Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Internet. Show all posts
Technology
ChatGPT Cloud Content GenAI Internet Misinformation Technology

The New Content Provenance Report Will Address GenAI Misinformation


The GenAI problem 

Today's information environment includes a wide range of communication. Social media platforms have enabled reposting, and comments. The platform is useful for both content consumers and creators, but it has its own challenges.

The rapid adoption of Generative AI has led to a significant increase in misleading content online. These chatbots have a tendency of generating false information which has no factual backing. 

What is AI slop?

The internet is filled with AI slop- content that is made with minimal human input and is like junk. There is currently no mechanism to limit such massive production of harmful or misleading content that can impact human cognition and critical thinking. This calls for a robust mechanism that can address the new challenges that the current system is failing to tackle. 

The content provenance report 

For restoring the integrity of digital information, Canada's Centre for Cyber Security (CCCS) and the UK's National Cyber Security Centre (NCSC) have launched a new report on public content provenance. Provenance means "place of origin." For building stronger trust with external audiences, businesses and organisations must improve the way they manage the source of their information.

NSSC chief technology officer said that the "new publication examines the emerging field of content provenance technologies and offers clear insights using a range of cyber security perspectives on how these risks may be managed.” 

What is next for Content Integrity?

The industry is implementing few measures to address content provenance challenges like Coalition for Content Provenance and Authenticity (C2PA). It will benefit from the help of Generative AI and tech giants like Meta, Google, OpenAI, and Microsoft. 

Currently, there is a pressing need for interoperable standards across various media types such as image, video, and text documents. Although there are content provenance technologies, this area is still in nascent stage. 

What is needed?

The main tech includes genuine timestamps and cryptographically-proof meta to prove that the content isn't tampered. But there are still obstacles in development of these secure technologies, like how and when they are executed.

The present technology places the pressure on the end user to understand the provenance data. 

A provenance system must allow a user to see who or what made the content, the time and the edits/changes that were made. Threat actors have started using GenAI media to make scams believable, it has become difficult to differentiate between what is fake and real. Which is why a mechanism that can track the origin and edit history of digital media is needed. The NCSC and CCCS report will help others to navigate this gray area with more clarity.


Read more »
telecoms
Cyber Attacks Data Leak Freedom Mobile Internet telecoms

Telecom Company Freedom Mobile Suffers Data Breach Resulting in Data Leak


About the incident 

Freedom Mobile has revealed a data breach that leaked personal information belonging to a limited number of customers. This happened after illegal access to its internal systems in late October. 

As per the notice sent to customers, the breach was found in late October, when the security team found illicit activity on its customer account management platform.  "Our investigation revealed that a third party used the account of a subcontractor to gain access to the personal information of a limited number of our customers," the statement read.

Attack tactic

According to the investigation, a third-party got access via the account of a subcontractor. It means that a threat actor used genuine login credentials that belonged to an external partner, instead of directly breaking through technical defenses. After gaining access, the threat actors could view particular customer records. The exposed data consists home addresses, first and last names, contact numbers and Freedom Mobile account numbers. 

Details such as account passwords, banking details, credit card were not hacked. The incident impacted only personal profile data, nof authentication secrets or financial data. 

Once the intrusion was found, Freedom Mobile blocked malicious accounts and linked IP addresses, and deployed additional security measures on the platform. 

These steps generally involve strict access permissions, which adds extra monitoring and reviewing login rules for subcontractor ms like implementation of strong passwords and two-factor authentication. No exposed information has been misused, the company has said. 

Risks of stolen data

But the stolen data can be important for important social engineering and phishing attempts. 

Threat actors may use these details to send scam messages on behalf of Freedom Mobile. 

Freedom Mobile has requested customers to stay cautious of emails or texts that ask for personal information, or that redirect them to log in through links. 

Freedom Mobile has emphasized that it never asks for credit card numbers, PINs by email, SMS, passwords, or other banking information. "We quickly identified the incident and implemented corrective measures and security enhancements, including blocking the suspicious accounts and corresponding IP addresses," the company said.

Customers have also been suggested to check their device for any suspicious activity to avoid downloading unexpected attachments or suspicious links. Meanwhile, the investigation is still continuing.


Read more »
Phishing Attacks
Cyber Security Data Digital Scams Identity Thefts Internet Phishing Attacks

Scammers Used Fake WhatsApp Profiles of District Collectors in Kerala


Scammers target government officials 

In a likely phishing attempt, over four employees of Kasaragod and Wayanad Collectorates received WhatsApp texts from accounts imitating their district Collectors and asking for urgent money transfers. After that, the numbers have been sent to the cyber police, according to the Collectorate officials. 

Vietnam scammers behind the operation 

The texts came from Vietnam based numbers but showed the profile pictures of concerned collectors, Inbasekar K in Kasaragod and D R Meghasree. 

In one incident, the scammers also shared a Google Pay number, but the target didn't proceed. According to the official, "the employees who received the messages were saved simply because they recognised the Collector’s tone and style of communication." 

Two employees from Wayanad received texts, all from different numbers from Vietnam. In the Kasaragod incident, Collector Inbasekar said a lot of employees received the phishing texts on WhatsApp. Two employees reported the incident. No employee lost the money. 

