the system would be fully restored. 
Read more »
Software
Artificial Intelligence Cyber Threats Hong Kong Passwords Software

Cyber Threats in Hong Kong Hit Five-Year Peak with AI’s Growing Influence

 




Hong Kong experienced a record surge in cyberattacks last year, marking the highest number of incidents in five years. Hackers are increasingly using artificial intelligence (AI) to strengthen their methods, according to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT).

The agency reported a spike of 12,536 cybersecurity incidents in 2024, a dramatic increase of 62% from 7,752 cases in 2023. Phishing attacks dominated these incidents, with cases more than doubling from 3,752 in 2023 to 7,811 last year.

AI is aiding in improving phishing campaign effectiveness. Attackers can now use AI tools to create extremely realistic fake emails and websites that even the most skeptical eye cannot easily distinguish from their legitimate counterparts.

Alex Chan Chung-man, a digital transformation leader at HKCERT, commented that phishing attacks targeted the majority of cases for banking, financial, and payment systems, almost 25% of the total cases. Social media, including WhatsApp and messaging apps, was another main target, 22% of the total cases.

AI allows scammers to create flawless phishing messages and generate fake website links that mimic trusted services," Chan explained. This efficiency has led to a sharp rise in phishing links, with over 48,000 malicious URLs identified last year—an increase of 1.5 times compared to 2023.

Hackers are also targeting other essential services such as healthcare and utilities. A notable case involved Union Hospital in Tai Wai, which suffered a ransomware attack. In this case, cybercriminals used a malware called "LockBit" to demand a $10 million ransom. The hospital did not comply with the ransom demand but the incident illustrates the risks critical infrastructure providers face.

Third-party vendors involved with critical sectors are emerging vulnerabilities for hackers to exploit. Leaks through such third-party partners have the potential to cause heavy damages, ranging from legal to reputation-related.


New Risk: Electronic Sign Boards

Digital signboards, once left unattended, are now being targeted by hackers. According to HKCERT, 40% of companies have not risk-assessed these systems. These displays can easily be hijacked through USB devices or wireless connections and display malicious or inappropriate content.  

Though Hong Kong has not been attacked this way, such attacks in other countries indicate a new threat.


Prevention for Businesses

HKCERT advises organizations to take the following measures against these threats:  

  1. Change passwords regularly and use multi-factor authentication.  
  2. Regularly backup important data to avoid loss.  
  3. Update software regularly to patch security vulnerabilities.

Chan emphasized that AI-driven threats will develop their methods, and thus robust cybersecurity practices are needed to protect sensitive data and infrastructure.




Read more »
SharePoint
Credential Theft Cyber Fraud Cyber Threats Microsoft 365 login Microsoft visio Phishing Attack Phishing Campaigns SharePoint

New Two-Step Phishing Attack Exploits Microsoft Visio and SharePoint

 

A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx files.

These files act as delivery tools, directing victims to phishing pages that replicate Microsoft 365 login portals, aiming to steal user credentials.

The two-step phishing attacks employ layered techniques to evade detection. Rather than delivering harmful content directly, these campaigns use trusted platforms like Microsoft SharePoint to host files that appear legitimate. Attackers embed URLs within Visio files, which redirect victims to malicious websites when clicked, bypassing traditional email security systems.

Microsoft Visio, a popular tool for professional diagram creation, has now become a phishing vector. Cybercriminals send emails with Visio files from compromised accounts, often mimicking urgent business communications such as proposals or purchase orders. This tactic encourages recipients to act quickly, increasing the likelihood of success.

Since the emails come from stolen accounts, they often pass authentication checks and evade recipient security filters. In some cases, attackers include .eml files within the emails, embedding additional malicious URLs linked to SharePoint-hosted files.

The Visio files typically contain a clickable button labeled "View Document." Victims are instructed to press the Ctrl key while clicking the button to access the malicious URL. This step, requiring manual interaction, bypasses automated security systems that cannot simulate such behaviors.

Perception Point advises organizations to strengthen their defenses against sophisticated phishing campaigns by adopting advanced threat detection solutions. Suggested measures include:

  • Dynamic URL analysis to identify harmful links.
  • Object detection models to flag suspicious files.
  • Enhanced authentication mechanisms to reduce the impact of compromised accounts.
Read more »
Subscribe to: Posts (Atom)