CySecurity News - Latest Information Security and Hacking Incidents: Digital Security

AlphV Group Australian Government cyber resilience Cybersecurity Breach Data Breach Data Leak Data protection Digital Security Law Firm Hack Ransomware attack

WA Law Firm Faces Cybersecurity Breach Following Ransomware Reports

It seems that Western Australia's legal sector and government sectors are experiencing ripples right now following reports that the Russian ransomware group AlphV has successfully hacked the prominent national law firm HWL Ebsworth and extracted a ransom payment from the firm. This has sent shockwaves through the legal and government sectors across Western Australia.

It has raised serious concerns since May, when the first hints about the breach came to light, concerning the risk of revealing sensitive information, such as information pertaining to over 300 motor vehicle insurance claims filed with the Insurance Commission of Western Australia. In a statement released by the ABC on Monday, the ABC has confirmed that HWL Ebsworth data that was held by the company on behalf of WA government entities may have been compromised after a cybercriminal syndicate claimed to have published a vast repository of the firm’s files earlier this month on the dark web.

Although the full extent of the breach is unclear, investigations are currently underway to determine how large the data exposure is and what the potential consequences are. It has been reported that an ICWA spokesperson acknowledged in an official statement that there has been an impact on the Commission, which is responsible for providing insurance coverage for all vehicles registered in Western Australia as well as overseeing the government's self-insurance programs for property, workers' compensation, and liability.

Although the agency indicated that the extent of any data compromise cannot yet be verified because of ongoing investigation restrictions, the agency noted that it cannot verify the extent of any data compromise at the moment. A spokesperson from the Insurance Commission said, “The details of the data that has been accessed are not yet known, but this is part of a live investigation that we are actively supporting. It is important to note that this situation is extremely serious and that the information that may be compromised is sensitive.

Anubis, a ransomware group that was a part of the law firm that has been involved in the cyberattack, escalated the cyberattack by releasing a trove of sensitive information belonging to one of the firm's clients, which caused the cyberattack to take an alarming turn. The leaked material was reportedly containing confidential business correspondence, financial records, and deeply personal correspondence.

An extensive collection of data was exposed, including screenshots of text messages sent and received by the client and family members, emails, and even Facebook posts - all of which revealed intimate details about private family disputes that surrounded the client. Anubis stated, in its statement on the dark web, that the cache contained “financial information, correspondence, personal messages, and other details of family relationships.”

Despite this, the company highlighted the possibility of emotional and reputational damage as a result of such exposure. It was pointed out by the group that families already going through difficult circumstances like divorce, adoption, or child custody battles were now going to experience additional stress due to their private matters being made public, even though the full scope of the breach remains unclear, and the ransomware operators have yet to provide a specific ransom amount, making it difficult to speculate about the intentions of the attackers.

Cyber Daily contacted Paterson & Dowding in response to inquiries it received, and a spokesperson confirmed that there had been unauthorized access to data and exfiltration by the firm. “Our team immediately acted upon becoming aware of unusual activity on our system as soon as we became aware of it, engaging external experts to deal with the incident, and launching an urgent investigation as soon as possible,” said the spokesperson.

There is no doubt in the minds of the firm that a limited number of personal information had been accessed, but the threat actors had already published a portion of the data online. In addition to notifying affected clients and employees, Paterson & Dowding is coordinating with regulatory bodies, including the Australian Cyber Security Centre and the Office of the Information Commissioner, about the incident.

A representative of the company stated that he regretted the distress the firm had caused as a result of the breach of confidentiality and compliance. Meanwhile, an individual identifying himself as Tobias Keller - a self-proclaimed "journalist" and representative of Anubis - told Cyber Daily that Paterson & Dowding was one of four Australian law firms targeted by a larger cyber campaign, which included Pound Road Medical Center and Aussie Fluid Power, among others.

While the HWL Ebsworth cyberattack is still unfolding, it has raised increasing concern from the federal and state government authorities as the investigation continues. In addition to providing independent legal services to the Insurance Commission of Western Australia (ICWA), the firm also reviews its systems in order to determine if any client information has been compromised. In this position, one of 15 legal partners serves the Insurance Commission of Western Australia (ICWA).

A representative of ICWA confirmed that the firm is currently assessing the affected data in order to clarify the situation for impacted parties. However, a court order in New South Wales prohibiting the agency from accessing the leaked files has hampered its own ability to verify possible data loss.

As ICWA's Chief Executive Officer Rod Whithear acknowledged the Commission's growing concerns, he stated that a consent framework for limited access to the information is being developed as a result of a consent framework being developed. Currently, the Insurance Commission is implementing a consent regime that will allow them to assess whether data has been exfiltrated and if so, will be able to assess the exfiltrated information." He assured that the Commission remains committed to supporting any claimant impacted by the breach.

In addition to its involvement in insurance-related matters, HWL Ebsworth has established an extensive professional relationship with multiple departments of the State government of Washington. According to the firm's public transportation radio network replacement program, between 2017 and 2020, it was expected that it would receive approximately $280,000 for its role in providing legal advice to the state regarding its replacement of public transport radio networks, a project which would initially involve a $200 million contract with Huawei, the Chinese technology giant.

A $6.6 million settlement with Huawei and its partner firm was reached in 2020 after U.S. trade restrictions rendered the project unviable, ultimately resulting in Huawei and its partner firm being fined $6.6 million. Aside from legal representation for public housing initiatives and Government Employees Superannuation Board, HWL Ebsworth has provided legal representation for the Government Employees Superannuation Board as well.

In light of the breach, the state government has clarified, apart from the ICWA, that no other agencies seem to have been directly affected as a result. A significant vulnerability has been highlighted by this incident in the intersection of government operations with private legal service providers, but the incident has also highlighted broader issues related to cyber security.

Addressing the broader impacts of the attack will also be in the hands of the new Cyber Security Coordinator, Air Marshal Darren Goldie, who was appointed in order to strengthen the national cyber resilience program. The Minister of Home Affairs, Clare O'Neill, has described the breach as one of the biggest cyber incidents Australia has experienced in recent years, placing it alongside a number of major cases such as Latitude, Optus, and Medibank.

The Australian Federal Police and Victorian Police, working together with the Australian Cyber Security Centre, continue to investigate the root cause and impact of the attack. A number of cyber incidents are unfolding throughout Australia, which serves to serve as an alarming reminder of how fragile digital trust is becoming within the legal and governmental ecosystems of the country. Experts say that while authorities are intensifying their efforts to locate the perpetrators and strengthen defenses, the breach underscores the urgent need for stronger cybersecurity governance among third parties and law firms involved in the handling of sensitive data.

The monitoring of threats, employee awareness, and robust data protection frameworks, the nation's foremost challenge is now to rebuild trust in institutions and information integrity, beyond just restoring the systems. Beyond just restoring systems, rebuilding confidence in institutions and information integrity are the most urgent tasks facing us today.

Security Researchers at Proton Warn of Massive Credential Exposure



 

Stolen Credentials

Cybercrime Trends Cybersecurity Threats Dark Web Data Breach Digital Security Identity Protection Online Privacy Proton Research Stolen Credentials

Security Researchers at Proton Warn of Massive Credential Exposure

Data is becoming the most coveted commodity in the ever-growing digital underworld, and it is being traded at an alarming rate. In a recent investigation conducted by Proton, it has been revealed that there are currently more than 300 million stolen credentials circulating across dark web marketplaces, demonstrating how widespread cybercrime is.