Scammers used typical scripts

The scam used a similar script in the two districts. The first text read: Hello, how are you? Where are you currently? In the Wayanad incident, the first massage was sent around 4 pm, and in Kasaragod, around 5:30 pm. When the employee replied, a follow up text was sent: Very good. Please do something urgently. This shows that the scam followed the typical pitches used by scammers. 

The numbers have been reported to the cyber police. According to Wayanad officials, "Once the messages were identified as fake, screenshots were immediately circulated across all internal WhatsApp groups." Cyber Unit has blocked both Vietnam-linked and Google Pay numbers.

What needs to be done?

Kasaragod Collector cautioned the public and staff to be careful when getting texts asking for money transfers. Coincidentally, in both the incidents, the texts were sent to staff employed in the Special Intensive Revision of electoral rolls. In this pursuit, the scammers revealed the pressures under which booth-level employees are working.

According to cyber security experts, the fake identity scams are increasingly targeting top government officials. Scammers are exploiting hierarchical structures to trick officials into acting promptly. “Police have urged government employees and the public to avoid responding to unsolicited WhatsApp messages requesting money, verify communication through official phone numbers or email, and report suspicious messages immediately to cybercrime authorities,” the New Indian Express reported.

Read more »
Internet
Cloud Cyber Security Data hack Google Internet

Google Confirms Data Breach from 200 Companies


Google has confirmed that hackers stole data from more than 200 companies after exploiting apps developed by Gainsight, a customer success software provider. The breach targeted Salesforce systems and is being described as one of the biggest supply chain attacks in recent months. 
 
Salesforce said last week that “certain customers’ Salesforce data” had been accessed through Gainsight applications, which are widely used by companies to manage customer relationships at scale. According to Google’s Threat Intelligence Group, more than 200 Salesforce instances were affected, indicating that the attackers targeted the ecosystem strategically rather than going after individual companies one by one. The incident has already raised deep concern across industries that depend heavily on third-party integrations to run core business functions. 
 
A group calling itself Scattered Lapsus$ Hunters, which includes members of the well-known ShinyHunters gang, has claimed responsibility. This collective has previously targeted prominent global firms and leaked confidential datasets online, earning a reputation for bold, high-impact intrusions. In this case, the hackers have published a list of alleged victims, naming companies such as Atlassian, CrowdStrike, DocuSign, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon. Some of these organisations have denied being affected, while others are still conducting internal investigations to determine whether their environments were touched. 
 
This attack underscores a growing reality: compromising a widely trusted application is often more efficient for attackers than breaching a single company. By infiltrating Gainsight’s software, the threat actors gained access to a broad swath of organisations simultaneously, effectively bypassing individual perimeter defences. TechCrunch notes that supply chain attacks remain among the most dangerous vectors because they exploit deeply rooted trust. Once a vendor’s application is subverted, it can become an invisible doorway leading directly into multiple corporate systems. 
 
Salesforce has stated that it is working closely with affected customers to secure environments and limit the impact, while Google continues to analyse the breadth of data exfiltration. Gainsight has not yet released a detailed public statement, prompting experts to call for greater transparency from vendors responsible for critical integrations. Cybersecurity firms advise all companies using third-party SaaS tools to review access permissions, rotate credentials, monitor logs for anomalies, and ensure stronger compliance frameworks for integrated platforms. 
 
The larger picture here reflects an industry-wide challenge. As enterprises increasingly rely on cloud services and SaaS tools, attackers are shifting their attention to these interconnected layers, where a single weak link can expose hundreds of organisations. This shift has prompted analysts to warn that due diligence on app vendors, once considered a formality, must now become a non-negotiable element of cybersecurity strategy. 
 
In light of the attack, experts believe companies will need to adopt a more vigilant posture, treating all integrations as potential threat surfaces, rather than assuming safety through trust. The Gainsight incident serves as a stark reminder that in a cloud-driven world, security is only as strong as the least protected partner in the chain.
Read more »
Spyware
AI Android Data Internet malware Pegasus Spyware

How Spyware Steals Your Data Without You Knowing About It


You might not be aware that your smartphone has spyware, which poses a risk to your privacy and personal security. However, what exactly is spyware? 

This type of malware, often presented as a trustworthy mobile application, has the potential to steal your data, track your whereabouts, record conversations, monitor your social media activity, take screenshots of your activities, and more. Phishing, a phony mobile application, or a once-reliable software that was upgraded over the air to become an information thief are some of the ways it could end up on your phone.

Types of malware

Legitimate apps are frequently packaged with nuisanceware. It modifies your homepage or search engine settings, interrupts your web browsing with pop-ups, and may collect your browsing information to sell to networks and advertising agencies.

Nuisanceware

Nuisanceware is typically not harmful or a threat to your fundamental security, despite being seen as malvertising. Rather, many malware packages focus on generating revenue by persuading users to view or click on advertisements.

Generic mobile spyware

Additionally, there is generic mobile spyware. These types of malware collect information from the operating system and clipboard in addition to potentially valuable items like account credentials or bitcoin wallet data. Spray-and-pray phishing attempts may employ spyware, which isn't always targeted.

