Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Mobile Security. Show all posts
WhatsApp Security
Cyber Protection High-Security Mode Mobile Security Privacy Features WhatsApp Security

WhatsApp Launches High-Security Mode for Ultimate User Protection

 

WhatsApp has launched a new high-security mode called "Strict Account Settings," providing users with enhanced defenses against sophisticated cyber threats. This feature, introduced on January 27, 2026, allows one-click activation and builds on the platform's existing end-to-end encryption. It targets high-risk individuals like journalists and public figures facing advanced attacks, marking WhatsApp as the third major tech firm to offer such protections after Apple's Lockdown Mode and Google's Advanced Protection.

The mode activates multiple safeguards simultaneously through a simple toggle in WhatsApp settings under Privacy > Advanced. It blocks media files and attachments from unknown senders, preventing potential malware delivery via images or documents. Link previews—thumbnails that appear for shared URLs—are disabled to eliminate risks from embedded tracking or exploits, while calls from unknown numbers are automatically silenced, appearing only in missed calls.

These measures address common attack vectors identified in cyber surveillance campaigns. For instance, malicious attachments and link previews have been exploited in spyware incidents targeting activists and reporters. By muting unknown calls, the feature reduces social engineering attempts like vishing scams, where attackers impersonate contacts to extract information. WhatsApp's blog emphasizes that while everyday users benefit from standard encryption, this mode offers "extreme safeguards" for rare, high-sophistication threats.

Similar to competitors' offerings, robust account settings trades convenience for security, limiting app functionality for greater protection. Apple's Lockdown Mode, available since 2022, restricts attachments and browser features, while Google's Android version blocks risky app downloads. Cybersecurity experts have welcomed WhatsApp's step, calling it a "very welcome development" for civil society defenders. The rollout is global on iOS and Android, with full availability expected in coming weeks.

As cyber threats evolve with AI-driven attacks and state-sponsored hacking, features like this empower users to customize defenses. High-risk professionals can now layer protections without switching apps, fostering safer digital communication. However, Meta advises reviewing settings post-activation, as it may block legitimate interactions from new contacts. This move aligns with rising demands for privacy amid global data scandals.
Read more »
Nano Banana
Cloud Photo Scanning Data Privacy Google Photos Mobile Security Nano Banana

Google Issues Urgent Privacy Warning for 1.5 Billion Photos Users

 

Google has issued a critical privacy alert for its 1.5 billion Google Photos users following accusations of using personal images to train AI models without consent. The controversy erupted from privacy-focused rival Proton, which speculated that Google's advanced Nano Banana AI tool scans user libraries for data. Google has quickly denied the claims, emphasizing robust safeguards for user content. 

Fears have mounted as Google rapidly expands artificial intelligence in Photos to include features such as Nano Banana, which turns any image into an animation. Using the feature is fun, but critics note that it processes photos via cloud servers, which raises concerns about data retention and possible misuse. Incidents like last year's Google Takeout bug, which made other people's videos appear in the exports of those downloading their data, have fed skepticism about the security of the platform.

Google explained that, unless users explicitly share photos and videos, the company does not use personal photos or videos to train generative AI models like Gemini. It also acknowledged that Photos does not have end-to-end encryption but instead conducts automated scans for child exploitation material and professional reviews. This transparency aims at rebuilding trust as viral social media trends amplify Nano Banana's popularity. 

According to security experts, users are seeing wider impacts as the AI integration expands across Google services, echoing recent Gmail data training refusals. Proton and experts advise caution, suggesting users check their privacy dashboards and limit what they upload to the cloud. With billions of images on the line, this cautionary tale highlights the push and pull between innovation and data privacy in cloud storage.