According to Proton's Data Breach Observatory, which continuously monitors illicit online forums for evidence of data compromise, there is a growing global cybersecurity crisis that is being revealed. In the year 2025, the Observatory has recorded 794 confirmed breach incidents. When aggregating these data, the number increases to 1,571, which amounts to millions of records exposed to the public in the coming years.

One of the troubling aspects of the research is the pattern of targeting small and medium-sized businesses: cybercriminals have increasingly targeted these companies. Over half of all breaches were recorded at companies with between 10 and 249 employees, while 23% of breaches occurred in micro businesses with fewer than 10 employees.

This report highlights a growing truth about the digital age: while businesses are racing to innovate and expand online, threat actors are evolving just as quickly. As a result, the vast internet architecture has become a vibrant market for stolen identities, corporate secrets, and business secrets.

Security breaches are still largely hidden from the public eye for many organisations due to fear of reputational damage, financial losses, or regulatory scrutiny, so they remain reluctant to reveal them. This leaves the true extent of cybercrime largely hidden from the public eye. Using Proton's latest initiative, the company hopes to break down the silence surrounding this threat by tracking it to its source: the underground marketplaces that openly sell stolen credentials and personal data.

In doing so, Proton is continuing its quest to foster a safer, more private internet, which is a vital component of the company's mission. As an extension of the Proton VPN Observatory, which monitors global instances of government-imposed internet restrictions and VPN censorship in the form of government-imposed restrictions, the Data Breach Observatory extends that vigilance to track instances of cybercrime in the form of data breaches.

Its creation, which is made in collaboration with Constella Intelligence, is an observatory that constantly scans the dark web for new breaches, analysing the types of data compromised, including passwords and personal identifiers, as well as financial records, and the number of accounts affected.

Through real-time monitoring, Proton can alert victims as soon as a breach occurs, sometimes even before the breached organisation realises it is happening. The Proton platform provides transparent, publicly accessible insights into these security breaches, which are aimed at both educating users about the magnitude of the threat and discouraging organisations from concealing their security shortcomings.

There is a policy of responsible disclosure at the heart of this initiative, which ensures that affected entities are informed in advance of any public announcement relating to the incident. This is an era that has been defined by data theft and corporate secrecy since the dawn of the digital age. Proton's proactive approach serves as a countermeasure, turning dark web intelligence into actionable preventative measures.

With this initiative, the company not only reveals the hidden mechanics of cybercrime but also strengthens its reputation as a pioneer in digital transparency and empowerment for users, allowing businesses and individuals alike a better understanding of the shadowy forces that shape today's cybersecurity landscape, as well as the risks associated with it.

In its latest research, Proton has provided a sobering assessment of the escalating cost of cybercrime to smaller businesses. There have been an estimated four out of five small businesses in recent months that have been affected by data breaches, and these attacks have often resulted in losses exceeding one million dollars.

As part of the growing crisis surrounding data breaches, a Data Breach Observatory was established to identify breaches that often remain hidden until a significant amount of damage has been sustained. Proton constantly scans dark web marketplaces where stolen credentials are traded to deliver early warnings about potential breaches so that organisations can take steps to protect their data before attackers have an opportunity to exploit it further.

Through the course of these investigations, a wide range of personal and financial details were uncovered, including names, dates of birth, email addresses, passwords, and physical contact information of those individuals.

Almost all of these breaches have involved social security numbers, bank credentials, and IBAN details being exposed, which together represent an alarming combination that creates an extremely high likelihood of identity theft and financial fraud.

It has been recorded by the observatory that several high-profile incidents will occur in 2025, such as the Qantas Airways breach in October that exposed more than 11.8 million customer records; Alleianz Life Germany in September, with more than one million compromised accounts; and the U.S. tech firm Tracelo that was breached by 1.4 million records earlier this year, while breaches at Free Telecom, a French company, and SkilloVilla, a Indian company, revealed 19 million records and 33 million records respectively, emphasizing the threat to be very global in nature.

Security experts have always stressed the necessity of multi-factor authentication, as well as strong password management, as essential defences against credential-based attacks. Consequently, Proton reiterates this advice by advising businesses to regularly monitor their credentials for leaks and to reset passwords as soon as suspicious activity is detected.

The company enables businesses to verify whether or not their data has been compromised through its public access observatory platform, which is a critical step toward minimising the damage done to a business before cybercriminals can weaponise the data stolen. This is done through the company's public observatory platform that is widely accessible.

A stronger global security awareness and proactive cybersecurity practices are essential, and Proton's Data Breach Observatory confirms this need. Aside from the observatory's use as a crucial alert system, it is important to note that experts also emphasise that prevention is the best form of protection when it comes to securing information online.

The Observatory stresses the importance of adopting layered security strategies, including the use of Virtual Private Networks (VPNs) that safeguard online communications and reduce the risk of interception, even in situations where users' data is compromised. By using its own Proton VPN, based on end-to-end encryption and the company's signature Secure Core architecture, traffic passes through multiple servers located in privacy-friendly jurisdictions, effectively masking users' IP addresses and shielding their digital identities from cybercriminals. The company is effectively protecting their digital identity from prying eyes.

As a result of the robust infrastructure, the observatory continues to monitor across the dark web, and personal information remains encrypted and protected from the cybercriminal networks it monitors. Besides technical solutions, Proton and cybersecurity experts alike emphasise the importance of a set of foundational best practices for individuals and organisations who want to strengthen their defences.

This is the best way to protect online accounts is to enable multi-factor authentication (MFA), widely recognised as the most effective method of preventing the theft of credentials, and to use a password manager whose function is to keep secure passwords for every online account. As part of regular breach monitoring, Proton's observatory platform can be used to provide timely alerts whenever credentials are discovered in leaked databases.

In addition to fostering cybersecurity awareness among employees, companies must also create an incident response plan, enforce the principle of least privilege, and make sure that only systems that are essential to the role they are playing are accessible. Taking advantage of more advanced strategies, including network segmentation, enterprise-grade identity and access management (IAM) tools, such as Privileged Access Management (PAM), may allow for further containment and protection of critical infrastructure.

These recommendations have been derived from the fact that credential theft is often based on exploited software vulnerabilities or weak configurations that are often exploited by hackers. An unpatched flaw—such as an API endpoint that is exposed or an authentication mechanism that is not working properly—can result in brute-force attacks or session hijacking attacks.

Proton's exposure itself does not have any specific link to a vulnerability identifier; however, it indicates that there are still many systemic vulnerabilities which facilitate large-scale credential theft across many industries today. As a result of the importance of patching timely manner and implementing strict configuration management, businesses can significantly reduce the chances of attackers gaining access to their network.

However, Proton’s research goes well beyond delivering a warning. It calls for action. The number of compromised accounts on dark web markets has increased by over 300 million, and we cannot afford to stay complacent. This study underscores that protecting one's data is not merely about technology, but about maintaining a proactive approach to cyber hygiene and continuous vigilance.

A message Protoemphasises in this, when data is both a commodity and a target, it is clear: the key to digital safety lies in proactive defence, informed awareness, and collective responsibility. In an age when the digital landscape is becoming increasingly complex, Proton’s findings serve as a powerful reminder that cybersecurity is not an investment that can be made once but is an ongoing commitment.