Stalkerware

Compared to simple spyware, advanced spyware is sometimes also referred to as stalkerware. This spyware, which is unethical and frequently harmful, can occasionally be found on desktop computers but is becoming more frequently installed on phones.

The infamous Pegasus

Lastly, there is commercial spyware of governmental quality. One of the most popular variations is Pegasus, which is sold to governments as a weapon for law enforcement and counterterrorism. 

Pegasus was discovered on smartphones owned by lawyers, journalists, activists, and political dissidents. Commercial-grade malware is unlikely to affect you unless you belong to a group that governments with ethical dilemmas are particularly interested in. This is because commercial-grade spyware is expensive and requires careful victim selection and targeting.

How to know if spyware is on your phone?

There are signs that you may be the target of a spyware or stalkerware operator.

Receiving strange or unexpected emails or messages on social media could be a sign of a spyware infection attempt. You should remove these without downloading any files or clicking any links.

Read more »
TP-Link
AI China Cloud Data Internet Technology TP-Link

TP-Link Routers May Get Banned in US Due to Alleged Links With China


TP-Link routers may soon shut down in the US. There's a chance of potential ban as various federal agencies have backed the proposal. 

Alleged links with China

The news first came in December last year. According to the WSJ, officials at the Departments of Justice, Commerce, and Defense had launched investigations into the company due to national security threats from China. 

Currently, the proposal has gotten interagency approval. According to the Washington Post, "Commerce officials concluded TP-Link Systems products pose a risk because the US-based company's products handle sensitive American data and because the officials believe it remains subject to jurisdiction or influence by the Chinese government." 

But TP-Link's connections to the Chinese government are not confirmed. The company has denied of any ties with being a Chinese company. 

About TP-Link routers 

The company was founded in China in 1996. After the October 2024 investigation, the company split into two: TP-Link Systems and TP-Link Technologies. "TP-Link's unusual degree of vulnerabilities and required compliance with [Chinese] law are in and of themselves disconcerting. When combined with the [Chinese] government's common use of [home office] routers like TP-Link to perpetrate extensive cyberattacks in the United States, it becomes significantly alarming" the officials wrote in October 2024. 

The company dominated the US router market since the COVID pandemic. It rose from 20% of total router sales to 65% between 2019 and 2025. 

Why the investigation?

The US DoJ is investigating if TP-Link was involved in predatory pricing by artificially lowering its prices to kill the competition. 

The potential ban is due to an interagency review and is being handled by the Department of Commerce. Experts say that the ban may be lifted in future due to Trump administration's ongoing negotiations with China. 

Read more »
Video Games
AI Children Privacy Internet Technology Video Games

Video Game Studios Exploit Legal Rights of Children


A study revealed that video game studios are openly ignoring legal systems and abusing the data information and privacy of the children who play these videogames.

Videogame developers discarding legal rights of children 

Researchers found that highly opaque frameworks of data collection in the intense lucrative video game market run by third-party companies and developers showed malicious intent. The major players freely discard children's rights to store personal data via game apps. Video game studios ask parents to accept privacy policies that are difficult to understand and also contradictory at times. 

Quagmire of videos games privacy laws

Their legality is doubtful. Video game studios are thriving on the fact that parents won't take the time to read these privacy laws carefully, and in case if they do, they still won't be able to complain because of the complexity of policies. 

Experts studied the privacy frameworks of video games for children aged below 13 (below 14 in Quebec) in comparison to legal laws in the US, Quebec, and Canada. 

Conclusion 

The research reveals an immediate need for government agencies to implement legal frameworks and predict when potential legal issues for video game developers can surface. In Quebec, a class action lawsuit has already been filled against the mobile gaming industry for violating children's privacy rights.

Need for robust legal systems 

Since there is a genuine need for legislative involvement to control studio operations, this investigation may result in legal action against studios whose abusive practices have been revealed as well as legal reforms. 

 Self-regulation by industry participants (studios and classification agencies) is ineffective since it fails to safeguard children's data rights. Not only do parents and kids lack the knowledge necessary to give unequivocal consent, but inaccurate information also gives them a false sense of security, especially if the game seems harmless and childlike.

Read more »
Technology
AI Cloud Dark Web Internet Ransomware Technology

Why Ransomware Attacks Keep Rising and What Makes Them Unstoppable


In August, Jaguar Land Rover (JLR) suffered a cyberattack. JLR employs over 32,800 people and provides additional 104,000 jobs via it's supply chain. JLR is the recent victim in a chain of ransomware attacks. 

Why such attacks?

Our world is entirely dependent on technology which are prone to attacks. Only a few people understand such complex infrastructure. The internet is built to be easy, and this makes it vulnerable. The first big cyberattack happened in 1988. That time, not many people knew about it. 

The more we rely on networked computer technology, the more we become exposed to attacks and ransomware extortion.

How such attacks happen?

There are various ways of hacking or disrupting a network. Threat actors get direct access through software bugs, they can access unprotected systems and leverage them as a zombie army called "botnet," to disrupt a network.

Currently, we are experiencing a wave of ransomware attacks. First, threat actors hack into a network, they may pretend to be an employee. They do this via phishing emails or social engineering attacks. After this, they increase their access and steal sensitive data for extortion reasons. By this, hackers gain control and assert dominance.

