Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Technology
AGI AI vs humans Artificial General Intelligence Artificial Intelligence Google DeepMind Jeff Dean Technology

Google DeepMind’s Jeff Dean Says AI Models Already Outperform Humans in Most Tasks

 

With artificial intelligence evolving rapidly, the biggest debate in the AI community is whether advanced models will soon outperform humans in most tasks—or even reach Artificial General Intelligence (AGI). 

Google DeepMind’s Chief Scientist Jeff Dean, while avoiding the term AGI, shared that today’s AI systems may already be surpassing humans in many everyday activities, though with some limitations.

Speaking on the Moonshot Podcast, Dean remarked that current models are "better than the average person at most tasks" that don’t involve physical actions.

"Most people are not that good at a random task if you ask them to do that they've never done before, and you know some of the models we have today are actually pretty reasonable at most things," he explained.

However, Dean also cautioned that these systems are far from flawless. "You know, they will fail at a lot of things; they're not human expert level in some things, so that's a very different definition and being better than the world expert at every single task," he said.

When asked about AI’s ability to make breakthroughs faster than humans, Dean responded: "We're actually probably already you know close to that in some domains, and I think we're going to broaden out that set of domains." He emphasized that automation will play a crucial role in accelerating "scientific progress, engineering progress," and advancing human capabilities over the next "five, 10, 15, 20 years."
Read more »
Wealthy Families
Business Security Concierge Cyber Security Extortion Scheme Wealthy Families

Sophisticated Cyber Attacks on Rich Families Drive Demand for 24/7 Cybersecurity Concierge Services

 

Wealthy individuals are increasingly becoming prime targets for cybercriminals, driving a surge in demand for personal cybersecurity concierge services among high-net-worth families, wealth managers, and corporate executives. Recent high-profile incidents, including the hacking of Jeff Bezos' phone through a malicious WhatsApp video file and the Twitter account breaches of Bill Gates and Elon Musk for bitcoin scams, have highlighted the vulnerability of affluent individuals to sophisticated cyber threats. 

Growing target population 

Bill Roth, CEO of HardTarget, a cyber resilience firm specializing in wealthy families, emphasizes that "high-net-worth families are now the low-hanging fruit for cybercriminals". Despite possessing resources comparable to large corporations, these families often lack equivalent security measures, particularly for personal devices and home networks that remain inadequately protected compared to corporate systems. 

The scope of targeting extends beyond billionaires to include family offices and corporate leaders. According to JPMorgan Private Bank's 2024 Family Office Report, 24% of surveyed family offices experienced cybersecurity breaches or financial fraud, yet 20% still maintain no cybersecurity measures. Bobby Stover from Ernst & Young notes that major breaches affecting wealthy families often remain "under the radar" since families aren't obligated to disclose incidents and may choose silence due to shame. 

Evolving threat landscape 

Cybercriminals are employing increasingly sophisticated tactics, including extortion schemes that escalate demands from small initial payments to substantial sums. One case involved a family's son targeted through a Tinder-to-Instagram extortion scheme that escalated from $500 to $100,000 demands against the family patriarch. A 2023 Ponemon Institute survey revealed that 42% of IT professionals reported executives and family members facing cybercriminal attacks, with 25% experiencing seven or more attacks over two years. 

Financial institution response 

Major financial institutions are adapting their services to address these vulnerabilities. JPMorgan Private Bank now provides cybersecurity assistance to ultra-high-net-worth clients through their in-house Advice Lab, covering topics from multi-factor authentication to device privacy settings. Ila Van Der Linde from JPMorgan Asset & Wealth Management notes that 75% of cyberattacks target small and medium-sized enterprises, countering the misconception that family offices are "too small to be noticed". 

Comprehensive protection services 

Cybersecurity concierge services are filling critical gaps in personal digital security. Companies like BlackCloak offer 24/7 protection, conducting on-site evaluations and providing education for secure setups across multiple residences with interconnected security systems. These services address complex scenarios, such as a bank CEO discovering their home's smart camera system was accessible to anyone online due to improper configuration.

The trend reflects a broader digital transformation where personal cybersecurity mirrors physical security needs. As Christopher Budd from Sophos explains, "just as individuals employ personal security and bodyguards when facing heightened risks in the physical space, it is logical to see similar trends in digital security".
Read more »
Pin
ATM Card Skimming Credit Card Cyber Security debit cards Pin

How to Spot and Avoid Credit Card Skimmers

 



Credit and debit cards are now central to daily payments, but they remain vulnerable to fraud. Criminals have developed discreet tools, known as skimmers and shimmers, to steal card information at ATMs, fuel pumps, and retail checkout points. These devices are often designed to blend in with the machine, making them difficult for the average user to detect.


How Skimming Works

Skimming typically involves copying the data from the magnetic stripe on the back of a card. A more advanced variant, called shimming, targets the microchip by inserting a paper-thin device inside the card slot. Once the data is captured, it can be used to create duplicate cards or make unauthorized online purchases.