Organisations that take steps to ensure that their employees are informed and trained about cyber threats are better prepared to cope with the next wave of cyber threats. Several security measures, including encrypting infrastructure, conducting regular security audits, and continuously performing vulnerability assessments, can be taken to significantly reduce exposure, while collaborations between cybersecurity researchers and private firms can strengthen collective defences.

Even though stolen data fuels a thriving underground economy in today's cyber world, the most effective defences against cybercrime remain vigilance and informed action.

The Spectrum of Google Product Alternatives



 

Security Focused Tools

Cloud Security Cybersecurity Data Privacy Digital Security Encrypted Email Online Safety Privacy ransomware protection Secure Collaboration Security Focused Tools

The Spectrum of Google Product Alternatives

It is becoming increasingly evident that as digital technologies are woven deeper into our everyday lives, questions about how personal data is collected, used, and protected are increasingly at the forefront of public discussion.

There is no greater symbol of this tension than the vast ecosystem of Google products, whose products have become nearly inseparable from the entire online world. It's important to understand that, despite the convenience of this service, the business model that lies behind it is fundamentally based on collecting user data and monetising attention with targeted advertising.

In the past year alone, this model has generated over $230 billion in advertising revenue – a model that has driven extraordinary profits — but it has also heightened the debate over what is the right balance between privacy and utility.'

In recent years, Google users have begun to reconsider their dependence on Google and instead turn to platforms that pledge to prioritise user privacy and minimise data exploitation rather than relying solely on Google's services. Over the last few decades, Google has built a business empire based on data collection, using Google's search engine, Android operating system, Play Store, Chrome browser, Gmail, Google Maps, and YouTube, among others, to collect vast amounts of personal information.

Even though tools such as virtual private networks (VPNs) can offer some protection by encrypting online activity, they do not address the root cause of the problem: these platforms require accounts to be accessible, so they ultimately feed more information into Google's ecosystem for use there.

As users become increasingly concerned about protecting their privacy, choosing alternatives developed by companies that are committed to minimising surveillance and respecting personal information is a more sustainable approach to protecting their privacy. In the past few years, it has been the case that an ever-growing market of privacy-focused competitors has emerged, offering users comparable functionality while not compromising their trust in these companies.

As an example, let's take the example of Google Chrome, which is a browser that is extremely popular worldwide, but often criticised for its aggressive data collection practices, which are highly controversial. According to a 2019 investigation published by The Washington Post, Chrome has been characterised as "spy software," as it has been able to install thousands of tracking cookies each week on devices. This has only fueled the demand for alternatives, and privacy-centric browsers are now positioning themselves as viable alternatives that combine performance with stronger privacy protection.

In the past decade, Google has become an integral part of the digital world for many internet users, providing tools such as search, email, video streaming, cloud storage, mobile operating systems, and web browsing that have become indispensable to them as the default gateways to the Internet.

It has been a strategy that has seen the company dominate multiple sectors at the same time - a strategy that has been described as building a protective moat of services around their core business of search, data, and advertising. However, this dominance has included a cost.

The company has created a system that monetises virtually every aspect of online behaviour by collecting and interfacing massive amounts of personal usage data across all its platforms, generating billions of dollars in advertising revenue while causing growing concern about the abuse of user privacy in the process.

There is a growing awareness that, despite the convenience of Google's ecosystem, there are risks associated with it that are encouraging individuals and organisations to seek alternatives that better respect digital rights. For instance, Purism, a privacy-focused company that offers services designed to help users take control of their own information, tries to challenge this imbalance. However, experts warn that protecting the data requires a more proactive approach as a whole.

The maintenance of secure offline backups is a crucial step that organisations should take, especially in the event of cyberattacks. Offline backups provide a reliable safeguard, unlike online backups, which are compromised by ransomware, allowing organisations to restore systems from clean data with minimal disruption and providing a reliable safeguard against malicious software and attacks.

There is a growing tendency for users to shift away from default reliance on Google and other Big Tech companies, in favour of more secure, transparent, and user-centric solutions based on these strategies. Users are becoming increasingly concerned about privacy concerns, and they prefer platforms that prioritise security and transparency over Google's core services.

As an alternative to Gmail, DuckDuckGo provides privacy-focused search results without tracking or profiling, whereas ProtonMail is a secure alternative to Gmail with end-to-end encrypted email. When it comes to encrypted event management, Proton Calendar replaces Google Calendar, and browsers such as Brave and LibreWolf minimise tracking and telemetry when compared to Chrome.

It has been widely reported that the majority of apps are distributed by F-Droid, which offers free and open-source apps that do not rely on tracking, while note-taking and file storage are mainly handled by Simple Notes and Proton Drive, which protect the user's data. There are functional alternatives such as Todoist and HERE WeGo, which provide functionality without sacrificing privacy.

There has even been a shift in video consumption, in which users use YouTube anonymously or subscribe to streaming platforms such as Netflix and Prime Video. Overall, these shifts highlight a trend toward digital tools that emphasise user control, data protection, and trust over convenience. As digital privacy and data security issues gain more and more attention, people and organisations are reevaluating their reliance on Google's extensive productivity and collaboration tools, as well as their dependency on the service.

In spite of the immense convenience that these platforms offer, their pervasive data collection practices have raised serious questions about privacy and user autonomy. Consequently, alternatives to these platforms have evolved and were developed to maintain comparable functionality—including messaging, file sharing, project management, and task management—while emphasizing enhanced privacy, security, and operational control while maintaining comparable functionality.

Continuing with the above theme, it is worthwhile to briefly examine some of the leading platforms that provide robust, privacy-conscious alternatives to Google's dominant ecosystem, as described in this analysis. Microsoft Teams. In addition to Google's collaboration suite, Microsoft Teams is also a well-established alternative.

It is a cloud-based platform that integrates seamlessly with Microsoft 365 applications such as Microsoft Word, Excel, PowerPoint, and SharePoint, among others. As a central hub for enterprise collaboration, it offers instant messaging, video conferencing, file sharing, and workflow management, which makes it an ideal alternative to Google's suite of tools.

Several advanced features, such as APIs, assistant bots, conversation search, multi-factor authentication, and open APIs, further enhance its utility. There are, however, some downsides to Teams as well, such as the steep learning curve and the absence of a pre-call audio test option, which can cause interruptions during meetings, unlike some competitors.

Zoho Workplace

A new tool from Zoho called Workplace is being positioned as a cost-effective and comprehensive digital workspace offering tools such as Zoho Mail, Cliq, WorkDrive, Writer, Sheet, and Meeting, which are integrated into one dashboard.

The AI-assisted assistant, Zia, provides users with the ability to easily find files and information, while the mobile app ensures connectivity at all times. However, it has a relatively low price point, making it attractive for smaller businesses, although the customer support may be slow, and Zoho Meeting offers limited customisation options that may not satisfy users who need more advanced features.

Bitrix24

Among the many services provided by Bitrix24, there are project management, CRM, telephony, analytics, and video calls that are combined in an online unified workspace that simplifies collaboration. Designed to integrate multiple workflows seamlessly, the platform is accessible from a desktop, laptop, or mobile device.

While it is used by businesses to simplify accountability and task assignment, users have reported some glitches and delays with customer support, which can hinder the smooth running of operations, causing organisations to look for other solutions.

Slack

With its ability to offer flexible communication tools such as public channels, private groups, and direct messaging, Slack has become one of the most popular collaboration tools across industries because of its easy integration with social media and the ability to share files efficiently.

