You are here

Topic: Security

The new feature will help you avoid those spammy international calls that target users with different schemes to steal money. News 

How to Mute Calls From Unknown Numbers on WhatsApp

Jim Hendler, , ,

WhatsApp users can now heave a sigh of relief as the messaging app has introduced a new feature that enables them to mute calls from unfamiliar numbers. This feature is designed to protect users from falling prey to dangerous WhatsApp scams, where fraudsters call them via WhatsApp (both audio and video) to steal their money or personal information. WhatsApp says that you can manually enable the feature from the settings, which ensures that the messaging app automatically mutes a call that comes from random numbers that aren’t in your contact…

Read More
DarKBERT was created on the RoBERTa architecture. (Unsplash) AI 

DARKBert: AI Tool to Fight Cybersecurity Risks from the Dark Web

Febin Mathew, , ,

Over the last few months, Large Language Models (LLMs) have become increasingly popular, particularly with the rise of AI chatbots like ChatGPT. These models use AI to create fresh content, including text, images, and audio, by analyzing existing data and identifying patterns to generate unique content. Although these tools have been utilized for generative AI content creation, researchers have now created a novel LLM that can detect and counter cybersecurity risks. Notably, this model has been exclusively trained on data from the dark web. What is DarKBERT? DarkBERT is an…

Read More
Ransomware gang BlackCat is likely behind a February attack on the company. News 

Hackers on Reddit Issue Ultimatum for $4.5 Million and API Alterations or Risk Leak of 80GB of Data

Febin Mathew, , , , ,

Reddit disclosed in February that it had fallen prey to a focused phishing attack that resulted in the exposure of confidential documents, code, dashboards, and contracts, as well as the personal information of some advertisers and current and former employees. Although none of the data has been made public, this could change soon. BlackCat, also known as ALPHV, a ransomware gang, has claimed responsibility for the breach and says it has 80GB of compressed data. In a post titled “The Reddit Files,” BlackCat has stated that it will erase the…

Read More
We also checked the Enhanced Intelligent Services feature on a Realme C55 smartphone and found that the feature, which was spotted by Bagree, was activated by default on the device. News 

Indian Government Launches Probe into Realme’s Alleged Data Misuse

Adarsh V.K, , ,

According to a recent tweet, Realme smartphones allegedly have a feature called Enhanced Intelligent Services that gathers device information, such as call logs, SMS, location data, and personal data. A Twitter user named Rishi Bagree wrote on his handle, “Realme smartphone has a feature (Enhanced Intelligent Services) that stores user data (call logs, text messages and location data) and it is ‘On’ by default. You will only see this ‘on’ by default when you go to Settings -> Advanced Settings -> System Services -> Enhanced Intelligent Services,” Realme’s smartphone has…

Read More
Microsoft said on Friday that the outages that affected certain services of the company through some of the earlier days of this month were the result of cyberattacks, but said it saw no evidence of any customer data being accessed or compromised. News 

Microsoft Reports Cyberattacks Caused Early June Service Disruptions

Adriana Marais, ,

On Friday, Microsoft announced that cyberattacks were responsible for the recent outages of some of its services earlier this month. However, the company stated that it did not find any indication of customer data being breached or compromised. “Starting in early June 2023, Microsoft experienced traffic spikes for some services that temporarily affected availability,” the company said in a blog post. Microsoft announced that it has begun investigating and monitoring the DDoS activity of a threat actor known as Storm-1359 after identifying the threat. Microsoft did not immediately respond to…

Read More
Over 60,000 android apps infected with adware. (Pixabay) News 

60,000+ Android Apps Present Risk to User Privacy Through Adware Infestation

Nitin Misra, , ,

Over the last half-year, Bitdefender, a cybersecurity research team, has identified over 60,000 Android applications that contain adware, which poses a considerable danger to users. Adware refers to software that is often bundled with programs such as mobile apps. Its purpose is to generate revenue for malicious actors by displaying advertisements either in the foreground or in the background of the user’s smartphone. Unfortunately, this not only causes you to lose money, it drains your device’s battery and causes it to overheat as well. Interestingly, these malicious apps were not…

Read More
Saudi use of the Pegasus spying tool has come up in other controversial cases. (Unsplash ) News 