These days, "hypervisor" has become a favourite target. It is a server computer that lets many remote systems to use just one system (like work from home). Hackers then use ransomware to encode data, which makes the entire system unstable and it becomes impossible to restore the data without paying the ransom for a decoding key.

Why constant rise in attacks?

A major reason is a sudden rise in cryptocurrencies. It has made money laundering easier. In 2023, a record $1.1 billion was paid out across the world. Crypto also makes it easier to buy illegal things on the dark web. Another reason is the rise of ransomware as a service (RaaS) groups. This business model has made cyberattacks easier for beginner hackers 

About RaaS

RaaS groups market on dark web and go by the names like LockBit, REvil, Hive, and Darkside sell tech support services for ransomware attack. For a monthly fees, they provide a payment portal, encryption softwares, and a standalone leak site for blackmailing the victims, and also assist in ransom negotiations.


Read more »
Technology
AI atlas ChatGPT Cloud Google Internet Technology

Is ChatGPT's Atlas Browser the Future of Internet?

Is ChatGPT's Atlas Browser the Future of Internet?

After using ChatGPT Atlas, OpenAI's new web browser, users may notice few issues. This is not the same as Google Chrome, which about 60% of users use. It is based on a chatbot that you are supposed to converse with in order to browse the internet.  

One of the notes said, "Messages limit reached," "No models that are currently available support the tools in use," another stated.  

Following that: "You've hit the free plan limit for GPT-5."  

Paid browser 

According to OpenAI, it will simplify and improve internet usage. One more step toward becoming "a true super-assistant." Super or not, however, assistants are not free, and the corporation must start generating significantly more revenue from its 800 million customers.

According to OpenAI, Atlas allows us to "rethink what it means to use the web". It appears to be comparable to Chrome or Apple's Safari at first glance, with one major exception: a sidebar chatbot. These are early days, but there is the potential for significant changes in how we use the Internet. What is certain is that this will be a high-end gadget that will only function properly if you pay a monthly subscription price. Given how accustomed we are to free internet access, many people would have to drastically change their routines.

Competitors, data, and money

The founding objective of OpenAI was to achieve artificial general intelligence (AGI), which roughly translates to AI that can match human intelligence. So, how does a browser assist with this mission? It actually doesn't. However, it has the potential to increase revenue. The company has persuaded venture capitalists and investors to spend billions of dollars in it, and it must now demonstrate a return on that investment. In other words, it needs to generate revenue. However, obtaining funds through typical internet advertising may be risky. Atlas might also grant the corporation access to a large amount of user data.

The ultimate goal of these AI systems is scale; the more data you feed them, the better they will become. The web is built for humans to use, so if Atlas can observe how we order train tickets, for example, it will be able to learn how to better traverse these processes.  

Will it kill Google?

Then we get to compete. Google Chrome is so prevalent that authorities throughout the world are raising their eyebrows and using terms like "monopoly" to describe it. It will not be easy to break into that market.

Google's Gemini AI is now integrated into the search engine, and Microsoft has included Copilot to its Edge browser. Some called ChatGPT the "Google killer" in its early days, predicting that it would render online search as we know it obsolete. It remains to be seen whether enough people are prepared to pay for that added convenience, and there is still a long way to go before Google is dethroned.

Read more »
Web browser
AI ChatGPT Cloud Data Internet Technology Web browser

The Risks of AI-powered Web Browsers for Your Privacy


AI and web browser

The future of browsing is AI, it watches everything you do online. Security and privacy are two different things; they may look same, but it is different for people who specialize in these two. Threats to your security can also be dangers to privacy. 

Threat for privacy and security

Security and privacy aren’t always the same thing, but there’s a reason that people who specialize in one care deeply about the other. 

Recently, OpenAI released its ChatGPT-powered Comet Browser, and Brave Software team disclosed that AI-powered browsers can follow malicious prompts that hide in images on the web. 

AI powered browser good or bad?

We have long known that AI-powered browsers (and AI browser add-ons for other browsers) are vulnerable to a type of attack known as a prompt injection attack. But this is the first time we've seen the browser execute commands that are concealed from the user. 

That is the aspect of security. Experts who evaluated the Comet Browser discovered that it records everything you do while using it, including search and browser history as well as information about the URLs you visit. 

What next?

In short, while new AI-powered browser tools do fulfill the promise of integrating your favorite chatbot into your web browsing experience, their developers have not yet addressed the privacy and security threats they pose. Be careful when using these.

Researchers studied the ten biggest VPN attacks in recent history. Many of them were not even triggered by foreign hostile actors; some were the result of basic human faults, such as leaked credentials, third-party mistakes, or poor management.

Atlas: AI powered web browser

Atlas, an AI-powered web browser developed with ChatGPT as its core, is meant to do more than just allow users to navigate the internet. It is capable of reading, sum up, and even finish internet tasks for the user, such as arranging appointments or finding lodgings.

Atlas looked for social media posts and other websites that mentioned or discussed the story. For the New York Times piece, a summary was created utilizing information from other publications such as The Guardian, The Washington Post, Reuters, and The Associated Press, all of which have partnerships or agreements with OpenAI, with the exception of Reuters.