Slack has all of the benefits associated with real-time communication, with notifications being sent in real-time, and thematic channels providing participants with the ability to have focused discussions. However, due to its limited storage capacity and complex interface, Slack can be challenging for new users, especially those who are managing large amounts of data.

ClickUp

This software helps simplify the management of projects and tasks with its drag-and-drop capabilities, collaborative document creation, and visual workflows. With ClickUp, you'll be able to customise the workflow using drag-and-drop functionality.

Incorporating tools like Zapier or Make into the processes enhances automation, while their flexibility makes it possible for people's business to tailor their processes precisely to their requirements. Even so, ClickUp's extensive feature set involves a steep learning curve. The software may slow down their productivity occasionally due to performance lags, but that does not affect its appeal.

Zoom

With Zoom, a global leader in video conferencing, remote communication becomes easier than ever before. It enables large-scale meetings, webinars, and breakout sessions, while providing features such as call recording, screen sharing, and attendance tracking, making it ideal for remote work.

It is a popular choice because of its reliability and ease of use for both businesses and educational institutions, but also because its free version limits meetings to around 40 minutes, and its extensive capabilities can be a bit confusing for those who have never used it before. As digital tools with a strong focus on privacy are becoming increasingly popular, they are also part of a wider reevaluation of how data is managed in a modern digital ecosystem, both personally and professionally.

By switching from default reliance on Google's services, not only are people reducing their exposure to extensive data collection, but they are also encouraging people to adopt platforms that emphasise security, transparency, and user autonomy. Individuals can greatly reduce the risks associated with online tracking, targeted advertising, and potential data breaches by implementing alternatives such as encrypted e-mail, secure calendars, and privacy-oriented browsers.

Among the collaboration and productivity solutions that organisations can incorporate are Microsoft Teams, Zoho Workplace, ClickUp, and Slack. These products can enhance workflow efficiency and allow them to maintain a greater level of control over sensitive information while reducing the risk of security breaches.

In addition to offline backups and encrypted cloud storage, complementary measures, such as ensuring app permissions are audited carefully, strengthen data resilience and continuity in the face of cyber threats. In addition to providing greater levels of security, these alternative software solutions are typically more flexible, interoperable, and user-centred, making them more effective for teams to streamline communication and project management.

With digital dependence continuing to grow, deciding to choose privacy-first solutions is more than simply a precaution; rather, it is a strategic choice that safeguards both an individual's digital assets as well as an organisation's in order to cultivate a more secure, responsible, and informed online presence as a whole.

The Future of Cybersecurity Lies in Structure



 

quantum dynamics

Cryptography Cyber Security Digital Security QKD quantum dynamics

The Future of Cybersecurity Lies in Structure

Cybersecurity today often feels like a never-ending contest between attackers and defenders. New threats emerge, and companies respond with stronger locks and barriers. But what if security could be built so firmly into the foundation of digital systems that certain attacks were not just difficult but impossible? This vision points to a structural shift in how we think about protecting data.

Currently, two main strategies dominate. The first is Quantum Key Distribution (QKD), which uses the strange laws of quantum physics. In simple terms, if someone tries to intercept a quantum signal, the very act of looking at it changes the signal itself, alerting the sender and receiver. It’s a powerful safeguard, but its strength comes passively from physics.

The second strategy is Post-Quantum Cryptography (PQC). Instead of physics, PQC relies on complex mathematical puzzles that even powerful quantum computers are believed to be unable to solve efficiently. Governments and institutions, such as NIST, have begun standardizing these algorithms. Yet, this protection is based on assumptions. We trust that the math is hard, but there is no absolute proof it will remain that way.

Both QKD and PQC are crucial, but they are reactive, methods developed to counter threats rather than reimagine security itself.

This is where a new theoretical approach, called the Quaternary Interpretation of Quantum Dynamics (QIQD), comes in. QIQD suggests that the limits we currently see in quantum mechanics such as the rule that signals cannot be copied without disturbance may only be part of the story. They might be projections of a deeper, four-part structure underlying quantum behaviour.

If that structure exists, it could allow engineers to design systems with security hardwired into their foundations. For example, QIQD could lead to quantum states specifically created to highlight even the smallest attempt at interference. Instead of merely detecting an attack after it happens, these systems could expose the intent to intrude at the earliest possible stage.

For cryptography, the shift could be even more revolutionary. Instead of saying a mathematical problem “seems hard,” we could prove that solving it would contradict the geometry of information itself. That would turn cryptographic protection from an assumption into a certainty, similar to how it is impossible to draw a triangle with four sides.

Most strikingly, QIQD could bring together the strengths of both QKD and PQC under a single framework. It could explain why physics-based protections work, show why some mathematical problems are unbreakable, and guide the design of new, more resilient systems.

Though still a theoretical proposal, QIQD represents a move away from building higher walls toward building stronger ground. For industries where breaches are not an option such as finance, defense, and infrastructure: this structural approach could reshape the future of cybersecurity.

Rethinking Security in the Era of Hybrid Work



 

identity management

Audio Surveillance Cyber Attacks. GCI Cybersecurity Data protection Digital Security Extended Access Management Hybrid Work identity management

Rethinking Security in the Era of Hybrid Work

Having witnessed hybrid work become a long-term reality instead of a temporary response to disruption, organisations are facing a tough question: how to safeguard a workforce that can now operate fluidly across offices, homes, devices, and networks without compromising efficiency and productivity in any way.

The shift has exposed some of the shortcomings of traditional security models, which were built on rigid perimeters, centrally controlled and not suited to the distributed digital environment people live in today. The adoption of modern cybersecurity frameworks customised specifically for hybrid environments is a necessity for companies seeking to remain resilient in such environments. Indian businesses, on the other hand, are at a critical point in this transformation.

In the Global Cybersecurity Index (GCI) 2024, the country achieved a Tier 1 ranking with a score of 98.49 as a mark of recognition for its advancements in cooperation, organisational strategy, legal safeguards, technical readiness, and capacity building.

The score reflects these achievements. Despite these achievements, there remains a sobering reality hidden beneath them: vulnerabilities still persist. In 2023 alone, India reported 112,474 cybersecurity incidents, with more than 429,000 attacks targeting financial institutions. According to a separate study, 83 per cent of Indian companies experienced at least one security breach. Among these breaches, India is ranked fourth in the Asia-Pacific region for these incidents.

In an era defined by work-anywhere culture, connectivity has reached unparalleled levels, but with this has come a new dimension of risk as well. Aside from protecting emails and stored files, cybersecurity in hybrid environments has also grown to include conversations—whether they are exchanged via video conferencing, voice notes, or shared screens—as well.

The threat of audio surveillance, once considered a niche one, is slowly emerging as one of the most pressing threats in recent years. Despite cybersecurity being a complicated issue, much of it is driven by human behaviour. Forbes reports that 95 per cent of cybersecurity breaches come from human error, such as the sharing of sensitive information without adequate safeguards, or connecting to calls over an unsecured network.

A major concern with this risk is that it doesn't always require a sophisticated attack to occur. It is just as easy to exploit vulnerabilities as it is to exploit the very tools and environments that employees rely on, or to make misplaced assumptions about the privacy of virtual discussions. Furthermore, hybrid work has changed the way the modern office is used, shifting its focus from cubicles and meeting rooms to coffee shops, hotel lobbies, and even home offices.