To mitigate risks, enable two factor authentication, use local backups, or consider encrypted options like Proton Drive. While Google is still patching vulnerabilities, users should still be vigilant as threats continue to evolve and become more AI-driven. In the face of increasing scrutiny, this incident serves as a stark reminder of the necessity for clearer guidelines in an age of ubiquitous AI-powered photo processing.
Read more »
User Privacy
Chrome Extension Credential Theft Mobile Security Phantom Shuttle User Privacy

Phantom Shuttle Chrome Extensions Caught Stealing Credentials

 

Two malicious Chrome extensions named Phantom Shuttle have been discovered to have acted as proxies and network test tools while stealing internet browsing and private information from people’s browsers without their knowledge.

According to security researchers from Socket, these extensions have been around since at least 2017 and were present in the Chrome Web Store until the time of writing. This raises serious concerns regarding the dangers associated with browser extensions even from reputable sources. 

Analysis carried out by Socket indicates that the Phantom Shuttle extension directs the online traffic of the victims to a proxy setup that is controlled by the attackers using hardcoded credentials. The attackers hid the malcode using the approach of prepending the malcode to a jQuery library. 

The hardcoded credentials for the proxy are also obfuscated using a custom character index-based encoding scheme, which could impact detection and reverse engineering efficiency. The built-in traffic listener in the extensions is capable of intercepting HTTP authentication challenges on multiple websites.

Modus operandi 

To force traffic through its infrastructure, Phantom Shuttle dynamically modifies Chrome’s proxy configuration using an auto-configuration script. In a default mode labeled “smarty,” the extensions allegedly route more than 170 “high-value” domains through the proxy network, including developer platforms, cloud consoles, social media services, and adult sites. Additionally, to avoid breaking environments that could expose the operation, the extensions maintain an exclusion list that includes local network addresses and the command-and-control domain. 

Since the extensions operate a man-in-the-middle, they can seize data passed through forms such as credentials, payment card data, passwords and other personal information. Socket claims the extensions can also steal session cookies from HTTP headers, and parse API tokens from requests, potentially taking over accounts even if passwords aren't directly harvested. 

Mitigation tips 

Chrome users are warned to download extensions only from trusted developers, to verify multiple user reviews and to be attentive to the permissions asked for when installing. In sensitive workload environments (cloud admin, developer portals, finance tools), minimizing extensions and removing those not in use can also dramatically reduce exposure to similar proxy-based credential heists.
Read more »
Mobile Security
Apple Apple device security Cybersecurity Threats iOS iOS Security Update iPhone Users Mobile Security

Apple Forces iOS 26 Upgrade Amid Active iPhone Security Threats

 

Apple has taken an unusually firm stance on software updates by effectively forcing many iPhone users to move to iOS 26, citing active security threats targeting devices in the wild. The decision marks a departure from Apple’s typical approach of offering extended security updates for older operating system versions, even after a major new release becomes available.

Until recently, it was widely expected that iOS 18.7.3 would serve as a final optional update for users unwilling or unable to upgrade to iOS 26, particularly those with newer devices such as the iPhone 11 and above. Early beta releases appeared to support this assumption, with fixes initially flagged for a broad range of devices. That position has since changed. 

Apple has now restricted key security fixes to older models, including the iPhone XS, XS Max, and XR, leaving newer devices with no option other than upgrading to iOS 26 to remain protected. Apple has confirmed that the vulnerabilities addressed in the latest updates are actively being exploited. The company has acknowledged the presence of mercenary spyware operating in the wild, targeting specific individuals but carrying the potential to spread more widely over time. These threats elevate the importance of timely updates, particularly as spyware campaigns increasingly focus on mobile platforms. 

The move has surprised industry observers, as iOS 18.7.3 was reportedly compatible with newer hardware and could have been released more broadly. Making the update available would likely have accelerated patch adoption across Apple’s ecosystem. Instead, Apple has chosen to draw a firm line, prioritizing rapid migration to iOS 26 over backward compatibility.

Resistance to upgrading remains significant. Analysts estimate that at least half of eligible users have not yet moved to iOS 26, citing factors such as storage limitations, unfamiliar design changes, and general update fatigue. While only a small percentage of users are believed to be running devices incompatible with iOS 26, a far larger group remains on older versions by choice. This creates a sizable population potentially exposed to known threats. 