Read more »
Internet
AWS Business Cyber Security Global IT Outage Government Internet

The Fragile Internet: How Small Failures Trigger Global Outages






The modern internet, though vast and advanced, remains surprisingly delicate. A minor technical fault or human error can disrupt millions of users worldwide, revealing how dependent our lives have become on digital systems.

On October 20, 2025, a technical error in a database service operated by Amazon Web Services (AWS) caused widespread outages across several online platforms. AWS, one of the largest cloud computing providers globally, hosts the infrastructure behind thousands of popular websites and apps. As a result, users found services such as Roblox, Fortnite, Pokémon Go, Snapchat, Slack, and multiple banking platforms temporarily inaccessible. The incident showed how a single malfunction in a key cloud system can paralyze numerous organizations at once.

Such disruptions are not new. In July 2024, a faulty software update from cybersecurity company CrowdStrike crashed around 8.5 million Windows computers globally, producing the infamous “blue screen of death.” Airlines had to cancel tens of thousands of flights, hospitals postponed surgeries, and emergency services across the United States faced interruptions. Businesses reverted to manual operations, with some even switching to cash transactions. The event became a global lesson in how a single rushed software update can cripple essential infrastructure.

History provides many similar warnings. In 1997, a technical glitch at Network Solutions Inc., a major domain registrar, temporarily disabled every website ending in “.com” and “.net.” Though the number of websites was smaller then, the event marked the first large-scale internet failure, showing how dependent the digital world had already become on centralized systems.

Some outages, however, have stemmed from physical damage. In 2011, an elderly woman in Georgia accidentally cut through a fiber-optic cable while scavenging for copper, disconnecting the entire nation of Armenia from the internet. The incident exposed how a single damaged cable could isolate millions of users. Similarly, in 2017, a construction vehicle in South Africa severed a key line, knocking Zimbabwe offline for hours. Even undersea cables face threats, with sharks and other marine life occasionally biting through them, forcing companies like Google to reinforce cables with protective materials.

In 2022, Canada witnessed one of its largest connectivity failures when telecom provider Rogers Communications experienced a system breakdown that halted internet and phone services for roughly a quarter of the country. Emergency calls, hospital appointments, and digital payments were affected nationwide, highlighting the deep societal consequences of a single network failure.

Experts warn that such events will keep occurring. As networks grow more interconnected, even a small mistake or single-point failure can spread rapidly. Cybersecurity analysts emphasize the need for stronger redundancy, slower software rollouts, and diversified cloud dependencies to prevent global disruptions.

The internet connects nearly every part of modern life, yet these incidents remind us that it remains vulnerable. Whether caused by human error, faulty code, or damaged cables, the web’s fragility shows why constant vigilance, better infrastructure planning, and verified information are essential to keeping the world online.



Read more »
Technology
AI Browser Cloud Data Google Internet Technology

Incognito Mode Is Not Private, Use These Instead


Incognito (private mode) is a famous privacy feature in web browsers. Users may think that using Incognito mode ensures privacy while surfing the web, allowing them to browse without restrictions, and that everything disappears when the tab is closed. 

With no sign of browsing history in Incognito mode, you may believe you are safe. However, this is not entirely accurate, as Incognito has its drawbacks and doesn’t guarantee private browsing. But this doesn’t mean that the feature is useless. 

What Incognito mode does

Private browsing mode is made to keep your local browsing history secret. When a user opens an incognito window, their browser starts a different session and temporarily saves browsing in the session, such as history and cookies. Once the private session is closed, the temporary information is self-deleted and is not visible in your browsing history. 

What Incognito mode can’t do

Incognito mode helps to keep your browsing data safe from other users who use your device

A common misconception among users is that it makes them invisible on the internet and hides everything they browse online. But that is not true.

Why Incognito mode doesn't guarantee privacy

1. It doesn’t hide user activity from the Internet Service Provider (ISP)

Every request you send travels via the ISP network (encrypted DNS providers are an exception). Your ISPs can track user activity on their networks, and can monitor your activity and all the domains you visit, and even your unencrypted traffic. If you are on a corporate Wi-Fi network, your network admin can see the visited websites. 

2. Incognito mode doesn’t stop websites from tracking users

When you are using Incognito, cookies are deleted, but websites can still track your online activity via device and browser fingerprinting. Sites create user profiles based on unique device characteristics such as resolution, installed extensions, and screen size.

3. Incognito mode doesn’t hide your IP address

If you are blocked from a website, using Incognito mode won’t make it accessible. It can’t change your I address.

Should you use Incognito mode?

It may give a false sense of benefits, but Incognito mode doesn’t ensure privacy. It is only helpful for shared devices.

What can you use?

There are other options to protect your online privacy, such as:

  1. Using a virtual private network (VPN)
  2. Privacy-focused browsers: Browsers such as Tor are by default designed to block trackers, ads, and fingerprinting.
  3. Using private search engines: Instead of Google and Bing, you can use private search engines such as DuckDuckGo and Startpage.