There is, however, a danger associated with the heightened level of flexibility. For example, it may seem effortless to take a client call over a public Wi-Fi network. However, in reality, such networks are capable of intercepting audio streams, capturing shared content, or even infiltrating a device without being discovered.

Virtual meetings, screen shares, and calendar invitations carry sensitive information that varies from financial data to customer records to internal strategies - so even routine exchanges can be a source of vulnerability. A study published in ScienceDirect has already revealed that video conferencing platforms have persistent weaknesses, ranging from inadequate access controls to fragile encryption standards, illustrating how easily conversations can be compromised outside of a secure office setting.

Likewise, the tools that enable collaboration, such as headsets, webcams, and conferencing software, have evolved into critical trust endpoints. These devices not only serve as an instrument of communication, but have also become a source of business intelligence, client meetings, and proprietary insights, as well.

In an era when artificial intelligence is increasingly embedded in workplace applications, the threat that internal communications can be stored, analysed, or inadvertently shared outside of intended audiences is becoming more and more prevalent. Hence, organisations must take their cybersecurity efforts way beyond traditional firewalls, protecting every stream of data flowing through hybrid networks as well as voice and video.

In spite of the fact that these risks are hazardous, they are subtle in nature. Unlike phishing emails or malicious links, which can be a red flag, unsecured connections and vulnerabilities often go unnoticed by the general public. Experts say that this is akin to holding a confidential board meeting in a crowded café, where the information is not shouted out, but it is still exposed, regardless.

In the context of such an exposure to cybercrime, the stakes are enormous. Comparitech estimates that by 2025, the global economy will be burdened by cybercrime at $10.5 trillion. This puts businesses at risk of having to take a proactive stance against cyber threats, realising that the question is not whether they will be targeted, but when.

It is therefore imperative that companies take a comprehensive approach to protecting data and systems in the hybrid era, which is different from traditional security models. A triadic relationship lies at the heart of modern cybersecurity - identity, device, and application - all of which are essential to verify and trust together, ensuring that all three of these entities are properly verified and trusted.

Today, identity cannot be reduced to usernames and passwords; instead, users must be authenticated using multiple factors, and their behaviour must be monitored in order to monitor for irregularities. As part of the process of maintaining security standards, devices must be assessed for integrity, malware-free, and configured in a way that is safe and secure.

As well as sanctioning, monitoring, and integrating applications into organisational governance, there are also risks associated with a legitimate user on a compromised device, or a healthy device accessing an unverified application, as much as a stolen credential. Any weaknesses in this chain can leave attackers free to attack.

As a result of the challenges faced by the organisation, security teams have long layered solutions like endpoint protection, authentication protocols, and application gateways in order to combat the challenges involved. In spite of this patchwork, it is often a common misconception that all of these threats will be covered, but it leaves gaps where they are able to flourish.

Unmanaged devices remain invisible, unapproved applications can still slip through, and inadequately verified identities remain vulnerable to spoofed identities. A recent survey indicates that there are still insufficient safeguards in place to protect data, with 79 per cent of IT leaders admitting that their safeguards are insufficient at present.

When breaches occur, they are often not the result of a single point of failure but the result of overlooked interactions between disparate tools or their inability to adjust to nuanced risks. For instance, when a developer accesses sensitive repositories using a laptop running unverified plugins, such a developer is taking advantage of these blind spots. An innovative new model is being developed to address these blind spots—Extended Access Management.

As opposed to legacy frameworks, this solution unifies the validation of identity, device, and application under a single, context-aware lens, which enables the validity of all login attempts to be evaluated as not just credentials, but also the health of the device and the legitimacy of the application, ensuring both conditional and continuous access is achieved.

As a result of this model, employees increasingly rely on personal devices to access corporate systems and to work on them at the same time, which embraces the realities of modern workplaces. Rather than resisting this trend, Extended Access Management secures it through real-time analytics aimed at determining whether a personal device is safe to connect to sensitive assets based on real-time analytics.

A simpler, unified login experience for employees is the result of this, which eliminates the burden of multiple logins and passwords. As a result, organisations are able to protect hybrid operations with greater visibility, greater control and the agility they require, without compromising productivity, in order to safeguard hybrid operations.

In spite of its vulnerabilities, hybrid work remains a powerful force that offers employees flexibility and balance. However, there is a responsibility associated with this freedom to secure the digital spaces in which collaboration occurs, the conversations that drive strategy, and the voices of those individuals who hold the greatest importance.

A headset is a relatively harmless device, but that doesn't mean that any other people might be listening in as well, especially in a time when even the most dangerous intrusions might sneak up on people quietly.

Sharp Increase in Ransomware Incidents Hits Energy Sector



 

Zscaler

Cyber Attacks CyberCrime Cybersecurity Data Exploit Digital Security Ransomware Security Infrastructure Security Vulnerabilities VPN Zero Trust Zscaler

Sharp Increase in Ransomware Incidents Hits Energy Sector

The cyber threat landscape is constantly evolving, and ransomware attacks have increased in both scale and sophistication, highlighting how urgent it is for enterprises to take a strategic approach to cybersecurity. A survey conducted by Zscaler in 2025 found that ransomware incidents increased 146% over the past year.

Ten prominent groups took 238 terabytes of data from their servers over the past year, nearly doubling the 123 terabytes they stole a year ago. There has been an alarming 900% increase in attacks in the oil and gas industry, largely attributed to the development of digital infrastructure as well as unresolved security vulnerabilities. Additionally, manufacturing, technology, and healthcare have all been affected by this increase, resulting in more than 2,600 reported incidents combined.

A large percentage of ransomware cases were reported in the United States, which accounts for more than twice the total number of cases reported in the next 14 most affected countries combined. According to experts, threat actors are increasingly turning to generative artificial intelligence (AI) in order to streamline operations and perform more targeted and efficient attacks. This shift corresponds with the growing preference for data extortion over traditional file encryption, resulting in more effective attacks.

In response to these evolving tactics, cybersecurity leaders are advocating the widespread adoption of Zero Trust architecture in order to prevent large-scale data loss and contain lateral movement within networks. The rise of digital transformation is accelerating the use of ransomware actors to launch increasingly sophisticated attacks on critical infrastructure sectors while automating and leveraging vulnerable industrial control systems as a source of attack.

A dramatic increase in the number of attacks on the oil and gas industry was attributed to expanding digital footprints and security lapses, whereas Zscaler's latest research indicates that manufacturing, information technology, and healthcare are the sectors that are most frequently targeted by cybercriminals. This attack disproportionately affected the United States, as there were 3,671 ransomware incidents registered in this country, which is more than any of the next 14 most targeted countries combined.

Over the past year, 238 terabytes of data were exfiltrated in ransomware campaigns, a 92% increase over last year. In the April-to-April period, RansomHub emerged as the most active ransomware group, followed by Akira and Clop in a close second place. These intrusions were largely caused by vulnerabilities that were known to exist in widely used enterprise technologies, such as VMware hypervisors, Fortinet and SonicWall VPNs, and Veeam backup software, making the critical need for proactive vulnerability management and real-time threat detection to be implemented across all levels of IT and operational infrastructure even clearer.

In recent years, cybercriminal groups have adopted more targeted and scalable approaches to extortion, which is reshaping the global ransomware landscape. According to Zscaler's ThreatLabz Ransomware Report for 2025, RansomHub, Akira, and Clop are the three most prolific groups, each of which has claimed more than 850 victims, 520 victims, and 488 victims, respectively.