Security firms continue to warn about the risks of delayed updates. Zimperium has reported that more than half of mobile devices globally run outdated operating systems at any given time, a condition that attackers routinely exploit. In response, U.S. authorities have also issued update warnings, reinforcing the urgency of Apple’s message. 

Beyond vulnerability fixes, iOS 26 introduces additional security enhancements. These include improved protections in Safari against advanced tracking techniques, safeguards against malicious wired connections similar to those highlighted by transportation security agencies, and new anti-scam features integrated into calls and messages. Collectively, these changes reflect Apple’s broader push to harden iPhones against evolving threat vectors. 

With iOS 26.3 expected in the coming weeks, users who upgrade now are effectively committing to Apple’s new update cadence, which emphasizes continuous feature and security changes rather than isolated patches. Apple has also expanded its ability to deploy background security updates without user interaction, although it remains unclear when this capability will be used at scale. 

Apple’s decision underscores a clear message: remaining on older software versions is no longer considered a safe or supported option. As active exploitation continues, the company appears willing to trade user convenience for faster, more comprehensive security coverage across its device ecosystem.
Read more »
Telecom Fraud
Android Security Data Permissions Device Surveillance DoTCyber Policy Government Spyware IMEI Verification Mobile Security Telecom Fraud

India’s Spyware Policy Could Reshape Tech Governance Norms


 

Several months ago, India's digital governance landscape was jolted by an unusual experiment in the control of state-controlled devices, one that briefly shifted the conversation from telecommunication networks to the mobile phones carried in consumers' pockets during the conversation. 

It has been instructed that all mobile handsets intended for the Indian market be shipped with a pre-installed government-developed security application called Sanchar Saathi, which is a technology shield against the use of cell phones. This was an initiative that is being positioned by the Indian Government as a technological protection against cell phone crimes. 

According to the app's promotional materials, Communication Partner (which translates to Communication Partner) was created to help users, particularly those in the mobile sector, counter mobile phone theft, financial fraud, spam, and other mobile-led scams that, as a result, have outpaced traditional police efforts. 

Further, the Department of Telecommunications (DoT), the regulatory authority responsible for overseeing the mandate, stated that the application’s core functionalities could neither be disabled nor restricted by end users, effectively making the application a permanent component of the operating environment, effectively classifying it as such. 

A 120-day deadline had been set for device makers to submit a detailed compliance report, including a system-level integration assessment, an audit confirmation and a detailed compliance report. It is important to note, however, that the order, which was originally defended on the basis of cybersecurity, quickly encountered a wave of public and political opposition. 

Leaders of opposition, privacy advocates, and digital-rights organizations questioned the proportionality of this measure as well as the inherent risks associated with compulsory, non-removable state applications on personal devices, as well as stating that such software could be used to collect mass data, track real-time locations, and continuously profile people's behavior.

It did not take long for the Department of Transportation to retract the mandatory installation requirement after a short period of time, stating that users had already accepted the application and that mandatory pre-installation was not required. Despite the swift withdrawal, the policy failed to quell wider unrest, amplifying fears that the policy reflected a deeper intention to normalize state access to private hardware with the rhetorical background of crime prevention, rather than quell it. 

Many commentators pointed out the uneasy similarities between this situation and the surveillance state described in George Orwell's 1984, where oversight is not only a default state of affairs but a matter of course. Several commentators feared that the episode was a sign that an eventual future where the individual might lose control over their personal technology to government-defined security priorities could be envisioned. 

Many experts, however, believe that the controversy involves not just a single application, but rather a precedent that the application tries to set-one that raises fundamental questions about the role of technology in society, whether this is a legitimate right, and the limits of privacy of citizens in the largest democracy in the world. 

Additionally, the mandate extends beyond new inventory, in that already in circulation handsets must be updated to accommodate the government application through software updates. As a result of the accompanying provisions, it is explicit that users and manufacturers cannot disable, limit, or obstruct its core functionalities. 