Read more »
Technology
AI Cloud Data Internet Ransomware Technology

Paying Ransom Does Not Guarantee Data Restoration: Report


A new report claims that smaller firms continue to face dangers in the digital domain, as ransomware threats persistently target organizations. Hiscox’s Cyber Readiness Report surveyed 6,000 businesses, and over 59% report they have been hit by a cyber attack in the last year.  

Financial losses were a major factor; most organizations reported operational failures, reputation damage, and staff losses. “Outdated operating systems and applications often contain security vulnerabilities that cyber attackers can exploit. Even with robust defenses, there is always a risk of data loss or ransomware attacks,” the report said.

Problems with ransomware payments

Ransomware is the topmost problem; the survey suggests that around 27% of respondents suffered damage, and 80% agreed to pay ransom. 

Despite the payments, recovery was not confirmed as only 60% could restore their data, while hackers asked for repayments again. The reports highlight that paying the ransom to hackers doesn’t ensure data recovery and can even lead to further extortion. 

Transparency needed

There is an urgent need for transparency, as 71% respondents agreed that companies should disclose ransom payments and the money paid. Hiscox found that gangs are targeting sensitive data like executive emails, financial information, and contracts.

The report notes that criminal groups are increasingly targeting sensitive business data such as contracts, executive emails, and financial information. "Cyber criminals are now much more focused on stealing sensitive business data. Once stolen, they demand payment…pricing threats based on reputational damage,” the report said. This shift has exposed gaps in businesses’ data loss prevention measures that criminals exploit easily.  

AI threat

Respondents also said they experienced AI-related incidents, where threat actors exploited AI flaws such as deepfakes and vulnerabilities in third-party AI apps. Around 65% still perceive AI as an opportunity rather than a threat. The report highlights new risks that business leaders may not fully understand yet. 

According to the report, “Even with robust defenses, there is always a risk of data loss or ransomware attacks. Frequent, secure back-ups – stored either offline or in the cloud – ensure that businesses can recover quickly if the worst happens.”

Read more »
Windows
AI Cloud Internet Microsoft PCs Technology Windows

Microsoft to end support for Windows 10, 400 million PCs will be impacted


Microsoft is ending software updates for Windows 10

From October 14, Microsoft will end its support for Windows 10, experts believe it will impact around 400 million computers, exposing them to cyber threats. People and groups worldwide are requesting that Microsoft extend its free support. 

According to recent research, 40.8% of desktop users still use Windows 10. This means around 600 million PCs worldwide use Windows 10. Soon, most of them will not receive software updates, security fixes, or technical assistance. 

400 million PCs will be impacted

Experts believe that these 400 million PCs will continue to work even after October 14th because hardware upgrades won’t be possible in such a short duration. 

“When support for Windows 8 ended in January 2016, only 3.7% of Windows users were still using it. Only 2.2% of Windows users were still using Windows 8.1 when support ended in January 2023,” PIRG said. PIGR has also called this move a “looming security disaster.”

What can Windows users do?

The permanent solution is to upgrade to Windows 11. But there are certain hardware requirements when you want to upgrade, and most users will not be able to upgrade as they will have to buy new PCs with compatible hardware. 

But Microsoft has offered few free options for personal users, if you use 1,000 Microsoft Rewards points. Users can also back up their data to the Windows Backup cloud service to get a free upgrade. If this impacts you, you can earn these points via Microsoft services such as Xbox games, store purchases, and Bing searches. But this will take time, and users don’t have it, unfortunately. 

The only viable option for users is to pay $30 (around Rs 2,650) for an Extended Security Updates (ESU) plan, but it will only work for one year.

According to PIGR, “Unless Microsoft changes course, users will face the choice between exposing themselves to cyberattacks or discarding their old computers and buying new ones. The solution is clear: Microsoft must extend free, automatic support.”

Read more »
zero-click
AI Cloud Data Internet Spyware Technology zero-click

Zero-click Exploit AI Flaws to Hack Systems


What if machines, not humans, become the centre of cyber-warfare? Imagine if your device could be hijacked without you opening any link, downloading a file, or knowing the hack happened? This is a real threat called zero-click attacks, a covert and dangerous type of cyber attack that abuses software bugs to hack systems without user interaction. 

The threat

These attacks have used spywares such as Pegasus and AI-driven EchoLeak, and shown their power to attack millions of systems, compromise critical devices, and steal sensitive information. With the surge of AI agents, the risk is high now. The AI-driven streamlining of work and risen productivity has become a lucrative target for exploitation, increasing the scale and attack tactics of breaches.

IBM technology explained how the combination of AI systems and zero-click flaws has reshaped the cybersecurity landscape. “Cybercriminals are increasingly adopting stealthy tactics and prioritizing data theft over encryption and exploiting identities at scale. A surge in phishing emails delivering infostealer malware and credential phishing is fueling this trend—and may be attributed to attackers leveraging AI to scale distribution,” said the IBM report.

A few risks of autonomous AI are highlighted, such as:

  • Threat of prompt injection 
  • Need for an AI firewall
  • Gaps in addressing the challenges due to AI-driven tech

About Zero-click attacks

These attacks do not need user interaction, unlike traditional cyberattacks that relied on social engineering campaigns or phishing attacks. Zero-click attacks exploit flaws in communication or software protocols to gain unauthorized entry into systems.  