NSO Group Sued by Khashoggi’s Widow for Alleged Phone Hacking

Febin Mathew, , ,

According to a lawsuit filed by the widow of slain Saudi journalist Jamal Khashoggi, the Israeli surveillance firm NSO Group’s spyware was utilized to monitor her messages in the period preceding her husband’s murder. In a civil lawsuit filed Thursday in Northern Virginia, Hanan Elatr Khashoggi said NSO had “deliberately targeted” her equipment and “caused her tremendous harm both through the tragic loss of her husband and her own loss of safety, privacy, and autonomy.” The NSO initially said it had not seen the lawsuit. When the company was sent…

Read More
Jack Texeira now faces up to 60 years in prison. News 

Air National Guardsman indicted for allegedly leaking classified documents

Sanjay Patil, ,

Jack Texeira, an Air National Guard member who was taken into custody in April for disseminating documents containing sensitive US intelligence information, has been charged with six counts of deliberately withholding and transmitting classified national defense data. The federal grand jury indicted Texeira, and he could potentially be sentenced to 60 years in prison. The 10-page indictment reportedly contained a condensed version of the national secrets that Texeira purportedly obtained from the Cape Cod air base and shared with others on Discord. Texeira was arrested by the Justice Department in…

Read More
In many cases, when people share their name and phone number while ordering food from a pizza outlet or paying the bill at a café, these places not only store such data but also become a source of data leaks News 

Beware of Data Theft: Think Twice Before Sharing Personal Information at Food and Shopping Outlets

Adarsh V.K, , ,

It was previously believed that scammers obtained phone number lists from banks or telecom operators, but a DoT official has revealed that many fraudsters use random dialing or alternative methods. Data leaks can also occur when individuals provide their name and phone number while ordering food or paying bills at establishments such as pizza outlets and cafes, which store and potentially share this information. It is believed that while there is a small chance that an insider at a telecommunications company will hand over information in exchange for money to…

Read More
Government has rejected all allegations of a CoWin data breach. (CoWin) News 

Union Minister Rejects Allegations of CoWin Data Breach

Adriana Marais, , , ,

Union Minister Rajeev Chandrasekhar responded to numerous reports claiming a significant CoWin data breach by providing a detailed rebuttal on Twitter. It was previously claimed that the CoWin data breach had leaked the information of many people who had given their personal information while taking the Covid vaccine. A huge number of people had registered with CoWin by providing their identity proofs like Aadhaar Card, PAN Card, Passport and many more. CoWin is an application developed as an IT solution to implement the COVID-19 vaccination in India. According to the…

Read More
Citizens' Personal Data Leaked on Telegram via Co-WIN. (HT_PRINT) News 

Private Data of Vaccine Recipients Leaked on Telegram Through CoWIN Platform

Nitin Misra, ,

Disturbing reports have emerged regarding a significant data breach that has jeopardized the personal information of citizens in our nation. The breach encompasses crucial particulars, including PAN and Aadhaar card data. To make matters worse, this leaked information has been detected on the messaging app Telegram, which is a cause for concern. The Fourth News has reported that the data breach was caused by vulnerabilities in the CoWIN portal. Many people used this portal to register their personal details for Covid vaccination purposes. According to the report, when the phone…

Read More
News18 could not independently verify the claims and has reached out to the MiETY and CERT-In. Reports, however, pointed out that this could have happened due to a security breach related to the CoWIN portal where all these details were available News 

Expert Warns of Data Breach After Telegram Bot Exposes Personal Info Shared on CoWIN

Nitin Misra, , ,

Recent reports and social media posts have indicated that personal information of Indians, such as their Aadhaar and passport details, phone number, date of birth, and gender, were briefly accessible on the Telegram app. This has raised concerns about a security breach related to the CoWIN portal, where all of this information was stored. It was found that if the communication bot was given a phone number, it provided all of this information, including the location where the Covid vaccination was administered. Apparently the bot wasn’t working this morning. According…

Read More
These tools can help you clean up any malware in the device and also safely let you use other devices. News 

Protect Your Phone and PC With Government-Approved Malware Software

Jim Hendler, , ,

The Indian government has established a security agency to assist individuals concerned about potential malware or security problems on their computers or phones. The agency has created a botnet cleaning and malware analysis center that has produced specialized tools for removing malware. According to the information provided, these tools are claimed to help remove all malware from your system keeping it safe and clean. Cyber Swachhta Kendra has a website about these tools, which are developed with the help of Internet Service Providers (ISPs) and even antivirus companies. The tools…

Read More
You can now upload from other password managers, add security notes and more. News 