Fraudsters also exploit other tactics. Keypad overlays are placed over ATM keypads to capture PIN entries. Overlay skimmers, which fit over the card slot, may be paired with tiny hidden cameras aimed at the keypad to record PINs. In some cases, criminals rely on wireless skimmers that use Bluetooth or similar technology to transmit stolen information without needing to revisit the machine.


Spotting the Signs

Detecting a skimmer is challenging, but there are small clues to watch for. A card reader that feels loose, appears bulkier than normal, or is a different color from surrounding machines may have been tampered with. If the keypad looks newer than the rest of the ATM, or appears raised, it could be a false cover. Small holes or unusual attachments around the screen or card slot might conceal a hidden camera.


Protecting Yourself

While no precaution is foolproof, a few habits can reduce the risk of falling victim to skimmers:

• Use ATMs in bank branches or busy, well-lit areas, which are less likely to be compromised.

• Shield the keypad with your hand while entering your PIN.

• Monitor bank and credit card statements regularly and set up transaction alerts.

• Prefer contactless payments or mobile wallets when available.

• If something about a machine looks suspicious, trust your instincts and avoid it.


Acting Quickly Matters

Even the most careful consumer can be targeted. The important step is to act fast. If you notice unfamiliar charges or suspect your card was skimmed, contact your bank or card issuer immediately to block the card and report the incident. Most credit card users are not held liable for fraudulent charges if reported promptly, though business accounts may face stricter rules in this context.

As payment technologies develop, so do criminal tactics. Awareness remains the strongest defense. By staying alert to the signs of tampering and taking quick action when fraud is suspected, consumers can substantially ower the risks posed by skimming.


Read more »
WhatsApp
Chats Encryption EU Privacy Social Media WhatsApp

EU's Chat Control Bill faces backlashes, will access encrypted chats

EU's Chat Control Bill faces backlashes, will access encrypted chats

The EU recently proposed a child sexual abuse (CSAM) scanning bill that is facing backlashes from the opposition. The controversial bill is amid controversy just a few days before the important meeting.

On 12 September, the EU Council will share its final assessment of the Danish version of what is known as “Chat Control.” The proposal has faced strong backlash, as it aims to introduce new mandates for all messaging apps based in Europe to scan users’ chats, including encrypted ones. 

Who is opposing?

Belgium and the Czech Republic are now opposing the proposed law, with the former calling it "a monster that invades your privacy and cannot be tamed." The other countries that have opposed the bill so far include Poland, Austria, and the Netherlands. 

Who is supporting?

But the list of supporters is longer, including important member states: Ireland, Cyprus, Spain, Sweden, France, Lithuania, Italy, and Ireland. 

Germany may consider abstaining from voting. This weakens the Danish mandate.

Impact on encrypted communications in the EU

Initially proposed in 2022, the Chat Control Proposal is now close to becoming an act. The vote will take place on 14 October 2025. Currently, the majority of member states are in support. If successful, it will mean that the EU can scan chats of users by October 2025, even the encrypted ones. 

The debate is around encryption provisions- apps like Signal, WhatsApp, ProtonMail, etc., use encryption to maintain user privacy and prevent chats from unauthorized access. 

Who will be affected?

If the proposed bill is passed, the files and things you share through these apps can be scanned to check for any CSAM materials. However, military and government accounts are exempt from scanning. This can damage user privacy and data security. 

Although the proposal ensures that encryption will be “protected fully,” which promotes cybersecurity, tech experts and digital rights activists have warned that scanning can’t be done without compromising encryption. This can also expose users to cyberattacks by threat actors. 

Read more »
enterprise cybersecurity
AI Agent AI technology CRM CRM Software customized test benchmarks Cyber Security data security enterprise cybersecurity

Salesforce Launches AI Research Initiatives with CRMArena-Pro to Address Enterprise AI Failures

 

Salesforce is doubling down on artificial intelligence research to address one of the toughest challenges for enterprises: AI agents that perform well in demonstrations but falter in complex business environments. The company announced three new initiatives this week, including CRMArena-Pro, a simulation platform described as a “digital twin” of business operations. The goal is to test AI agents under realistic conditions before deployment, helping enterprises avoid costly failures.  

Silvio Savarese, Salesforce’s chief scientist, likened the approach to flight simulators that prepare pilots for difficult situations before real flights. By simulating challenges such as customer escalations, sales forecasting issues, and supply chain disruptions, CRMArena-Pro aims to prepare agents for unpredictable scenarios. The effort comes as enterprises face widespread frustration with AI. A report from MIT found that 95% of generative AI pilots does not reach production, while Salesforce’s research indicates that large language models succeed only about a third of the time in handling complex cases.  

CRMArena-Pro differs from traditional benchmarks by focusing on enterprise-specific tasks with synthetic but realistic data validated by business experts. Salesforce has also been testing the system internally before making it available to clients. Alongside this, the company introduced the Agentic Benchmark for CRM, a framework for evaluating AI agents across five metrics: accuracy, cost, speed, trust and safety, and sustainability. The sustainability measure stands out by helping companies match model size to task complexity, balancing performance with reduced environmental impact. 