The directive, which was conceived as a measure to strengthen cyber intelligence and combat cyber fraud, has sparked a widening discussion among security researchers, civil-rights activists, and technology policy experts over the past few months. 

It has been reported that some security researchers, civil-rights advocates, and technology policy experts are warning that such state applications, which are compulsory and non-removable, will markedly alter India's approach to digital governance in a profound way, blurring longstanding boundaries between security objectives and individual control over private technology. 

After abruptly reversing its policy on Wednesday, the Indian government withdrew the directive that had instructed global smartphones manufacturers such as Apple and Samsung to embed a state-developed security application into all mobile handsets sold in the country. 

Several opposition lawmakers and digital-rights organizations, including those from the opposition party, reacted violently to the decision following a two-day backlash in which it was claimed that the Sanchar Saathi application, which means "Communication Partner" in Hindi, was not intended for security purposes but rather for surveillance purposes by the state.

In response to the mandate, critics from across the political aisle and privacy advocacy groups had publicly attacked the directive as an excessive intrusion into personal devices, claiming that the government was planning to "snoop on citizens through their phones." 

In response to mounting criticism, the Ministry of Communications issued a statement Wednesday afternoon confirming that the government had decided not to impose mandatory pre-installation, clarifying that manufacturers would no longer be bound by the order. As it was first circulated confidentially to device makers late last month, the original directive came into public discussion only after it was leaked to domestic media on Monday. 

According to the order, new handsets were required to comply with the requirement within 90 days of its release, and previously sold devices were also required to comply via software updates. This order was explicitly stating that key functions of the app cannot be disabled or restricted in order for them to be compliant with the rules. 

Despite the fact that the ministry had positioned the policy in a way that was supposed to protect the nation's digital security, its quiet withdrawal signifies a rare moment in which external scrutiny reshaped the state's digital policy calculus, emphasizing the importance of controlling personal technology, especially in the world's second largest mobile market. 

When the directive was first circulated to industry stakeholders, it was positioned to provide a narrow compliance window for new devices, but set a much more stringent requirement for handsets already in use. For manufacturers to ensure that all new units, whether they were manufactured in the factory or imported into India, carried the Sanchar Saathi application by default, they were given 90 days to do so. 

When the unsold devices had already been positioned in retail and distribution pipelines, companies were instructed to deliver the software retroactively through system updates to ensure that the devices were present throughout the supply chain, ensuring that they were present across supply chains. The policy, if it had been enforced, would have standardized the tool throughout one of the world’s largest mobile markets. 

Over 735 million people use smartphones every day. Government officials defended the mandate as a consumer protection imperative, arguing that it was necessary to protect consumers from telecom fraud based on duplicate or cloned IMEI numbers - 14 to 17 digit identification codes for mobile phones - which are the primary authentication codes on mobile networks. 

With the Sanchar Saathi platform, linked to a centralized registry, users can report missing smartphones, block stolen devices, block suspicious network access, and flag fraudulent mobile communications that have been sent. 

There was also evidence that it was necessary to launch the app in the first place: according to government data, since the app was launched in January, it has been able to block more than 3.7 million lost or stolen phones, and over 30 million illicit mobile connections have been terminated, including scams involving telecom companies and identity frauds associated with the app. 

Despite this, the mandate put India at odds with Apple, a company whose history is characterized by a reluctance to preload government and third party applications on its products, citing ecosystem integrity and operating system security as key concerns. 

In spite of Apple's relatively small share of the India smartphone market share of 4.5%, it holds a disproportionate amount of weight in global discussions about secure device architectures. Several industry insiders have noted that Apple's internal policies prohibit the inclusion of external software before the retail sale of the product, making regulatory friction a probable outcome. 

It was believed in the beginning that New Delhi would eventually sway Apple's pre-installation requirement, replacing it with optional installation prompts or software nudges which could be delivered at the operating system level, replacing mandatory pre-installation. A security researcher who spoke on condition of anonymity argued that negotiations could lead to a midpoint. 