Google Chrome Password Manager Receives Enhancements for Security and Usability

Adriana Marais, , , ,

Google is giving its Password Manager, which is integrated into Chrome on desktop, Android, and iOS, a minor revamp that includes several new security and convenience features. Among these is a feature that encourages users to use the service correctly by enabling them to import a .csv file from a competing service. The saving system now also has its own mode in Chrome, which you can access via “Password manager” or “Manage passwords” in the Chrome menu when you are asked if you want to save a new credential. It…

Read More
PDFs are the primary malicious email attachment type being used over 66 per cent of the time to deliver malware via email in 2022. News 

Researchers Issue Warning Regarding Malware in PDF File Attachments

Sanjay Patil, , ,

According to a new report released on Wednesday, PDFs are the most commonly used type of malicious email attachment, accounting for over 66% of malware delivered via email in 2022. According to researchers at Palo Alto Networks Unit 42, monthly registrations of both benign and malicious domains increased by 910% with ChatGPT’s AI chatbot between November 2022 and April 2023. The researchers also saw a huge increase (17,818 percent) in attempts to imitate ChatGPT using squatting domains – website names deliberately registered to look similar to a popular brand or…

Read More
Healthcare organisations had a 73.7 per cent likelihood of paying a ransomware demand, and they are also the fourth most targeted sector by ransomware attacks (13 per cent) globally. News 

73.7% of Healthcare Companies Agree to Pay Ransomware Demands

Adarsh V.K, , ,

According to a recent report, healthcare organizations are the fourth most targeted sector by ransomware attacks worldwide, accounting for 13% of all attacks. The report also revealed that these organizations have a high probability of paying ransom demands, with a likelihood of 73.7%. As ransomware attacks become more common, organizations are taking steps to mitigate the damage, if it has been experienced, according to Arete, a global Internet risk management firm. Some of the most powerful controls include backups, multi-factor authentication (MFA), and endpoint detection and response (EDR), all of…

Read More
Users who do not have a paid Google Workspace licence have their private drive actions left undocumented. News 

Google Workspace Vulnerability Could Enable Unidentified Data Theft From Drive Files

Adriana Marais, ,

A major flaw in the forensic security of Google Workspace has been uncovered by cybersecurity experts, which allows a hacker to extract data from Google Drive undetected. According to researchers at Mitiga Security, once a malicious insider accesses an organization’s Google Drive, they can take action without logging in. This error only affects users who do not have a paid Google Workspace business license. Users who do not have a paid Google Workspace license leave their driving activity undocumented. Hackers can disable registration and registration by canceling the paid license…

Read More
The influencer-VPN provider relationship is good for business, but not for security. News 

Rise in VPN Sales Raises Concerns Over Security

Sanjay Patil, ,

No matter what kind of content you’ve been watching on YouTube lately, whether it’s gaming, politics, or lengthy video essays, chances are you’ve come across an advertisement for virtual private network (VPN) services. These ads are often promoted by influencers who claim that their VPN offers military-grade encryption and the ability to stream content from anywhere, as long as you use their special code at checkout. This allows them to receive a commission from the sale. VPN ads aren’t just everywhere on YouTube. Since the beginning of 2016, VPN companies…

Read More
Amazon agreed to pay $25 million to settle allegations it violated children's privacy rights when it failed to delete Alexa recordings at the request of parents News 

Amazon Pays $30 Million for Alexa & Doorbell Camera Privacy Breach

Jim Hendler, , ,

Amazon.com and one of its subsidiaries reached separate multimillion-dollar settlements with the U.S. Federal Trade Commission on Wednesday over violations of children’s privacy using its Alexa voice assistant and its Ring camera in a doorbell. Amazon has agreed to pay $25 million to settle allegations that it violated children’s privacy by failing to delete Alexa recordings at parents’ request and keeping them longer than necessary, according to a filing in federal court in Seattle. “While we disagree with the FTC’s allegations against both Alexa and Ring and deny any violation…

Read More
The attack on MCNA is the largest health breach this year. News 

Ransomware attack exposes sensitive information of nearly 9 million dental patients

Febin Mathew, , ,

A recently disclosed ransomware attack compromised some particularly sensitive medical data. Dental insurer Managed Care of North America (MCNA) said the intruder accessed patients and took copies of patient information between February 26 and March 7, including addresses, social security numbers, driver’s licenses and insurance information. MCNA says some of the information is for parents, guardians and guarantors (people who pay bills on behalf of others). A filing provided by the Maine Attorney General indicates that more than 8.9 million people have been affected. The company has not identified the…

Read More