A third initiative highlights the importance of clean data for AI success. Salesforce’s new Account Matching feature uses fine-tuned language models to identify and merge duplicate records across systems. This improves data accuracy and saves time by reducing the need for manual cross-checking. One major customer achieved a 95% match rate, significantly improving efficiency. 

The announcements come during a period of heightened security concerns. Earlier this month, more than 700 Salesforce customer instances were affected in a campaign that exploited OAuth tokens from a third-party chat integration. Attackers were able to steal credentials for platforms like AWS and Snowflake, underscoring the risks tied to external tools. Salesforce has since removed the compromised integration from its marketplace. 

By focusing on simulation, benchmarking, and data quality, Salesforce hopes to close the gap between AI’s promise and its real-world performance. The company is positioning its approach as “Enterprise General Intelligence,” emphasizing the need for consistency across diverse business scenarios. These initiatives will be showcased at Salesforce’s Dreamforce conference in October, where more AI developments are expected.
Read more »
Zero Day exploit
Apple Security CVSS Cybersecurity Threats iOS Mobile Device Protection Spyware Campaign Vulnerabilities and Exploits WhatsApp Vulnerability Zero Click Attack Zero Day exploit

WhatsApp 0-Day Exploited in Targeted Attacks on Mac and iOS Platforms

 


Providing a fresh reminder of the constant threat to widespread communication platforms, WhatsApp has disclosed and patched a vulnerability affecting its iOS and macOS applications. The vulnerability has already been exploited in real-world attacks, according to WhatsApp, which warns it may already have been exploited in the past. 

It has a CVSS score of 5.4 and is tracked as CVE-2025-55177. The vulnerability is caused by an insufficient level of authorisation when handling linked device synchronization messages. As a result of the vulnerability, WhatsApp has warned that a malicious actor could potentially compromise the security of users by manipulating content processing using arbitrary URLs on the target device. 

In a statement, the Meta-owned company credited its in-house security team with discovering and analyzing this bug, which is thought to have been exploited in combination with a recently revealed Apple zero-day vulnerability as part of targeted attacks on the company. The incident was deemed to be the result of an "advanced spyware campaign" by Donncha Cearbhaill of Amnesty International's Security Lab, which notes it had been active for approximately 90 days and used zero-click delivery techniques. 

Through this technique, attackers were able to spread malicious exploits through WhatsApp without requiring any interaction from the victim, allowing them to steal data from Apple devices silently and raising serious concerns about the resilience of even highly secure platforms. By way of spokesperson Margarita Franklin, Meta, the parent company of WhatsApp, confirmed that the flaw had been identified and patched several weeks ago, with notification sent to less than 200 users who had been affected. 

Even though the company has not attributed the operation to any specific threat actor or spyware vendor, the lack of attribution highlights how difficult it may be to trace such sophisticated campaigns when it comes to tracking them down. Technology providers are facing increasingly complex and stealthy attacks on popular communication tools, which is why the episode emphasizes the mounting challenges they face in defending them against such attacks. 

Recently, a critical flaw has been discovered in WhatsApp which has been catalogued as CVE-2025-55177, which has once again brought to the fore the security landscape around widely used communication platforms. Based on initial CVSS scores of 5.4 and 8.0, the vulnerability highlights how zero-day exploits continue to pose a challenge to users and device integrity, as well as undermine privacy and device integrity. 

It is believed that the root of the flaw is due to incomplete authorization in the handling of synchronization messages between linked devices. This weakness was the basis of the attack, which could be exploited as a tool to override the expected security features. Using this vulnerability, a malicious actor who has no legitimate association with the target could force a victim's device to process content from an arbitrary URL on its own behalf if exploited. 

The manipulation of trusted communication channels could serve as an entry point for remote code execution, or unauthorized delivery of malicious content, directly from the attacker's infrastructure, which can then be used to deliver malicious content. In such a scenario, users' trust is not only compromised, but it also highlights how vulnerable application-level security measures can be if authorization mechanisms are not properly enforced. 

There is an added level of seriousness to this discovery, since the exploit appears to have been a zero-click attack. In contrast to conventional attacks that require the user to open a file or click on a link, zero-click exploits do not require the user to interact with them whatsoever, which significantly reduces the chances of detection. 

As a result of silent compromises, attackers are able to install spyware or malicious code swiftly, discreetly, and with little or no trace until the damage has been done. WhatsApp's internal security team believes that the CVE-2025-55177 vulnerability was not an isolated occurrence. Rather than being isolated from the other vulnerability within Apple's ecosystem, it is thought to have been chained together with a separate vulnerability within the Apple ecosystem – CVE-2025-43300 – to allow sophisticated, targeted attacks.

In the Apple case, a CVSS score of 8.8 was assigned to the ImageIO framework that was characterized by an out-of-bounds write condition. When these vulnerabilities occur during the processing of images, they can corrupt memory, giving way to deeper system-level vulnerabilities. An exploit chaining strategy, whereby an application-level bug is paired up with an operating system vulnerability in order to maximize the scope and stealth of a campaign, is an increasingly popular strategy among advanced adversaries as a means of maximizing the scope and stealth of their operations. 

