You are here

Topic: Security

Indian companies face the threat of cyberattacks which needs a robust system but it seems very few businesses are ready for the battle. News 

Report: Only 4 Percent of Indian Companies are Prepared for Major Cyber Attacks

Adarsh V.K

Cyber attacks are a major threat, and most companies recognize the need to arm themselves with weapons to deal with major incidents. However, only 4 percent of organizations in India have the “mature” level of preparedness needed to counter modern cyber security risks, a new report released on Thursday showed. According to Cisco’s 2024 Cyber Security Readiness Index, preparedness is critical, with 82 percent of respondents saying a cybersecurity breach is likely to disrupt their business in the next 12 to 24 months. However, 88 percent of companies still feel…

Read More
Chinese hackers targetting US critical infrastructure, FBI director warns (Pixabay) News 

FBI director warns that Chinese hackers are resolute in causing chaos to US critical infrastructure.

Sanjay Patil

During a recent testimony to House lawmakers, FBI Director Chris Wray issued a new cautionary statement regarding China’s global aspirations, revealing that Chinese government hackers are actively focusing on vital infrastructure such as water treatment plants, the electrical grid, and transportation systems within the United States. Underscoring the threat, the Justice Department and FBI announced just before the hearing that they had disrupted a botnet of hundreds of small office and home routers owned by private US citizens and businesses that have been hijacked by Chinese state hackers to cover…

Read More
iPhone only supports apps downloaded from the App Store but Apple has a different rule for apps that are being tested by developers. News 

Read here to learn about the significant security issue posing a hacking risk for iPhone users.

Adarsh V.K

Apple makes high claims about the privacy and security of its platforms, including iOS for iPhone users. But recent developments suggest the company may have a clear loophole that hackers can exploit without warning. Developers can preview their apps in the App Store using the TestFlight program, where Apple is lenient with apps released for testing. And hackers have reportedly realized the possibility of pushing spyware through the third-party keyboards you can use on iPhones. Details of these attacks have been shared by Certo Software, a UK-based cyber security company.…

Read More
Password managers help you avoid the tedious process of knowing all the details for your accounts but are they safe? News 

Security Experts Issue Warning About Using Password Managers on Your Phone

Febin Mathew

Remembering all the passwords for your accounts is a difficult task, and that’s where password managers help you keep all your passwords in one place. However, security experts have warned of a major problem with password management that could expose your credentials to any bad actors who can exploit a loophole in these apps. This was reported by researchers at the International Institute of Information Technology (IIIT) in Hyderabad, India, during the Black Hat conference in Europe. So what is the problem with password managers that affects millions of users?…

Read More
Windows Hello is the biometric security feature for laptop users that has let you sign in without using passwords. News 

Fingerprinting Your PC: Is Your Security at Risk?

Adarsh V.K

Microsoft released Windows Hello as a password-free option for Windows laptops. You can log in to your computer using a PIN code, face recognition or fingerprint sensor. The company has made big claims that its Hello security is reliable and not that easy to bypass. Well, a team of researchers has proven otherwise by cracking the fingerprint scanner on Dell, Lenovo, and Microsoft laptops. The most interesting part of these details is that Microsoft asked security researchers to test the security levels of fingerprint scanners on laptops today. The company…

Read More
Biometric verification methods are highly effective against these kinds of fraud, with liveness checks utilised to prevent spoofing. News 

Report Predicts Global Digital ID Verification To Reach 70 Billion By 2024

Adriana Marais

The number of digital identity checks will surpass the 70 billion mark in 2024, up 16 percent from the previous year’s 61 billion, a new report showed Monday. According to a Juniper Research report, this growth is due to companies adopting stronger biometric authentication methods to combat account takeover and card-not-present fraud. Biometric authentication methods are very effective against such fraud, and liveness checks are used to prevent scams. The report predicts that the banking sector will have the largest number of checks at 37 billion in 2024, accounting for…

Read More
The Lazarus hacking group's wallets contain about $42.5 million in BTC, $1.9 million in Ether (ETH), $1.1 million in Binance Coin (BNB), and an additional $640,000 in stablecoins, with Binance USD (BUSD) dominant, a new report has revealed. News 

North Korean Cybercriminals Possess $47 Million in Illegally Obtained Cryptocurrency