The success of Ariara is attributed primarily to its affiliate-based operation model and close collaboration with initial access brokers, while Clop has continued to exploit vulnerabilities in commonly used third-party software to execute impactful supply chain attacks in the last few years. In spite of the high-profile actors involved in this reporting period, Zscaler tracked 425 ransomware groups, so this is just a small part of a much broader and rapidly growing ecosystem. 34 new ransomware groups were created during the reporting period.

In addition, according to this report, a significant proportion of ransomware campaigns were exploiting a limited range of critical software vulnerabilities, primarily in internet-facing technologies such as SonicWall VPNs and Fortinet VPNs, VMware hypervisors, Veeam backup tools, and SimpleHelp remote access servers.

It is due to their widespread deployment and ease of discovery through simple scanning techniques that these vulnerabilities remain so attractive. This allows both veteran and newly formed groups of hackers to launch high-impact attacks more effectively and with greater precision. The ransomware ecosystem continues to grow at an alarming rate, and there have been unprecedented numbers of groups launching ransomware attacks.

There have been 34 new ransomware gangs reported by Zscaler between April 2024 and April 2025, totalling 425 groups that have been tracked so far. Clearly, the significant growth in ransomware over recent years is a reflection of the enduring appeal of ransomware as an attractive criminal model, and it demonstrates how sophisticated and agile cybercriminal organisations have become over the last few years.

Even though the continued rise in new ransomware actors is a concern, some signs sustained law enforcement action and stronger cybersecurity frameworks are beginning to help counteract this trend, as well as strong cybersecurity frameworks. To dismantle ransomware infrastructures, sixteen illicit assets, and disrupt cybercrime networks, international efforts are increasing pressure on cybercriminals. Not only can these actions impede operational capabilities, but they may also serve as a psychological deterrent, preventing emerging gangs from maintaining momentum or evading detection.

Experts suggest, even in spite of the complexity and evolution of ransomware threats, that efforts by law enforcement agencies, cybersecurity professionals, and private sector stakeholders are beginning to make a meaningful contribution to combating ransomware threats. In spite of the growth of the number of threat groups, it is becoming increasingly difficult for these groups to sustain operations over the long run.

In the face of the global ransomware threat, there is a cautious but growing sense of optimism, as long as we continue to collaborate and be vigilant. In terms of ransomware activity, there is still a stark imbalance in the distribution of attacks across the globe. The United States remains, by a wide margin, the nation that has been hit the most frequently.

The 2025 ThreatLabz report from Zscaler indicates that 50 per cent of all ransomware attacks originated from U.S.-based organisations, totalling 3,671 incidents - more than double the total number of attacks reported across the next 14 most targeted countries combined. The United Kingdom and Canada ranked distantly behind the US and Canada, respectively, with only 5 and 4 per cent of global incidents.

This concentration of attacks is a result of the strategic targeting of highly dense, high-value economies by threat actors looking for maximum disruption and financial gain as a result of their actions. In this surge, several prominent ransomware groups were at the forefront, including RansomHub, which had 833 victims publicly identified by the media.

As an affiliate program and partnership with initial access brokers helped Akira rise to prominence, involving 520 victims, it became a leading ransomware group. A close second was Clop, which had 488 victims, using its proven tactics to leverage vulnerable third-party software, in order to carry out large-scale supply chain attacks using vulnerable third-party software.

Zscaler identified 34 new ransomware families in the past year, increasing the total number of tracked groups from 425 to 425. There are more than 1,000 ransomware notes available on GitHub, with 73 new samples being added every day within the past year, highlighting the scale of the threat and its persistence. With the increasing threat landscape, Zscaler continues to advance its Zero Trust Exchange framework, powered by artificial intelligence, to combat ransomware at every stage of its lifecycle.

By replacing legacy perimeter-based security models with this platform, you will be able to minimise attack surfaces, block initial compromises, eliminate lateral movement, and stop data exfiltration that was previously possible.

As part of Zscaler’s architecture, which is enhanced with artificial intelligence-driven capabilities like breach prediction, phishing and command and control detection, inline sandboxing, segmentation, dynamic policy enforcement, and robust data loss prevention, we can take an active and scalable approach to ransomware mitigation, aligning with the evolving needs of modern cybersecurity.

Increasingly, ransomware is becoming a systemic risk across digital economies, which makes it essential for enterprises and governments to develop comprehensive, forward-looking cyber defence strategies. As a result of the convergence of industrial digitisation, widespread software vulnerabilities, and the emergence of ransomware-as-a-service (RaaS) models, the global threat landscape is changing in ways that require both public and private sectors to take immediate action.

The attacks have not only caused immediate financial and operational losses, but they have also now threatened national security, supply chain resilience, and public infrastructure, particularly within high-value, interconnected industries like the energy industry, manufacturing industry, healthcare industry, and technology industry. Leaders in cybersecurity have increasingly advocated for a paradigm shift from reactive control measures to proactive cyber resilience strategies.

Embedding zero trust principles into organization infrastructure, modernising legacy systems, and investing in artificial intelligence-driven threat detection are some of the steps that are required to achieve this objective, as well as building intelligence-sharing ecosystems between private companies, governments, and law enforcement agencies.

There is also a constant need to evaluate the role of artificial intelligence in both attack and defence cycles, where defenders have the need to outperform their adversaries by automating, analysing, and enforcing policy in real time. As for the policy level, the increased use of ransomware underscores the need for globally aligned cybersecurity standards and enforcement frameworks.

Isolated responses cannot be relied upon anymore when transnational threat actors leverage decentralized infrastructure and exploit jurisdictional loopholes in order to exploit them. In order to disrupt the ransomware economy and regain trust in the digital world, a holistic collaboration is essential that involves advanced technologies, legal deterrents, and public awareness.

While there is no indication that ransomware is going away anytime soon, the progress being made in detecting threats, managing vulnerabilities, and coordinating cross-border responses offers a path forward as long as we work together on these improvements. The need to protect digital assets and ensure long-term operational continuity is not just a matter of IT hygiene anymore – it has become a foundational pillar of enterprise risk management, and therefore a crucial component for the management of business continuity in today's environment.

TSA Cautions Passengers Against Plugging Into Public USB Charging Stations



 

VPN

Advanced Technology Cybersecurity Cyberthreats Digital Security Digital threats malicious Mobile Plugging Private Network protect Wi-Fi Public Infrastructure TSA USB VPN

TSA Cautions Passengers Against Plugging Into Public USB Charging Stations

Despite the Transportation Security Administration's (TSA) widespread recognition for its role in ensuring air travel security through rigorous passenger screening procedures, the agency is now drawing attention to a lesser-known, yet equally concerning, cybersecurity threat faced by airport travellers. The TSA reports that cybercriminals have been exploiting public USB charging stations in airport terminals as well as unsecured Wi-Fi networks in order to gain unauthorized access to travelers' personal information in order to gain access to their information.

Malicious actors are using sophisticated techniques that are used to compromise devices connected to public charging ports or unprotected internet connections without the user's knowledge, many of which are used by these actors. Once the device is accessed, sensitive information can be extracted, including passwords, financial details, and personal files, potentially resulting in identity theft or financial fraud for the victim.