On August 20, Apple updated its entire product line in order to address CVE-2025-43300, issuing patches for iOS 18.6.2, iPadOS 18.6.2, and 17.7.10, Mac OS Sequoia 15.6.1, Mac OS Sonoma 14.7.2, and Mac OS Ventura 13.7.1. It was noted in the advisory that while the company had refrained from providing detailed technical details, they had been aware of reports that the flaw had already been exploited against specific individuals by users in the wild.

In line with the tactics used by state-sponsored groups and well-funded spyware vendors, these attacks were highly targeted and not indiscriminate, as they suggest that these attacks were highly targeted and not indiscriminate. In addition to mitigating the threat quickly, WhatsApp has also quickly rolled out patches that fix CVE-2025-55177 on all its platforms, rolling it out in late July and early August 2025. As with Apple, WhatsApp's version of iOS 2.2.21.73, WhatsApp Business, and WhatsApp for Mac all came with the patches. 

However, as Apple did, WhatsApp did not provide details of the observed attacks, and provided limited commentary on the nature or scale of the exploitation. The reticence that occurs when a zero-day exploitation is being actively exploited is not unusual, as revealing too much could help threat actors improve their techniques inadvertently. 

While the extent of the campaign is still unknown, the operational sophistication implied by these exploits suggests that an adversary with adequate resources has been engaged in this operation. This is because of the fact that zero-click vectors are being used as well as the seamless chaining of vulnerabilities across both application and operating system layers, which illustrates how complex cyber threats are becoming. 

In the broader context of these incidents, it is important to recognize that attackers are increasingly using multi-layered exploit chains to get around user defenses, get past traditional detection methods, and implant spyware in a highly precise manner. Taking a broader perspective of the WhatsApp and Apple vulnerabilities, it is important to note that today's interconnected digital environment creates a precarious balance between convenience and security. 

With the rapid expansion of messaging platforms, the attack surface is inevitably bound to increase, allowing adversaries to find weaknesses more easily. According to recent disclosures, it is imperative that timely patches, rigorous vulnerability management, and ongoing collaboration between vendors be implemented so that coordinated, high-level exploitation campaigns are limited in impact. 

In order to defend against zero-click exploit campaigns that leverage zero-click exploits, security specialists advise that a routine patch application does not suffice. There is a growing need for organizations to adopt a layered defense strategy that integrates technical safeguards with operational discipline in order to reduce exposure. 

Among the steps to take is updating WhatsApp and other messaging platforms to the most recent patched versions, enforcing mobile device management (MDM) baselines, and implementing solutions for detection and response of mobile endpoints (EDR) that can be used to detect as well as analyse the data. To further enhance resilience, system logs can be monitored for unusual activity, command-and-control traffic can be blocked at the network level, and threat intelligence data can be utilized. 

To eliminate possible persistence mechanisms, factory resets should be recommended when a compromise is suspected. Likewise, it is crucial to build user awareness by providing training on spyware risks and incident reporting, in addition to reviewing incident response playbooks to ensure they address zero-day and zero-click exploitation scenarios. In addition to these practices, organizations should adopt strict communication security policies, and conduct regular third-party risk assessments in order to strengthen their defense against stealthy spyware operations and reduce the impact of sophisticated intrusion attempts on their systems. 

There has been a sharp reminder resulting from the revelations surrounding WhatsApp and Apple vulnerabilities that no platform, no matter how popular or secure it appears to be, is immune to exploitation. In this day and age, zero-click spyware is becoming increasingly sophisticated, which underscores the necessity to treat mobile device security as a strategic priority rather than something people take for granted. 

The best way to do this for individuals would be to develop the habit of downloading and installing software updates as soon as they become available, to exercise caution when unusual behavior occurs on their mobile devices, and to consider the use of trusted mobile security tools. 

Organizations need to shift from compliance checklists and develop a culture of proactive resilience rather than relying on compliance checklists. This means investing in multiple defenses, continuous monitoring, and cross-team collaboration between the IT, security, and legal departments in order to better detect and contain incidents.

It is imperative that technology vendors, independent researchers, and civil society organisations collaboratively work together in order to hold spyware operators accountable for their actions and ensure that users retain trust in their digital communications in the future. 

In spite of vulnerabilities continuing to be found in the digital ecosystem, a combination of rapid response, transparency, and a security-first mindset can turn such incidents into opportunities for stronger defenses and more resilient digital ecosystems by eliminating vulnerabilities as quickly as possible.
Read more »
Vulnerability management
AI in cybersecurity Artificial Intelligence cybersecurity automation preemptive exposure management Vulnerability management

From Vulnerability Management to Preemptive Exposure Management

 

The traditional model of vulnerability management—“scan, wait, patch”—was built for an earlier era, but today’s attackers operate at machine speed, exploiting weaknesses within hours of disclosure through automation and AI-driven reconnaissance. The challenge is no longer about identifying vulnerabilities but fixing them quickly enough to stay ahead. While organizations discover thousands of exposures every month, only a fraction are remediated before adversaries take advantage.