Febin Mathew,

North Korean Hackers – The Lazarus Group is said to be in possession of more than $47 million in cryptocurrencies, most of which is in Bitcoin (BTC), a new report shows. According to data collected by Dune Analytics, a subsidiary of 21.co, the infamous hacking group has about $42.5 million in BTC, $1.9 million in Ether (ETH), $1.1 million in Binance Coin (BNB), and an additional $640,000 in wallets stable coins. Binance USD (BUSD) dominant. The report traced 295 wallets identified by the US government as belonging to the Lazarus…

Read More
"They're all bad." News 

25 Car Brands Fail Basic Data Privacy Tests, Tesla Ranked as ‘Creepiest’ by Mozilla

Adriana Marais

According to research published on Wednesday, the Mozilla Foundation, a non-profit organization, has declared cars as the “most problematic product category” in terms of data privacy. The foundation’s Privacy Not Included Research division evaluates various products, ranging from smart home devices to health and wellness apps. However, out of the 25 car brands examined by the research team, none of them managed to meet the required standards, with renowned brands such as Tesla, Nissan, and Hyundai ranking among the worst performers. Tesla was rated for unreliable use of AI, making…

Read More
The basic plan now costs $80 a year in the US. News 

Google Increases Cost of Nest Aware Subscription by $20

Adriana Marais,

According to 9to5Google, Google Nest device users in the US will now have to pay a minimum of $20 extra to access advanced features and longer footage history for their security cameras and doorbells. The tech company has notified subscribers that the standard Nest Aware subscription has increased to $8 per month or $80 per year, compared to the previous rates of $6 per month or $60 per year when paid annually. The company started offering whole-home Nest Aware subscription packages that cover all of a user’s devices back in…

Read More
The brand's new product category puts it in competition with Ring. News 

Philips Hue Introduces Home Security with New Secure Cameras

Adriana Marais,

Signify, the company that emerged from Philips and is famous for its Hue lighting products, has revealed a fresh line of security products that will directly rival Ring and Nest. These new offerings, set to hit the market in the coming months, encompass Philips Hue Secure cameras in both wired and wireless (battery-powered) options. These cameras boast a high-definition 1080p video stream with night vision capabilities. You can use the cameras to talk to a guest or driver outside your door, and you can program them to work with Hue…

Read More
The MTA's OMNY website shows a seven-day ride history with only a credit card number. News 

Tracking NYC Subway Riders’ Journeys Made Possible by Security Flaw

Adarsh V.K,

New York City’s subway contactless payment system has a security vulnerability that exposes users’ credit card information. This flaw allows anyone with access to a person’s credit card number to track their recent subway entries within the past week. The issue stems from a “feature” on OMNY’s website, the Metropolitan Transportation Authority’s tap-to-pay system, which enables users to view their ride history solely by using their credit card details. Surprisingly, even subway entries made through Apple Pay, which provides a virtual number instead of the actual one, still manage to…

Read More
The takedowns were part of "the most prolific covert influence operation" the company has ever seen. News 

Meta Removes Thousands of Accounts Connected to Chinese Propaganda Effort

Jim Hendler, ,

Meta has disclosed information regarding a vast network of counterfeit accounts that aimed to disseminate pro-China propaganda on its platform. The company revealed that these account takedowns were connected to individuals affiliated with Chinese law enforcement, who also managed comparable fraudulent accounts across numerous other platforms. While the company regularly shares updates on taking down fake accounts linked to widespread manipulation, Meta’s security researchers said the latest effort was particularly significant given the size and scope of the operation. In total, Meta shut down 7,704 Facebook accounts, 954 pages, 15…

Read More
The unnamed hackers targeted spyware firm WebDetetive because "#fuckstalkerware." News 

75,000 Phones Freed from Stalking Spyware by Good Samaritan Hackers

Nitin Misra,

According to a report from TechCrunch, hackers who remain unidentified have allegedly breached the spyware company WebDetetive and erased device data in order to safeguard individuals from being monitored. As a result, users of this spyware will not receive any fresh information from their intended targets. The hackers expressed their motive in a note obtained by TechCrunch, stating, “Because #fuckstalkerware.” Spyware gives users unfettered access to a victim’s device, whether it’s a government using it to monitor citizens or an abuser using it to stalk a survivor. The spyware advertises…