Echoleak: An AI-based attack that modifies AI systems to hack sensitive information.

Stagefright: A flaw in Android devices that allows hackers to install malicious code via multimedia messages (MMS), hacking millions of devices.

Pegasus: A spyware that hacks devices through apps such as iMessage and WhatsApp, it conducts surveillance, can gain unauthorized access to sensitive data, and facilitate data theft as well.

How to stay safe?

According to IBM, “Despite the magnitude of these challenges, we found that most organizations still don’t have a cyber crisis plan or playbooks for scenarios that require swift responses.” To stay safe, IBM suggests “quick, decisive action to counteract the faster pace with which threat actors, increasingly aided by AI, conduct attacks, exfiltrate data, and exploit vulnerabilities.”

Read more »
Tehcnology
Cloud GitHub GitLab Internet Red Hat Tehcnology

Red Hat Hit by Data Breach, Hackers Exploit GitLab Instance

Red Hat Hit by Data Breach, Hackers Exploit GitLab Instance

An extortion gang by the name of Crimson Collective claimed to have stolen approximately 570GB of compressed data from internal development repositories belonging to Red Hat. Red Hat confirmed the breach impacted one of its GitLab instances.

The stolen data contains around 800 Customer Engagement Reports (CERs), which contain sensitive data about a customer’s platform and network. A CER is a consulting document made for clients that includes infrastructure data, configuration details, authentication tokens, and other data that could be exploited to attack customer networks. 

Red Hat confirmed that it was hit by a security breach impacting its consulting business, but it has not confirmed any of the threat actor’s claims about the stolen GitLab repositories and customer CERs. 

According to Bleeping Computer’s conversation with the hacker, the breach happened two weeks ago. Threat actors allegedly accessed the full database URIs, authentication tokens, and private data in Red Hat CERs and code. They claim that the data was used to get access to the downstream customer infrastructure.

The hacking gang also released a full directory containing the list of the allegedly extracted GitLab repositories and a list of CERs between 2020 and 2025 on Telegram. 

The directory list of CERs contains various sectors and famous organizations like AT&T, Fidelity, Kaiser, Bank of America, Mayo Clinic,  T-Mobile, Costco, Federal Aviation Administration, the US Navy’s Naval Surface Warfare Center, the House of Representatives, etc. 

The hackers claim they contacted Red Hat with an extortion ransom, but did not get any reply except a message asking the hackers to provide a vulnerability report to Red Hat’s security team.

"We recently detected unauthorized access to a GitLab instance used for internal Red Hat Consulting collaboration in select engagements. Upon detection, we promptly launched a thorough investigation, removed the unauthorized party’s access, isolated the instance, and contacted the appropriate authorities. Our ongoing investigation found that an unauthorized third party had accessed and copied some data from this instance," said Red Hat

Read more »
Phishing Campaigns
AI Cloud Cyber Security GenAI Internet Microsoft Phishing Campaigns

Microsoft Stops Phishing Scam Which Used Gen-AI Codes to Fool Victims


AI: Boon or Curse?

AI code is in use across sectors for variety of tasks, particularly cybersecurity, and both threat actors and security teams have turned to LLMs for supporting their work. 

Security experts use AI to track and address to threats at scale as hackers are experimenting with AI to make phishing traps, create obfuscated codes, and make spoofed malicious payloads. 

Microsoft Threat Intelligence recently found and stopped a phishing campaign that allegedly used AI-generated code to cover payload within an SVG file. 

About the campaign 

The campaign used a small business email account to send self addressed mails with actual victims coveted in BCC fields, and the attachment looked like a PDF but consisted SVG script content. 

The SVG file consisted hidden elements that made it look like an original business dashboard, while a secretly embedded script changed business words into code that exposed a secret payload. Once opened, the file redirects users to a CAPTCHA gate, a standard social engineering tactical that leads to a scanned sign in page used to steal credentials. 

The hidden process combined business words and formulaic code patterns instead of cryptographic techniques. 

Security Copilot studied the file and listed markers in lines with LLM output. These things made the code look fancy on the surface, however, it made the experts think it was AI generated. 

Combating the threat

The experts used AI powered tools in Microsoft Defender for Office 375 to club together hints that were difficult for hackers to push under the rug. 

The AI tool flagged the rare self-addressed email trend , the unusual SVG file hidden as a PDF, the redirecting to a famous phishing site, the covert code within the file, and the detection tactics deployed on the phishing page. 

The incident was contained, and blocked without much effort, mainly targeting US based organizations, Microsoft, however, said that the attack show how threat actors are aggressively toying with AI to make believable tracks and sophisticated payloads.

Read more »
Technology
Cloud Data Facebook Google Internet Partiful Technology

Social Event App Partiful Did Not Collect GPS Locations from Photos

 

Social event planning app Partiful, also known as "Facebook events for hot people," has replaced Facebook as the go-to place for sending party invites. However, like Facebook, Partiful also collects user data. 

The hosts can create online invitations in a retro style, which allows users to RSVP to events easily. The platform strives to be user-friendly and trendy, which has made the app No.9 on the Apple store, and Google has called it "the best app" of 2024. 