Roi Cohen, co-founder and CEO of Vicarius, describes the answer as “preemptive exposure management,” a strategy that anticipates and neutralizes threats before they can be weaponized. “Preemptive exposure management shifts the model entirely,” he explains. “It means anticipating and neutralizing threats before they’re weaponized, not waiting for a CVE to be exploited before taking action.” This proactive model requires continuous visibility of assets, contextual scoring to highlight the most critical risks, and automation that compresses remediation timelines from weeks to minutes.

Michelle Abraham, research director for security and trust at IDC, notes the urgency of this shift. “Proactive security seems to have taken a back seat to reactive security at many organizations. IDC research highlights that few organizations track all their IT assets which is the critical first step towards visibility of the full digital estate. Once assets and exposures are identified, security teams are often overwhelmed by the volume of findings, underscoring the need for risk-based prioritization,” she says. Traditional severity scores such as CVSS do not account for real-world exploitability or the value of affected systems, which means organizations often miss what matters most. Cohen stresses that blending exploit intelligence, asset criticality, and business impact is essential to distinguish noise from genuine risk.

Abraham further points out that less than half of organizations currently use exposure prioritization algorithms, and siloed operations between security and IT create costly delays. “By integrating visibility, prioritization and remediation, organizations can streamline processes, reduce patching delays and fortify their defenses against evolving threats,” she explains.

Artificial intelligence adds another layer of complexity. Attackers are already using AI to scale phishing campaigns, evolve malware, and rapidly identify weaknesses, but defenders can also leverage AI to automate detection, intelligently prioritize threats, and generate remediation playbooks in real time. Cohen highlights its importance: “In a threat landscape that moves faster than any analyst can, remediation has to be autonomous, contextual and immediate and that’s what preemptive strategy delivers.”

Not everyone, however, is convinced. Richard Stiennon, chief research analyst at IT-Harvest, takes a more skeptical stance: “Most organizations have mature vulnerability management programs that have identified problems in critical systems that are years old. There is always some reason not to patch or otherwise fix a vulnerability. Sprinkling AI pixie dust on the problem will not make it go away. Even the best AI vulnerability discovery and remediation solution cannot overcome corporate lethargy.” His concerns highlight that culture and organizational behavior remain as critical as the technology itself.

Even with automation, trust issues persist. A single poorly executed patch can disrupt mission-critical operations, leading experts to recommend gradual adoption. Much like onboarding a new team member, automation should begin with low-risk actions, operate with guardrails, and build confidence over time as results prove consistent and reliable. Lawrence Pingree of Dispersive emphasizes prevention: “We have to be more preemptive in all activities, this even means the way that vendors build their backend signatures and systems to deliver prevention. Detection and response is failing us and we're being shot behind the line.”

Regulatory expectations are also evolving. Frameworks such as NIST CSF 2.0 and ISO 27001 increasingly measure how quickly vulnerabilities are remediated, not just whether they are logged. Compliance is becoming less about checklists and more about demonstrating speed and effectiveness with evidence to support it.

Experts broadly agree on what needs to change: unify detection, prioritization, and remediation workflows; automate obvious fixes while maintaining safeguards; prioritize vulnerabilities based on exploitability, asset value, and business impact; and apply runtime protections to reduce exposure during patching delays. Cohen sums it up directly: security teams don’t need to find more vulnerabilities—they need to shorten the gap between detection and mitigation. With attackers accelerating at machine speed, the only sustainable path forward is a preemptive strategy that blends automation, context, and human judgment.
Read more »
TransUnion
Consumer Protection Cybersecurity Data Breach Identity Theft Social Engineering third-party risk TransUnion

Credit Bureau TransUnion Confirms Breach Impacting Millions


 

In the apparent wake of growing threats to consumers' personal information, credit reporting giant TransUnion has recently announced a cybersecurity incident that exposed personal information from more than 4.4 million Americans. Several regulators and state attorneys general have confirmed that the breach took place on July 28, 2025, and was discovered just two days later by investigators. 

Among the data exposed was sensitive information such as names, Social Security numbers, and dates of birth, which were linked to a third-party application that was used by TransUnion in its U.S. consumer operations. In its statement, TransUnion clarified that the breach was limited in scope, clarifying that its internal systems and core credit reporting databases were not impacted by the breach. 

The company also stated that no credit reports or core financial records - information that could be highly valuable to fraudsters - were accessed by anyone. TransUnion filed notifications in Maine and Texas indicating that the incident was related to a third-party platform that was reportedly linked to Salesforce, rather than TransUnion's own infrastructure. 

Despite the company’s description of the exposure, which was limited to “some limited personal data”, the magnitude of the breach underscores the ongoing risks associated with external service providers in the financial services industry. 