Rather than imposing a mandate, they might settle for a nudge, the researcher said, echoing broader industry assumptions that the policy would prove to be more malleable in practice than it initially appeared. Privacy advocates, however, felt that the short lifespan of the order did not diminish its significance despite the fact that its duration was relatively short. 

Organizations that represent civil society have warned that non-removable, mandatory state applications - even when they present themselves as essential tools to combat fraud - may affect the normalization of a level of technical authority over individual devices that extends well beyond the prevention of telecom crimes. 

A quick comparison was drawn between Russia's recent requirement that a state-backed message application be embedded into smartphones and similar software standardization efforts in Russia and Russia-aligned regulatory environments, among other examples. According to Mishi Choudhary, a lawyer specializing in technology rights, "The government removes user consent as a meaningful choice, encapsulating the core argument from digital rights groups," he said.

Prior to the order being leaked to Indian media, the Ministry of Communications, which issued it on a confidential basis, declined to publicly release the entire directive or make any substantive comments regarding privacy issues. Critics contend that this silence compounded fears by leaving behind an impression of regulatory overreach that was not tempered by clarified safeguards, but by political optics. 

The episode of the cybercrime crisis continued to evoke questions about the transparency in cybersecurity policymaking, the future of digital consent, and the precedent that would be set when state security frameworks began to reach into the software layer of personal hardware in a democracy already struggling with rapid digitization and fragile public trust, even after the government announced it would not enforce pre-installation requirements anymore. 

A number of technology policy analysts also issued important warnings about the mandate, arguing that the risks lay not just in the stated purpose of the application but in the level of access it may be able to command in the future. 

Prasanto K. Roy, a specialist in India's digital infrastructure, who maintains a long-term study of the country's regulatory impulses, characterized the directive as an example of a larger problem: the lack of transparency about what state-mandated software might ultimately be allowed to do on the hardware of individual users. 

During an interview, Roy commented on the report that while Sanchar Saathi's internal workings are still unclear to the public, the permissions it seeks indicate that it is worth exercising caution. Despite the fact that we are not sure exactly what it is doing, we can see that it is asking for a lot of permissions from the flashlight to the camera which suggests that it has the potential to access almost everything. 

“That alone is problematic,” he added, reflecting a growing consensus among cybersecurity researchers that expansive access requests carry structural risks when they are connected to applications that aren’t subject to independent audits or external oversight, even when explained as security prerequisites. 

According to the Google Play Store's declaration, the application does not collect nor share user data, a statement which the government cited in its initial defense of the policy. The government, however, has limited its public communication around the order itself, which has exacerbated questions about consent and scope. 

A BBC spokesperson confirmed that the company has formally contacted the Department of Telecommunications seeking clarification on both the privacy posture of the application as well as what safeguards if any might apply to future updates and changes to the backend capabilities of the application. 

Roy, in addition, highlighted the fact that the requirements for compliance tend to conflict directly with long-standing policies maintained by most global handset manufacturers, particularly Apple, which in the past has resisted embedding government or third-party applications at the point of sale, and isn't likely to do so in the future either. 

The vast majority of handset manufacturers prohibit the installation of any government app or any external app before a handset is sold - except for the Chinese and Russian companies, Roy stated, adding that the Indian order effectively forbade manufacturers from deviating from long-established operating norms. 

Even though Android is the most prevalent smartphone in India, Apple's market share has become a crucial part of the policy's geopolitical undertones estimated at 4.5 percent by mid-2025 which has been attributed to the policy's geopolitical undertones. Apple has not yet issued a public statement about compliance, but it has been reported that they plan not to. 

Apple is planning to communicate its concerns with Delhi, according to sources cited by Reuters, while a Reuters report said the company would register its objections with the Indian government in writing. Apple was reported to not intend to comply with India's directive, and was planning on raising its concerns with the Indian government, as suggested in another Reuters report. 