It is a well-known fact that even something as seemingly harmless as plugging user's phone into a public charging station carries significant risks, according to the agency. As a result of this technique, known as "juice jacking," malicious software is installed or data is stolen directly from a connected device by tampering with USB ports. In the same way, connecting to public Wi-Fi networks with inadequate security measures can expose users to a man-in-the-middle attack, where hackers intercept the communication between the device and the internet and attack the device.

Technology is evolving rapidly, but as digital threats grow and evolve, the TSA urges travellers to take security very seriously by using personal charging equipment, portable power banks, and secure internet connections. To protect one's digital identity while on the go, it is crucial to stay informed and vigilant. Among the top concerns that the Transportation Security Administration (TSA) has expressed is the growing cybersecurity threats associated with the use of public USB charging stations at airports.

While these charging stations are convenient for travellers who have long layovers or delays, they may also serve as a gateway for cybercriminals to gain access to their data through their smartphone, tablet, or other electronic devices. A technique known as "juice jacking," in which malicious software is installed covertly within public USB ports, is among the most concerning threats, as it allows malicious software to be installed covertly within them.

By simply plugging in their device, an unsuspecting traveller is transferring the malware, which could potentially allow hackers to access, corrupt, or extract sensitive information that could be of great use to them. During these attacks, personal data may be accessed byunauthorisedd parties,, including emails, login credentials, financial details and even private photographs or documents stored on the deviceEven thoughat visible warning signs do not usually accompany these infections, victims are often unaware of their information being compromised until it is very late in the game.

Travellers are strongly advised not to connect their devices directly to public USB ports located in airport terminals, lounges, or charging kiosks to minimise this risk. To minimise the risk of this occurrence, cybersecurity experts and the TSA strongly suggest travellers don't do so. Instead, passengers should carry and use their own power adapters and plug them into standard electrical outlets whenever necessary.

The use of portable battery packs is a much more secure option since it eliminates the possibility of any potential hardware exposure occurring. While security authorities have repeatedly warned citizens about the risks associated with juice jacking, there has been a lack of awareness among the general public regarding it. Many travellers may overlook the hidden dangers associated with seemingly innocuous charging stations in pursuit of convenience.

As technology continues to develop and digital threats become more sophisticated, air passengers need to remain vigilant and adopt preventive measures to ensure their personal and financial information remains secure during transit. As a consequence of the threat of "juice jacking" in public spaces like airports, where travellers are frequently seeking out USB charging ports for convenience, this issue is becoming a serious cybersecurity concern.

The purpose of this type of cyberattack is to compromise any device that has access to a public USB charging station by installing malware that is discreetly installed into these charging stations with the aim of compromising the device. Suppose the malware catches hold of a device while plugged into an infected port. In that case, it can initiate harmful activities, ranging from data theft to complete control of that device, all without the user having any knowledge of it.

According to the Federal Communications Commission (FCC), malware that is introduced through tampered USB ports can lock the user's device, collect personal information, or harvest passwords stored on that device, which can then be accessed online accounts or sold on the dark web. As a result of such breaches, individuals may experience identity theft and financial fraud as well as unauthorised surveillance of their private communications and documents.

The risk is further compounded by the fact that there are typically no external signs that indicate a charging station has been compromised, so a traveller may be unable to detect the compromise. Furthermore, airports are also a significant risk for cybersecurity due to unsecured public Wi-Fi networks. A warning from the Transportation Security Administration (TSA) cautions passengers against using free public Wi-Fi, especially when they are conducting online transactions or accessing accounts that require sensitive information to be entered.

In order to steal credentials or financial information, cybercriminals often exploit open networks by using methods such as man-in-the-middle attacks. These attacks intercept data exchanges between users and websites to steal data. Travellers should generally refrain from entering any confidential information-such as credit card numbers, personal identifying information, or login details-while connected to public wireless networks, as a general rule.

Several organisations, including the TSA, the FCC, and other government agencies, recommend adopting safer charging methods to reduce the chances of becoming victims of these threats. If the travellers do not want their devices to be exposed to unknown hardware while charging, they are encouraged to carry TSA-compliant power bricks or personal battery packs that provide secure charging. Additionally, it is far safer to use personal power adapters connected to standard electrical outlets than to use public USB ports.

Additionally, the FCC suggests that travellers invest in USB data blockers or charging-only cables that allow power to be transferred to and from the device, but do not allow data to be transferred. As the digital landscape continues to become more complex, travellers must stay informed and take precautions to stay safe. If travellers avoid high-risk behaviours, such as using public USB ports and unsecured wireless network connections, they will be able to protect their personal information and devices from harm.

A growing number of airlines and airports are integrating advanced technologies - ranging from mobile boarding passes and biometric identifications to fully automated check-in and boarding services - into modern travel safety and security has become a crucial component of this landscape. This shift has led to the Transportation Security Administration (TSA) expanding its focus beyond physical security measures to include digital security measures in order to address the shifting landscape.

A recent advisory issued by the agency shows that securing personal data is just as important as securing passengers and luggage in today’s hyperconnected travel environment, and that the agency is aware of this growing understanding. During this summewhenere there will be a surge in international passenger traffic and a lot of busy travel season ahead of us, the TSA's warning arrives at an extremely critical time.

Besides reminding travellers to ensure their luggage and documents are ready to go, it also serves as a timely reminder to make sure their digital defences are strong as well before leaving the country. Travellers are advised to follow several essential cybersecurity practices that will enhance their protection while they are travelling, including not charging their devices through public USB ports and connecting to unsecured Wi-Fi networks.

In order to ensure users' devices are fully up-to-date and that they contain the latest operating system patches and antivirus software, make sure that all their devices (phones, tablets, and laptops) are updated before leaving the country. These updates often contain important security enhancements that prevent newly found threats from being exploited.

It is important to utilise strong authentication measures, which include using strong, unique passwords for all accounts. In addition, multi-factor authentication (MFA) provides a more protective layer, making sure that even if users' login credentials are compromised, users will be significantly less likely to be accessed by unauthorised individuals.

In order to protect their digital footprint, travellers should always keep their devices physically secure, especially in public places such as airport lounges, cafes, and rest areas where they will not be disturbed by others. They should also never share passwords or access PINs, even with acquaintances, to maintain control over their digital footprints.

Keeping important data in backups is essential to ensure that information does not get lost if the device is stolen, damaged, or malfunctions during its transport, because data is regularly saved in secure cloud storage or external backup devices.

It is advisable to disable automatic Wi-Fi connectivity to prevent devices from unknowingly connecting to undeclared or malicious networks, as well as joining familiar and trusted networks. For extra security, travellers ought to use a virtual private network (VPN) for online security.

There is a lot to be said for integrating these simple yet effective practices into the travel routines of passengers, reducing the risk that they will fall victim to digital threats significantly. In an age when convenience and connectivity dominate the travel experience, people must remain aware of cybersecurity issues to ensure that technology remains a valuable asset throughout the travel rather than a vulnerability.

Taking into consideration the blurring line between physical and digital security when travelling by air, it is becoming increasingly important for travellers to recognise that cybersecurity is now an essential part of the security process. Cyber threats to public infrastructure reinforce a bigger truth: convenience is often accompanied by a loss of caution when it comes to public infrastructure.

Airports are constantly enhancing passengers' experiences with innovative digital services, however, it is ultimately the individual's responsibility to ensure that their data is protected. It is important for travellers to cultivate proactive digital habits to safeguard not only their device but also their digital identities. These include checking the legitimacy of charging stations, using encrypted communication channels, and staying up to date on evolving cyber tactics.