Recent years have seen a growing concern for credit bureaus as consumer information has become increasingly attractive to cybercriminals as a target. This latest security incident is another in a long string of security incidents that have impacted major financial institutions in recent years, highlighting the difficulty of safeguarding sensitive information across a complex digital ecosystem. 

In addition to Experian and Equifax, TransUnion is one of the nation's "big three" credit reporting agencies, and together with them, they play an important role in shaping our nation's financial system by compiling detailed credit histories on nearly every consumer who has an active credit history. These files are used to create credit reports that lenders, landlords, and employers use in order to gauge a person's financial security, and they are also used to build widely known scoring models like FICO. 

This is the method by which lenders, landlords, and employers use to calculate a credit score that is composed of three digits. It is therefore natural for breaches involving such institutions to have such a significant impact on consumers and the economy as a whole. Taking a step in response to the latest incident, TransUnion has begun to send out letters to affected individuals directly and has urged consumers to contact the fraud helpline at 1-800-516-4700, which is open on weekdays, to find out if they are in good standing. 

In addition, experts suggest that consumers periodically review their credit reports across the three credit bureaus—which can be accessed for free once a week by visiting AnnualCreditReport.com.com—to see if there are any inaccuracies or if there are signs that something is amiss. As a measure of further security, paid services, like MyFico, can track FICO scores in real time and monitor fraud, while platforms like Credit Karma and WalletHub offer free VantageScore reports to subscribers who enrol in them. 

The TransUnion company initially stated that there had been no compromise of credit files; however, subsequent disclosures told a much more troubling story. According to regulatory filings filed with the Texas Attorney General’s office, among the exposed data set were names, dates of birth, and Social Security numbers, which are some of the most sensitive identifiers in the world today. 

There is no way to monitor or reset Social Security numbers, unlike credit information, which can be monitored or reset, and it may serve as a gateway to long-term identity theft and fraud. Several financial security experts warn that such information can be used for a number of purposes, including opening unauthorised credit lines, applying for loans or government benefits under stolen identities, submitting false tax returns, and other financial crimes. 

Considering that TransUnion is among the largest credit bureaus in the nation and holds records on over 260 million Americans, this breach raises serious concerns about the resilience of institutions that safeguard some of the country’s most critical consumer information. As a consequence of the breach, which was detected on July 28  and contained within hours, affected individuals have now been notified about it. 

There has been no compromise of TransUnion's core credit database or consumer credit reports, a company that is among the nation's three primary credit bureaus, along with Equifax and Experian. Rather, the intrusion was traced back to a third-party application supporting U.S. consumer operations, where unauthorised access allowed for the publication of limited personal information. According to court filings in Maine and Texas, however, names, birthdates, and Social Security numbers were among the data that had been compromised. 

In order to assess the full scope of this incident, TransUnion has engaged an independent cybersecurity expert to conduct a forensic analysis. The incident occurred in the midst of a large wave of cyberattacks targeting Salesforce-connected software. In June, Google revealed that hackers were using modified versions of Salesforce-related tools for infiltration and stealing large amounts of sensitive data from cloud systems. ShinyHunters, a cybercriminal organisation suspected of being involved in such campaigns, has been accused of using extortion tactics against employees of victim companies.

Security researchers have noted that some of the biggest corporations in the world have been breached in similar ways in recent months, including Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel, and Qantas. This highlights the importance of supply-chain vulnerabilities in a wide range of popular platforms as well as the dangers they pose. 

According to Salesforce, social engineering attacks against users, and not flaws in Salesforce's platform, were at fault, as it has maintained. A comparison is inevitably drawn with Equifax's 2017 data breach, one of the biggest in U.S. history, in which 147 million Americans' personal data was exposed, costing the company nearly $700 million in settlements and fines, and ultimately causing the company to lose millions of dollars. 

In the wake of this incident, congressional hearings were held and scrutiny of the credit reporting industry heightened, which led to state and federal government reforms aimed at strengthening consumer data protection. As a result of the TransUnion breach, security experts are once again urging the affected to be vigilant, reviewing their credit reports, setting up fraud alerts, and monitoring their accounts to ensure that unusual activity does not occur. 

As of right now, AnnualCreditReport.com is providing free weekly credit reports from all three major credit bureaus. Additional monitoring services may also provide a means of detecting signs of fraud, while in the meantime, Schubert Jonckheer & Kolbe has announced an investigation into the TransUnion incident, signalling the possibility of further litigation. 

TransUnion has yet to provide any details regarding the new safeguards that TransUnion intends to implement, nor has it specified whether financial restitution will be provided to victims. There have been a growing number of high-profile breaches involving third-party providers, which have been attributed to vulnerabilities in those third parties during the last few years.

For example, in June 2025, a cyberattack against chains IQ chain exposed proprietary data and banking information of the banking giant UBS. The following month, Allianz Life announced that a compromised cloud-based customer relationship management system had been used to obtain personal information regarding the majority of the company's 1.4 million American customers. That same month, Qantas confirmed that approximately six million customer records were exposed after hackers breached a third-party customer service platform on which Qantas had relied. 