Even though the comparison did little to soften its reception, the Indian directive is not completely without international precedent. According to a report published by the Russian media in August 2025, all Russian mobile phones and tablets sold domestically must carry the MAX messenger application endorsed by the government, sparking a similar debate around surveillance risks and digital autonomy. 

In this episode, India was placed along with a small but notable group of nations that have tightened device verification rules through a software-based approach to enforcement, rather than relying on telecom operators or network intermediaries for oversight. That parallel underscored the concerns of privacy advocates rather than eased them. 

This reinforced the belief that cybersecurity policies that rely on mandatory software, broad permissions, and silent updates - without transparent guardrails risk recalibrating the balance between fraud prevention and digital sovereignty for individuals.

Indian spyware mandate's brief rise and fall will probably outlast the order itself, leaving a policy inflection point that legislators, courts, and technology companies cannot ignore for the foreseeable future. This episode illustrates one of the most important aspects of modern security the debate shifts from intention to capability once software is a regulation instrument, instead of reassurance to verification once it becomes a regulatory instrument. 

The government globally faces legitimate pressure to curb digital fraud, secure device identities, and defend the telecom infrastructure. However, experts claim that trust isn't strengthened by force but by transparency, technical auditability, and clearly defined mandates anchored in law rather than ambiguity that strengthen trust.

For India, the controversy presents an opportunity not to retreat but instead to recalibrate. According to analysts, cybersecurity frameworks governing consumer devices should also contain public rule disclosures, third-party security assessments, granular consent architectures, sunset clauses for software updates from the state, and granular consent architectures. 

The groups who are representing the rights of digital citizens have also urged that future antifraud tools be activated with opt-ins, data minimization standards, local processing on devices, and not silent updates to the server without notification to the user.

However, the Sanchar Saathi debate has raised larger questions for democracies that are navigating mass digitization in the future who owns the software layer on personal hardware and how far can security imperatives extend before autonomy contracts are imposed? 

There is a growing consensus that the next decade of India's digital social contract will be defined by the answers, which will determine how innovation, security, and privacy coexist not just through negotiation, but through design as well.
Read more »
Mobile Security Tools
Android Android Smartphone cybersecurity breaches Cybersecurity measures iOS Mobile Security Mobile Security Tools

Swiss Startup Soverli Introduces a Sovereign OS Layer to Secure Smartphones Beyond Android and iOS

 

A Swiss cybersecurity startup, Soverli, has introduced a new approach to mobile security that challenges how smartphones are traditionally protected. Instead of relying solely on Android or iOS, the company has developed a fully auditable sovereign operating system layer that can run independently alongside existing mobile platforms. The goal is to ensure that critical workflows remain functional even if the underlying operating system is compromised, without forcing users to abandon the convenience of modern smartphones. 

Soverli’s architecture allows multiple operating systems to operate simultaneously on a single device, creating a hardened environment that is logically isolated from Android or iOS. This design enables organizations to maintain operational continuity during cyber incidents, misconfigurations, or targeted attacks affecting the primary mobile OS. By separating critical applications into an independent software stack, the platform reduces reliance on the security posture of consumer operating systems alone. 

Early adoption of the technology is focused on mission-critical use cases, particularly within the public sector. Emergency services, law enforcement agencies, and firefighting units are among the first groups testing the platform, where uninterrupted communication and system availability are essential. By isolating essential workflows from the main operating system, these users can continue operating even if Android experiences failures or security breaches. The same isolation model is also relevant for journalists and human rights workers, who face elevated surveillance risks and require secure communication channels that remain protected under hostile conditions.  

According to Soverli’s leadership, the platform represents a shift in how mobile security is approached. Rather than assuming that the primary operating system will always remain secure, the company’s model is built around resilience and continuity. The sovereign layer is designed to stay operational even when Android is compromised, while still allowing users to retain the familiar smartphone experience they expect. Beyond government and critical infrastructure use cases, the platform is gaining attention from enterprises exploring secure bring-your-own-device programs. 