Read More
It's the Discord.io breach earlier this month that may have leaked your info. News 

180 Users Affected by Discord’s March Data Breach: Time for a Security Checkup

Nitin Misra,

Discord has recently begun informing users who were affected by a data breach in March, which was publicly disclosed in May. Out of the reported 150 million monthly users, only 180 individuals had their sensitive information compromised in this attack, as stated in a data breach notification submitted to the Office of the Maine Attorney General. Consequently, if you are a Discord user, it is more probable that you were impacted by the Discord.io breach, which affected 760,000 users and resulted in the closure of the website. Discord.io allows Discord…

Read More
The leaks showed that the company received thousands of Autopilot complaints over the past years. News 

Tesla Reports Insider Wrongdoing Led to Data Breach Affecting 75,000 People

Adarsh V.K, ,

According to a notification on Maine’s Attorney General website, a Tesla data breach that occurred earlier this year and affected over 75,000 individuals was the result of “insider wrongdoing.” The majority of those impacted, approximately 75,735 people, were likely current or former Tesla employees. In a letter to employees, the company stated that although there is no evidence of the data being misused in a way that could harm them, they are still providing this notice to inform them about the incident and the precautions taken. The breach occurred on…

Read More
Agencies reportedly have 30 days to remove the app from devices. News 

NYC Prohibits Government Employees from Using TikTok

Sanjay Patil, ,

According to The Verge, it has been reported that TikTok will be prohibited on government devices in New York City. City agencies have been given a 30-day deadline to uninstall the app, which is owned by ByteDance, from their devices. Effective immediately, employees are not permitted to download or utilize TikTok on their city-approved technology. This action follows a previous ban by New York state in 2020, as stated by Times-Union. The NYC Cyber Command, a subset of the Office of Technology and Innovation, spurred the decision after reporting to…

Read More
Dennis Giese taught DEFCON attendees how to secure their robot vacuums. News 

How to Disconnect Your Robot Vacuum from the Cloud with Tech Knowledge

Febin Mathew

According to Dennis Giese, a PhD student at Northeastern University specializing in robot vacuum security, robot vacuums are no longer just simple cleaning machines. They have evolved into sophisticated Internet of Things devices, comparable to smartphones, with features such as internet connectivity, video recording, and voice control. However, the security measures for these advanced technologies have not kept pace with their development. “You have no idea what kind of data they’re storing, what kind of data is stored on the device, what kind of data is being sent to the…

Read More
Common forensic tools are used against suspects to conduct digital searches. News 

Government’s Ability to Search Phones Through Legal Loophole

Nitin Misra,

Speakers from the Legal Aid Society revealed at DEF CON last Friday that, although the US upholds the belief in the presumption of innocence until proven guilty, law enforcement can easily justify searching digital devices based on a mere suspicion of wrongdoing. Existing technology enables this practice, and vague legislation allows it to occur. “Technically and legally, there hasn’t really been much to stop the government from getting the information they want if they want it,” Allison Young, digital forensics analyst at The Legal Aid Society told ReturnByte. It’s also…

Read More
Cult of the Dead Cow officially launched Veilid at DEF CON this week. News 

America’s Pioneering Hacking Group Releases Free Tool to Enhance App Security

Adarsh V.K, ,

The hacking group Cult of the Dead Cow (cDc), famous for its activist activities, has developed an open source tool called Veilid. This tool, unveiled at DEF CON on Friday, provides developers with the ability to create secure applications. Veilid offers various features, including the option for users to decline data collection and online tracking. This aligns with the group’s objective of combating the commercialization of the internet. “We feel that at some point the Internet became less of a landscape for sharing information and ideas and more of a…

Read More
Unlock doors, authenticate your identity or show off a cool party trick. News 

Chip Implants Allow You to Leave Your Keys Behind

Adarsh V.K

Software engineer Miana Windall, who has approximately 25 implants embedded in her skin, including magnets and RFID technology, shared her experience and fascination with these implants at the DEF CON security conference. Despite the potential discomfort it may cause to some, Windall assured that these implants are hardly noticeable. She also discussed how she programmed them for personal purposes, such as using them to gain access to her previous workplace. RFID technology enables scannable technology such as metro cards or tap-to-pay. The relatively simple technology was first patented in the…

Read More