Researchers have identified many of these incidents as related to cybercriminal groups such as ShinyHunters and Scattered Spider, both of which specialise in exploiting third-party information technology and cloud providers, and both of which specialise in using advanced social engineering tactics to do so. A number of these groups are thought to be associated with "The Com," a sprawling, loosely organised, cybercriminal community comprised of thousands of English-speaking actors who have collaborated on data theft, extortion, and fraud campaigns across a wide range of industries. 

A number of recent incidents have highlighted the persistent vulnerability of third-party platforms, as well as the increasing sophistication of cybercriminal groups attacking the financial services industry. As consumers are reminded by the breach, even when core systems remain intact, the theft of identifying information like Social Security numbers can result in long-term impacts that go beyond the initial intrusion, even if the original intrusion is not detected. 

It is highly recommended that individuals do more than simply review their credit reports—by freezing their credit with all three credit bureaus, a person is preventing the opening of a new account in their name by criminals, while a fraud alert can assist in making it more difficult for the criminals to take advantage of stolen information. 

Moreover, consumers should also consider employing identity monitoring tools that can provide them with the ability to scan the dark web for compromised information before potential misuse turns into financial damage. 

There is also a clear lesson to be learned from reliance on third-party applications: organisations need not only contractual protection but also continuous monitoring, rigorous vetting, and layers of defence to prevent unauthorised access to their systems. Increasingly, supply chain attacks will be a growing problem, and resilience will be dependent upon proactive investment in security as well as consumer awareness of the threats.
Read more »
Personal Information
Dark Web Data Breach data security Data Theft Discord Discord Users leaked sensitive data personal data security Personal Information

Nearly Two Billion Discord Messages Scraped and Sold on Dark Web Forums

 

Security experts have raised alarms after discovering that a massive collection of Discord data is being offered for sale on underground forums. According to researchers at Cybernews, who reviewed the advertisement, the archive reportedly contains close to two billion messages scraped from the platform, alongside additional sensitive information. The dataset allegedly includes 1.8 billion chat messages, records of 35 million users, 207 million voice sessions, and data from 6,000 servers, all available to anyone willing to pay. 

Discord, a platform widely used for gaming, social communities, and professional groups, enables users to connect via text, voice, and video across servers organized around different interests. Many of these servers are open to the public, meaning their content—including usernames, conversations, and community activity—can be accessed by anyone who joins. While much of this information is publicly visible, the large-scale automated scraping of data still violates Discord’s Terms of Service and could potentially breach data protection regulations such as the EU’s General Data Protection Regulation (GDPR) or California’s Consumer Privacy Act (CCPA).

The true sensitivity of the dataset remains unclear, as no full forensic analysis has been conducted. It is possible that a significant portion of the messages and voice records were collected from publicly accessible servers, which would reduce—but not eliminate—the privacy concerns. However, the act of compiling, distributing, and selling this information at scale introduces new risks, such as the misuse of user data for surveillance, targeted phishing, or identity exploitation. 

Discord has faced similar challenges before. In April 2024, a service known as Spy.Pet attempted to sell billions of archived chat logs from the platform. That operation was swiftly shut down by Discord, which banned the associated accounts and confirmed that the activity violated its rules. At the time, the company emphasized that automated scraping and self-botting were not permitted under its Terms of Service and stated it was exploring possible legal action against offenders. 

The recurrence of large-scale scraping attempts highlights the ongoing tension between the open nature of platforms like Discord and the privacy expectations of their users. While public servers are designed for accessibility and community growth, they can also be exploited by malicious actors seeking to harvest data en masse. Even if the information being sold in the latest case is largely public, the potential to cross-reference user activity across communities raises broader concerns about surveillance and abuse. 

As of now, Discord has not issued an official statement on this latest incident, but based on previous responses, it is likely the company will take steps to disrupt the sale and enforce its policies against scraping. The incident serves as another reminder that users on open platforms should remain mindful of the visibility of their activity and that service providers must continue to balance openness with strong protections against data misuse.
Read more »
Technology
Biometric data Courtroom Evidence Privacy and Encryption Smartwatch data Technology

Smartwatch on the Stand: How Wearable Data Is Turning Into Courtroom Evidence

 

Fitness trackers and smartwatches are increasingly becoming digital witnesses in legal proceedings, with biometric data from Apple Watch, Fitbit, and similar devices now regularly used as evidence in murder, injury, and insurance cases across the country. 

Wearables transform into legal liabilities 

Your smartwatch creates minute-by-minute digital testimony that prosecutors, personal injury lawyers, and insurance companies can subpoena. The granular biometric and location data automatically syncing to manufacturer clouds transforms wearable devices into potential witnesses that users never intended to create. 

Criminal cases demonstrate how powerful this evidence can be. In the Dabate murder case, a suspect's alibi collapsed when his wife's Fitbit showed her moving well after he claimed she was killed. Similarly, an Apple Watch in Australia pinpointed a victim's exact death window, directly contradicting the suspect's testimony.