About Partiful

Partiful has recently developed into a Facebook-like social graph; it maps your friends and also friends of friends, what you do, where you go, and your contact numbers. When the app became famous, people started doubting its origins, alleging that the app had former employees of a data-mining company. TechCrunch, however, found that the app was not storing any location data from user-uploaded images, which include public profile pictures. 

Metadata in photos

The photos that you have on your phones have metadata, which consists of file size, date of capture. With videos, Metadata can include information such as the type of camera used, the settings, and latitude/longitude coordinates. TechCrunch discovered that anyone could use the developer tools in a web browser to get raw user profile photos access from Partiful’s back-end database on Google Firebase. 

About the bug

The flaw could have been problematic, as it could have exposed the location of a person’s profile photo if someone used Partiful. 

According to TechCrunch, “Some Partiful user profile photos contained highly granular location data that could be used to identify the person’s home or work, particularly in rural areas where individual homes are easier to distinguish on a map.”

It is a common norm for companies hosting user photos and videos to automatically remove metadata once uploaded to prevent privacy issues, such as Partiful.

Read more »
Technology
Cloud Dark Web Data Digital ID Internet Technology

Is UK's Digital ID Hacker Proof?


Experts warned that our data will never be safe, as the UK government plans to launch Digital IDs for all citizens in the UK. The move has received harsh criticism due to a series of recent data attacks that leaked official government contacts, email accounts, staff addresses, and passwords. 

Why Digital IDs?

The rolling out of IDs means that digital identification will become mandatory for right-to-work checks in the UK by the end of this Parliament session. It aims to stop the illegal migrants from entering the UK, according to Keir Starmer, the UK's Prime Minister, also stressing that the IDs will prevent illegal working.

Experts, however, are not optimistic about this, as cyberattacks on critical national infrastructure, public service providers, and high street chains have surged. They have urged the parliament to ensure security and transparency when launching the new ID card scheme. 

According to former UK security and intelligence coordinator and director of GCHQ David Omand, the new plan will offer benefits, but it has to be implemented carefully. 

Benefits of Digital IDs

David Omand, former UK security and intelligence coordinator and director of GCHQ, said the scheme could offer enormous benefits, but only if it is implemented securely, as state hackers will try to hack and disrupt. 

To prevent this, the system should be made securely, and GCHQ must dedicate time and resources to robust implementation. The digital IDs would be on smartphones in the GOV.UK’s wallet app and verified against a central database of citizens having the right to live and work in the UK.

Risk with Digital IDs

There is always a risk of stolen data getting leaked on the dark web. According to an investigation by Cyjax, more than 1300 government email-password combinations, addresses, and contact details were accessed by threat actors over the past year. This is what makes the Digital ID card a risk, as the privacy of citizens can be put at risk. 

The UK government, however, has ensured that these digital IDs are made with robust security, secured via state-of-the-art encryption and authentication technology. 

According to PM Starmer, this offers citizens various benefits like proving their identity online and control over how data is shared and with whom.

Read more »
Technology
Cloud Data Domain Internet phishing PyPI Technology

Phishing Campaign Uses Fake PyPI Domain to Steal Login Credentials


Phishing campaign via fake domains

A highly advanced phishing campaign targeted maintainers of packages on the Python Package Index (PyPI), utilizing domain confusion methods to obtain login credentials from unsuspecting developers. The campaign leverages fake emails made to copy authentic PyPI communications and send recipients to fake domains that mimic the genuine PyPI infrastructure.

Campaign tactic

The phishing operation uses meticulously drafted emails that ask users to confirm their email address for “account maintenance and security reasons,” cautioning that accounts will be suspended if not done. 

These fake emails scare users, pushing them to make hasty decisions without confirming the authenticity of the communication. The phony emails redirect the victims to the malicious domain pypi-mirror.org, which mimics the genuine PyPI mirror but is not linked to the Python Software Foundation.

Broader scheme 

This phishing campaign highlights a series of attacks that have hit PyPi and similar other open-source repositories recently. Hackers have started changing domain names to avoid getting caught. 

Experts at PyPI said that these campaigns are part of a larger domain-confusion attack to abuse the trust relationship inside the open-source ecosystem.

The campaign uses technical deception and social engineering. When users open the malicious links, their credentials are stolen by the hackers. 

Domain confusion

The core of this campaign depends upon domain spoofing. The fake domain uses HTTPS encoding and sophisticated web design to build its authority, which tricks users who might not pay close attention while accessing these sites. The malicious sites mimic PyPI’s login page with stark reality, such as professional logos, form elements, and styling, giving users an authentic experience. 

This level of detail in the craft highlights robust planning and resource use by threat actors to increase the campaign’s effectiveness.

How to stay safe?

Users are advised to not open malicious links and pay attention while using websites, especially when putting in login details. 

“If you have already clicked on the link and provided your credentials, we recommend changing your password on PyPI immediately. Inspect your account's Security History for anything unexpected. Report suspicious activity, such as potential phishing campaigns against PyPI, to security@pypi.org,” PyPI said in the blog post.

Read more »
Subscribe to: Comments (Atom)