Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

WhatsApp Enumeration Flaw Exposes Data of 3.5 Billion Users in Massive Scraping Incident

  Security researchers in Austria uncovered a significant privacy vulnerability in WhatsApp that enabled them to collect the personal detail...

All the recent news you need to know
User Privacy
Data Breach Data Leak Gainsight Salesforce User Privacy

Salesforce Probes Gainsight Breach Exposing Customer Data

 

Salesforce has disclosed that some of its customers' data was accessed following a breach of Gainsight, a platform used by businesses to manage customer relationships. The breach specifically affected Gainsight-published applications that were connected to Salesforce, with these apps being installed and managed directly by customers. 

Salesforce emphasized that the breach did not stem from vulnerabilities in its own platform, but rather from Gainsight's external connection to Salesforce. The company is actively investigating the incident and directed further inquiries to its dedicated incident response page.

Gainsight confirmed it was investigating a Salesforce connection issue, but did not explicitly acknowledge a breach, stating that its internal investigation was ongoing. Notable companies using Gainsight's services include Airtable, Notion, and GitLab. GitLab confirmed that its security team is investigating and will share more details as they become available.

The hacking group ShinyHunters claimed responsibility for the breach, stating that if Salesforce does not negotiate with them, they will set up a new website to advertise the stolen data—a common tactic for cybercriminals seeking financial gain. The group reportedly stole data from nearly a thousand companies, including details from Salesloft and GainSight campaigns. 

This breach mirrors a previous incident in August, where ShinyHunters exploited vulnerabilities in AI marketing chatbot maker Salesloft, compromising numerous customers' Salesforce instances and accessing sensitive information such as access tokens.

In the earlier Salesloft breach, victims included major organizations like Allianz Life, Bugcrowd, Cloudflare, Google, Kering, Proofpoint, Qantas, Stellantis, TransUnion, and Workday. The hackers subsequently launched a website to extort victims, threatening to release over a billion records. Gainsight was among those affected in the Salesloft-linked breaches, but it remains unclear if the latest wave of attacks originated from the same compromise or a separate incident.

Overall, this incident highlights the risks associated with third-party integrations in major cloud platforms and the growing sophistication of financially-motivated cybercriminals targeting customer data through supply chain vulnerabilities. Both Salesforce and Gainsight are continuing their investigations, with cybersecurity teams across affected organizations actively working to assess the extent of the breach and mitigate potential damage.
Read more »
Secure Communication Solutions
Cyber Attacks Digital Fraud Prevention Identity Theft Prevention Mobile Security Tools Phone Scam Alerts Privacy-First Technology Scam Call Protection Secure Communication Solutions

UK Loses £11 Billion to Scams and NordVPN Responds with Call Protection

 


With a surge in digital fraud that has continued to erupt throughout the past year, NordVPN has introduced a new defense system aimed at protecting mobile users against the rapidly evolving tactics of cybercriminals. 

In order to provide a discreet yet powerful safeguard against fraudulent calls, the company has begun rolling out Scam Call Protection for Android devices, a feature which will provide users with a warning when an incoming call seems suspicious. 

Developed in a privacy-focused manner, the tool analyzes call metadata and reputation indicators in real time, enabling users to recognize and avoid potential threats including phishing, fraud and identity theft before they ever pick up the phone, which is called a privacy-first approach. Currently available in the U.S., the United Kingdom, and Canada, NordVPN's mobile app now includes a feature that is built into the app, and the feature doesn't require a separate installation.

It will display a clear warning message along with information about the suspicious caller. Amidst a time of deceptive phone-based attacks that are on the rise, NordVPN aims to keep users up to date in the field of threat intelligence by quietly analyzing threat intelligence in the background and sending timely alerts in the background. 

A growing threat of scam calls is on the rise worldwide, and NordVPN's latest feature comes as financial losses are rising sharply across major economies as a result of phone-based fraud. Even though the company has initially made the tool available to Android users in the United States, the technology used to make it is part of a wider initiative to raise the bar for mobile security in general. 

NordVPN has devised a simple mechanism for identifying incoming calls that match patterns associated with known scammers databases, or which display suspicious behavior that is deemed to be suspicious, and it then issues a clear warning before the user answers. The goal is to halt deception at its most vulnerable moment and to halt it immediately. 