The TSA’s advisory is not just a warning—it’s a call to action. Keeping digital hygiene is an essential part of staying connected in a world in which it is now as common as packing a passport or getting a boarding pass.T Travellers who embrace this mindset will not only enjoy a smoother trip, but they will also be able to ensure their personal data reaches their destination safely.

Massive Data Leak Exposes 520,000+ Ticket Records from Resale Platform 'Ticket to Cash'



 

ticketing

Cybersecurity Data Breach Digital Security Encryption event tickets Fraud Hacking Identity Theft PII Privacy ticketing

Massive Data Leak Exposes 520,000+ Ticket Records from Resale Platform 'Ticket to Cash'

A critical security lapse at online ticket resale platform Ticket to Cash has led to a major data breach, exposing over 520,000 records, according to a report by vpnMentor. The leak was first uncovered by cybersecurity researcher Jeremiah Fowler, who found the unsecured and unencrypted database without any password protection.

The database, weighing in at a massive 200 GB, contained a mix of PDFs, images, and JSON files. Among the leaked files were thousands of concert and live event tickets, proof of transfers, and receipt screenshots. Alarmingly, many documents included personally identifiable information (PII) such as full names, email addresses, physical addresses, and partial credit card details.

Using the internal structure and naming conventions within the files, Fowler traced the data back to Ticket to Cash, a company that facilitates ticket resale through over 1,000 partner websites. “Despite contacting TicketToCash.com through a responsible disclosure notice,” Fowler reported, “I initially received no response, and the database remained publicly accessible.” It wasn’t until four days later, following a second notice, that the data was finally secured. By then, an additional 2,000+ files had been exposed.

The responsible party behind maintaining the database—whether Ticket to Cash or a third-party contractor—remains uncertain. It’s also unknown how long the database was left open or whether it had been accessed by malicious actors. “Only a thorough internal forensic investigation could provide further clarity,” Fowler emphasized.

Ticket to Cash enables users to list tickets without upfront fees, taking a cut only when sales occur. However, the company has faced criticism over customer service, particularly regarding payment delays via PayPal and difficulty reaching support. Fowler also noted the lack of prompt communication during the disclosure process.

This breach raises serious concerns over data privacy and cybersecurity practices in the digital ticketing world. Leaked PII and partial financial information are prime targets for identity theft and fraud, posing risks well beyond the original ticketed events. As online ticketing becomes more widespread, this incident serves as a stark reminder of the need for strong security protocols and rapid response mechanisms to safeguard user data.

Karnataka Sets Up India’s First Cyber Command Centre to Tackle Online Crimes



 

karnataka

CISO Cyber Crime Digital Security karnataka

Karnataka Sets Up India’s First Cyber Command Centre to Tackle Online Crimes

Karnataka has taken a big step to fight the rising number of online crimes. It has launched the country’s first Cyber Command Centre. This new centre will handle all matters related to cyber safety and crime under one roof. It aims to respond faster and more effectively to online threats.

The number of cybercrime cases in the state has grown a lot in the past three years. In 2022, about 18,000 cases were reported. That number rose to 22,000 in 2023 and around 23,000 in 2024. In total, Karnataka has seen over 60,000 cybercrime cases in just three years. Officials say that 20% of all cybercrime cases in India are reported from this state.

These cases include many serious issues. Some examples are online scams, hacking, blackmail, cyberstalking, fake news, and financial fraud. Crimes targeting women and children have also increased. Criminals are using fake profiles, deepfakes, and other tricks to fool people and steal their money or personal data.

A senior officer explained that many of these crimes are hard to solve. Very few cases are taken to court, and almost none end in punishment. There is also concern that many investigating officers do not have the right training to deal with high-tech crimes. To fix this, the new command centre will provide special training for both police and legal teams.

The new command will also focus on protecting the state’s digital systems. A major hacking incident recently affected the Kaveri 2.0 portal, which is used for property records. This caused major delays and losses for the state government. Officials say such incidents show how important it is to secure public digital platforms.

The officer leading this new centre is Pronab Mohanty. He is already in charge of internal security and cybercrime for the state. Now, all 45 cyber police stations in Karnataka will report directly to him. This central system is expected to improve coordination and case tracking.

The officer will also serve as the Chief Information Security Officer, or CISO, for Karnataka. That means he will look after both investigations and the security of government digital systems.

The goal of the Cyber Command Centre is not just to track and stop cybercriminals, but to make sure they face legal action. Officials believe that stronger action and more convictions will help create fear among those involved in online crimes.

This new setup could become a model for other states to follow. As cybercrime spreads its rampant growth across India, Karnataka’s decision to create a single, expert-led team could lead the way for better digital safety in the country.

BitcoinOS to Introduce Alpha Mainnet for Digital Ownership Platform



 

Technology

BitcoinOS Crypto Digital Security Innovation Technology

BitcoinOS to Introduce Alpha Mainnet for Digital Ownership Platform

BitcoinOS and Sovryn founder Edan Yago is creating a mechanism to turn Bitcoin into a digital ownership platform. Growing up in South Africa and coming from a family of Holocaust survivors, Yago's early experiences sneaking gold coins out of the nation between the ages of nine and eleven influenced his opinion that having financial independence is crucial for both human dignity and survival.

"Money is power, and power is freedom," Yago explains. "Controlling people's access to capital means controlling their freedom. That's why property rights are critical. This conviction drives his work on BitcoinOS, which seeks to establish a foundation for digital property rights independent of governments or companies.

Yago sees technology as the fundamental cause of societal transformation. He argues that the Industrial Revolution made slavery economically unviable, not a sudden moral awakening. However, he warns that technology needs direction, referencing how the internet morphed from a promise of decentralisation to a system dominated by industry titans.

When Yago uncovered Bitcoin in 2011, he saw it as "the missing piece" of digital property rights. Bitcoin introduced a decentralised ledger for ownership records, while Ethereum added smart contracts for decentralised computing, but both have size and efficiency restrictions.

BitcoinOS addresses these issues with zero-knowledge proofs, which enable computations to be confirmed without running on every node. "Instead of putting everything on a blockchain, we only store the proof that a computation happened correctly," Yago tells me. This technique can allow Bitcoin to support numerous types of property, including: real estate, stocks , digital identities, and other assets in Bitcoin's global ledger.

Yago characterises the cryptocurrency business as being in its "teenage years," but believes it will mature over the next decade. His vision goes beyond Bitcoin to embrace digital sovereignty and encryption as ways to better safeguard rights than traditional legal systems.

BitcoinOS plans to launch its alpha mainnet in the coming months. Yago is optimistic about the project's potential: "We're creating property rights for the digital age." When you comprehend that, everything else comes into place."

The quest for Bitcoin-based solutions coincides with increased institutional usage. BlackRock, the world's largest asset management, has recently launched its first Bitcoin exchange-traded product in Europe, which is now available on platforms in Paris, Amsterdam, and Frankfurt. This follows BlackRock's success in the United States, where it raised more than $50 billion for similar products.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

Report Abuse

About Me

Footer About

Labels

Showing result(s) for

Popular Posts

Pages

WA Law Firm Faces Cybersecurity Breach Following Ransomware Reports

Security Researchers at Proton Warn of Massive Credential Exposure