The technology allows employees to maintain a personal smartphone environment alongside a tightly controlled business workspace. This separation helps protect sensitive corporate data without intruding on personal privacy or limiting device functionality. The system integrates with mobile device management tools and incorporates auditable verification mechanisms to strengthen identity protection and compliance. The underlying technology was developed over four years at ETH Zurich and does not require specialized hardware modifications. 

Engineers designed the system to minimize the attack surface for sensitive applications while encrypting data within the isolated operating system. Users can switch between Android and the sovereign environment in milliseconds, balancing usability with enhanced security. Demonstrations have shown secure messaging applications operating inside the sovereign layer, remaining confidential even if the main OS is compromised. Soverli’s approach aligns with Europe’s broader push toward digital sovereignty, particularly in areas where governments and enterprises demand auditable and trustworthy infrastructure. 

Smartphones, often considered a weak link in enterprise security, are increasingly being re-evaluated as platforms capable of supporting sovereign-grade protection without sacrificing usability. Backed by $2.6 million in pre-seed funding, the company plans to expand its engineering team, deepen partnerships with device manufacturers, and scale integrations with enterprise productivity tools. Investors believe the technology could redefine mobile security expectations, positioning smartphones as resilient platforms capable of operating securely even in the face of OS-level compromise.
Read more »
Tracking
Cookies GDPR Mobile Security Online Privacy Tracking

Cookies Explained: Accept or Reject for Online Privacy

 

Online cookies sit at the centre of a trade-off between convenience and privacy, and those “accept all” or “reject all” pop-ups are how websites ask for your permission to track and personalise your experience.Understanding what each option means helps you decide how much data you are comfortable sharing.

Role of cookies 

Cookies are small files that websites store on your device to remember information about you and your activity. They can keep you logged in, remember your preferred settings, or help online shops track items in your cart. 
  • Session cookies are temporary and disappear when you close the browser or after inactivity, supporting things like active shopping carts. 
  • Persistent cookies remain for days to years, recognising you when you return and saving details like login credentials. 
  • Advertisers use cookies to track browsing behaviour and deliver targeted ads based on your profile.
Essential vs non-essential cookies

Most banners state that a site uses essential cookies that are required for core functions such as logging in or processing payments. These cannot usually be disabled because the site would break without them. 

Non-essential cookies generally fall into three groups:
  • Functional cookies personalise your experience, for example by remembering language or region.
  • Analytics cookies collect statistics on how visitors use the site, helping owners improve performance and content.
  • Advertising cookies, often from third parties, build cross-site, cross-device profiles to serve personalised ads.

Accept all or reject all?

Choosing accept all gives consent for the site and third parties to use every category of cookie and tracker. This enables full functionality and personalised features, including tailored advertising driven by your behaviour profile. 

Selecting reject all (or ignoring the banner) typically blocks every cookie except those essential for the site to work. You still access core services, but may lose personalisation and see fewer or less relevant embedded third-party elements.Your decision is stored in a consent cookie and many sites will ask you again after six to twelve months.

Privacy, GDPR and control

Under the EU’s GDPR, cookies that identify users count as personal data, so sites must request consent, explain what is being tracked, document that consent and make it easy to refuse or withdraw it. Many websites outside the EU follow similar rules because they handle European traffic.

To reduce consent fatigue, a specification called Global Privacy Control lets browsers send a built-in privacy signal instead of forcing users to click through banners on every site, though adoption remains limited and voluntary. If you regret earlier choices, you can clear cookies in your browser settings, which resets consent but also signs you out of most services.
Read more »
Zero-Click Exploits
CISA advisory Mobile Security Spyware Zero-Click Exploits

Encrypted Chats Under Siege: Cyber-Mercenaries Target High-Profile Users

 

Encrypted Chats Under Siege Encrypted communication, once considered the final refuge for those seeking private dialogue, now faces a wave of targeted espionage campaigns that strike not at the encryption itself but at the fragile devices that carry it. Throughout this year, intelligence analysts and cybersecurity researchers have observed a striking escalation in operations using commercial spyware, deceptive app clones, and zero-interaction exploits to infiltrate platforms such as Signal and WhatsApp.
 