These devices record GPS coordinates, movement patterns, heart rate spikes, and sleep disruption with forensic precision, creating evidence more detailed than browsing history. Unlike deleted texts, this data automatically syncs to manufacturer servers where companies retain it for extended periods under their data policies. 

Federal courts approve smartwatch data requests using the "narrow, proportional, and relevant" standard when evaluating discovery requests. Personal injury lawsuits increasingly subpoena activity logs to prove or disprove disability claims, where step counts either support or destroy injury narratives. 

Traffic accident cases utilize GPS data to establish whether individuals were walking, driving, or stationary during critical moments. Major manufacturers like Apple and Garmin explicitly state in privacy policies that they'll comply with lawful requests regardless of user preferences. The third-party doctrine means data shared with cloud providers enjoys weaker privacy protections than information stored on locked phones. 

Protection strategies 

Users can limit legal exposure through strategic privacy settings without eliminating functionality. Key recommendations include reviewing companion app privacy settings to minimize cloud syncing, enabling device-level encryption and strong authentication, and treating smartwatch data like financial records that could face future legal scrutiny. 

Additional protective measures involve limiting third-party app permissions and understanding manufacturer data retention policies before information becomes discoverable evidence. With over 34% of adults now wearing fitness trackers daily, the judicial system's reliance on wearable data will only intensify.
Read more »
Technology
data localization data sovereignty enterprise IT resilience generative AI governance hybrid multicloud Technology

Data Sovereignty in the Age of Geopolitical Uncertainty

 

From the ongoing war in Ukraine, to instability in the Middle East, and rising tensions in the South China Sea, global conflicts are proving that digital systems are deeply exposed to geopolitical risks. Speaking at London Tech Week, UK Prime Minister Keir Starmer highlighted how warfare has evolved, noting that it “has changed profoundly,” and emphasizing that technology and AI are now “hard wired” into national defense. His remarks underscored a critical point—IT infrastructure and data management must be approached with security at the forefront.

But achieving this is no easy task. New research from Civo reveals that 83% of UK IT leaders believe geopolitical pressures threaten their ability to control data, while 61% identify sovereignty as a strategic priority. Yet, only 35% know exactly where their data is located. This isn’t just a compliance concern—it signals a disconnect between infrastructure, policy, and long-term strategy.

Once seen as a policy or legal issue, data sovereignty is now a live operational necessity. With regulatory fragmentation, mounting cyber threats, and increasingly complex data ecosystems, organizations must actively manage sovereignty. Whether it’s controlling access to AI training data or meeting residency rules in healthcare, sovereignty dictates what businesses can and cannot do.

Legislative frameworks such as the EU Data Act, the UK’s evolving stance post-Brexit, and stricter critical infrastructure policies are shaping enterprise resilience. As Lord Ricketts stated in the House of Lords, “the safe and effective exchange of data underpins our trade and economic links with the EU and co-operation between our law-enforcement bodies.” Building trust now depends on robust and enforceable data governance.

Public cloud adoption has given many businesses the illusion of flexibility, but moving quickly isn’t the same as moving securely. Data localization, jurisdictional controls, and aligned security policies must be central to enterprise strategy. This demands a shift: design IT systems for agility with control, or risk disruption when regulations inevitably change.

Sovereignty-aware infrastructure is not about isolation, but about visibility, governance, and adaptability. Organizations must know where data is stored, who can access it, how it travels, and which policies apply at each stage. A hybrid multicloud approach offers the flexibility to scale, while keeping sovereignty and governance intact. For instance, financial firms may need to keep sensitive transaction data within the UK but still run analytics in the cloud—an architecture that enables agility without sacrificing compliance.

Generative AI further complicates sovereignty. Training models with private datasets, deploying inference at the edge, or simply exchanging prompts across jurisdictions introduces new risks. Many businesses have embraced AI without aligning deployments with residency or compliance requirements. Sovereignty now extends beyond storage—it covers compute, access patterns, and third-party model interactions.

Building sovereignty into design requires collaboration between IT, legal, and compliance teams, as well as infrastructure that supports location-aware policies from day one. Research from Nutanix shows the urgency: 94% of public sector bodies are using generative AI tools, yet 92% admit their security isn’t sufficient, and 81% say their infrastructure falls short of sovereignty needs.

Customers and partners are increasingly demanding transparency—knowing where data resides, how it is used, and whether governance is enforced. Regulators are also raising expectations beyond “checkbox compliance.” In sectors like healthcare, education, finance, and government, sovereignty is now synonymous with trust and continuity.

The path forward starts with clarity. Organizations must know where their data lives, what laws apply, and whether their infrastructure can support hybrid deployment, location controls, and detailed audits. They must also plan for generative AI workloads with sovereignty in mind, ensuring scale does not come at the expense of compliance.

Ultimately, sovereignty should be treated not as a restriction, but as a design principle. Businesses that do this will not only remain compliant but will also build resilience, transparency, and long-term trust. In an environment where data moves faster than regulation, maintaining control is no longer optional—it is fundamental to good governance and sound business strategy.
Read more »
Subscribe to: Comments (Atom)