As time has gone by, the need for such early detection has become increasingly evident. During 2024, FBI data indicates that scam calls contributed to a total of $16.6 billion in reported losses in the United States, representing a steep increase in losses from previous years. This is also the case in other parts of the world; based on estimates from the Global Anti-Scam Alliance, British residents lost nearly £11 billion to various scams in the past year, a majority of them involving phone scams. 

By September of this year, Canadians had already lost C$544 million to fraud, which is close to a total tally recorded the previous year. In this context, NordVPN stands out with its Scam Call Protection feature because it emphasizes privacy and operational simplicity, while still remaining competitive in the market. 

As opposed to analysing the content of calls, it evaluates only the metadata and behavioral indicators associated with the incoming number, which ensures that conversations remain private and unaccessible to the organization as a whole. As the system is running in the background without the need for an active VPN connection, it alerts users to potential scam attempts, reduces the chances of falling victim to social engineering, phishing schemes, or identity theft schemes, and proactively prevents them from falling victim to these types of schemes. 

The setup process for activating this feature in the NordVPN Android app is designed to be as easy and straightforward as possible; users will follow a brief set-up guide to adjust the permissions for their device. The tool works continuously once it is enabled, providing real-time alerts that strengthen user awareness when scammers attempt to contact them. 

NordVPN claims that the feature is constructed on the basis of “privacy-first philosophy,” utilizing only call metadata and behavioural patterns to determine potential threats, while ensuring that user conversations are kept completely private and private from the company at all times. There is no need to activate a VPN connection to ensure continuous protection. This software works quietly in the background, providing continuous protection without altering the users' normal phone use. 

Additionally, the company has mentioned a series of upcoming upgrades that will include more accurate call classifications, enhanced caller identification for legitimate businesses, and improved call-category classifications, all of which should enhance user confidence and accuracy. A NordVPN product director, Dominickas Virbickas, noted that scam calls have become a worldwide problem that requires an equal global response, and that it has evolved into a global challenge. 

By expanding its service to the United Kingdom and Canada, the company is aiming to provide more context for incoming calls and to provide users with the information they need in order to make informed decisions. It is particularly relevant that this rollout was made during a time when major shopping periods, such as Black Friday, create lucrative opportunities for fraudsters to operate during. 

In order to protect consumers' privacy, security experts advise them to remain cautious during seasonal promotions, to not provide payment information to unsolicited telephone calls, and to remain skeptical of unusually generous offers. In the present state of affairs, NordVPN is only making the feature available to Android users in the United States, the United Kingdom, and Canada, although it is expected that iOS devices and additional markets will be supported shortly. 

The NordVPN app makes it very simple for users to activate the app by navigating to the Threat Protection section, enabling the call protection, and setting up the necessary permissions within their Android device. It is widely available to block calls across a wide range of mobile platforms, however NordVPN stands out through its operational transparency and pedigree that make the service stand out from the crowd. 

NordVPN utilizes its reputation as a privacy-minded provider by refraining entirely from analyzing call content, contacts, or personal information, unlike many standalone blocker apps that have been criticized for data harvesting. Its continuous updating threat intelligence makes it a valuable tool, and it is easy to integrate with the existing security ecosystem many users already use, and is independent of a VPN connection. 

NordVPN offers a notably more reassuring alternative for those who are accustomed to skepticism toward third-party call blockers due to its emphasis on confidentiality and minimal data handling. The growing threat of digital fraud continues to outpace traditional measures, which highlights the need for proactive, privacy-focused defenses in everyday communication. 

Tools like NordVPN’s Scam Call Protection underscore this need for proactive, privacy-driven defensive measures. In spite of the fact that no one measure can eliminate scam risks completely, analysts emphasize that using intelligent call screening in conjunction with user vigilance significantly helps boost personal security. 

By regularly updating device settings, avoiding unidentified callers, and partnering with trusted security providers, users can reduce their vulnerability to evolving threats. In an increasingly vulnerable communication landscape, a timely context and credible protection may be imperative to the restoration of confidence in the user. Cybercriminals are constantly refining their tactics, and users need to be equipped with timely context and credible protection.
Read more »
ransomware data leak
Almaviva cyberattack Data Breach FS Italiane Italian IT provider breach Italy railway hack ransomware data leak

Massive Data Breach Hits Italy’s FS Italiane After Cyberattack on IT Provider Almaviva

 

Data belonging to Italy’s state-owned railway operator, the FS Italiane Group, has been exposed after a cybercriminal infiltrated the systems of its IT partner, Almaviva.