What is emerging is not a story of broken cryptographic protocols, but of adversaries who have learned to manipulate the ecosystem surrounding secure messaging, turning the endpoints themselves into compromised windows through which confidential conversations can be quietly observed.
  
The unfolding threat does not resemble the mass surveillance operations of previous decades. Instead, adversarial groups, ranging from state-aligned operators to profit-driven cyber-mercenaries, are launching surgical attacks against individuals whose communications carry strategic value.
 
High-ranking government functionaries, diplomats, military advisors, investigative journalists, and leaders of civil society organizations across the United States, Europe, the Middle East, and parts of Asia have found themselves increasingly within the crosshairs of these clandestine campaigns.
 
The intent, investigators say, is rarely broad data collection. Rather, the aim is account takeover, message interception, and long-term device persistence that lays the groundwork for deeper espionage efforts.
 

How Attackers Are Breaching Encrypted Platforms

 
At the center of these intrusions is a shift in methodology: instead of attempting to crack sophisticated encryption, threat actors compromise the applications and operating systems that enable it. Across multiple investigations, researchers have uncovered operations that rely on:
 
1. Exploiting Trusted Features
 
Russia-aligned operators have repeatedly abused the device-linking capabilities of messaging platforms, persuading victims—via social engineering—to scan malicious connection requests. This enables a stealthy secondary device to be linked to a target’s account, giving attackers real-time access without altering the encryption layer itself.
 
2. Deploying Zero-Interaction Exploits
 
Several campaigns emerged this year in which attackers weaponized vulnerabilities that required no user action at all. Specially crafted media files sent via messaging apps, or exploit chains triggered upon receipt, allowed silent compromise of devices, particularly on Android models widely used in conflict-prone regions.
 
3. Distributing Counterfeit Applications
 
Clone apps impersonating popular platforms have proliferated across unofficial channels, especially in parts of the Middle East and South Asia. These imitations often mimic user interfaces with uncanny accuracy while embedding spyware capable of harvesting chats, recordings, contact lists, and stored files.
 
4. Leveraging Commercial Spyware and “Cyber-For-Hire” Tools
 
Commercial surveillance products, traditionally marketed to law enforcement or intelligence agencies, continue to spill into the underground economy. Once deployed, these tools often serve as an entry point for further exploitation, allowing attackers to drop additional payloads, manipulate settings, or modify authentication tokens.
 

Why Encrypted Platforms Are Under Unprecedented Attack

 
Analysts suggest that encrypted applications have become the new battleground for geopolitical intelligence. Their rising adoption by policymakers, activists, and diplomats has elevated them from personal communication tools to repositories of sensitive, sometimes world-shaping information.
 
Because the cryptographic foundations remain resilient, adversaries have pivoted toward undermining the assumptions around secure communication—namely, that the device you hold in your hand is trustworthy. In reality, attackers are increasingly proving that even the strongest encryption is powerless if the endpoint is already compromised.
  
Across the world, governments are imposing stricter regulations on spyware vendors and reassessing the presence of encrypted apps on official devices. Several legislative bodies have either limited or outright banned certain messaging platforms in response to the increasing frequency of targeted exploits.
 
Experts warn that the rise of commercialized cyber-operations, where tools once reserved for state intelligence now circulate endlessly between contractors, mercenaries, and hostile groups, signals a long-term shift in digital espionage strategy rather than a temporary spike.
 

What High-Risk Users Must Do

 
Security specialists emphasize that individuals operating in sensitive fields cannot rely on everyday digital hygiene alone. Enhanced practices, such as hardware isolation, phishing-resistant authentication, rigid permission control, and using only trusted app repositories, are rapidly becoming baseline requirements.
 
Some also recommend adopting hardened device modes, performing frequent integrity checks, and treating unexpected prompts (including QR-code requests) as potential attack vectors.
Read more »
Subscribe to: Comments (Atom)