The attacker claims to have exfiltrated a massive 2.3 terabytes of information, later publishing the stolen files on a dark web forum. The individual behind the breach alleges that the dump contains confidential records and sensitive corporate material.

Almaviva, a major global IT and digital services company, provides solutions ranging from software development and systems integration to consulting and CRM platforms. According to Andrea Draghetti, Head of Cyber Threat Intelligence at D3Lab, the compromised data appears to be recent and includes documents dating back to the third quarter of 2025. He dismissed speculation that the files originated from the 2022 Hive ransomware incident.

"The threat actor claims the material includes internal shares, multi-company repositories, technical documentation, contracts with public entities, HR archives, accounting data, and even complete datasets from several FS Group companies," Draghetti says.
"The structure of the dump, organized into compressed archives by department/company, is fully consistent with the modus operandi of ransomware groups and data brokers active in 2024–2025," he added.

Almaviva employs more than 41,000 people across nearly 80 global locations and reported $1.4 billion in revenue last year. FS Italiane, entirely owned by the Italian government, is among the nation’s largest industrial enterprises, generating over $18 billion annually through its rail, transport, and logistics services.

Although initial press queries from BleepingComputer went unanswered, Almaviva later confirmed the breach in statements provided to local outlets.

“In recent weeks, the services dedicated to security monitoring identified and subsequently isolated a cyberattack that affected our corporate systems, resulting in the theft of some data,” Almaviva said.

“Almaviva immediately activated security and counter-response procedures through its specialized team for this type of incident, ensuring the protection and full operability of critical services.”

The company added that it has notified relevant authorities, including law enforcement, Italy’s national cybersecurity agency, and the data protection authority. Government bodies are currently assisting with the ongoing investigation.

Almaviva has committed to sharing further updates as more findings become available.

It remains unknown whether any passenger information was included in the stolen data or if the breach has affected additional Almaviva clients. BleepingComputer has sent follow-up questions, but no response had been received as of publication.

In another public communication, Almaviva reiterated that it had isolated the cyberattack, stating that it resulted in “the theft of some data.”

"Almaviva immediately activated safety and response procedures through its specialized team for this type of incident, ensuring the protection and full operation of critical services," the company stated, emphasizing that business continuity plans prevented disruptions to its operations.
Read more »
Third-Party Vulnerabilities
Banking Cyberattack Cyber Intrusion Investigation Data Breach Digital Supply Chain Risk Financial Security Infrastructure Security Mortgage Data Leak Third-Party Vulnerabilities

Growing Concern as Authorities Assess Cyber Incident at Real Estate Finance Firm

 


An extreme cyber intrusion which led to considerable concern among U.S. financial institutions over the weekend has been hailed by leading American banks and mortgage lenders as a major development that must be addressed urgently in order to reduce their exposure to various cyber threats. 

According to a statement issued by StatusAMC Group Holdings, LP on November 12, the back-office software provider for hundreds of mortgage origination, servicing, and payments operations for hundreds of institutions was breached. It was possible for unknown actors to gain access to sensitive client information, including accounting files, legal agreements, and possibly extensive personal data from loan applications, by hacking into their systems. 

However, while the company claims its operations remain fully operational, and that the incident has been contained without using any encryption malware, the extent to which the data was compromised has raised the alarm on Wall Street, since firms such as JPMorgan, Citi, and Morgan Stanley are highly reliant on the vendor's infrastructure for their daily operations. 

The company has been providing clients with near-daily updates while collaborating with federal law enforcement and outside forensic experts to determine exactly what was taken after the millions of records may have been stolen. This reflects a growing sense of unease within an industry where third-party vulnerabilities are posing some of the most significant cyber risks to date. 

New York-based StatusAMC provides mortgage services to more than 1,500 clients across residential and commercial markets. This breach has been discovered by the company on November 12, and it has confirmed that portions of the company's corporate data, including accounting records and legal agreements, have been accessed during this intrusion, which occurred on November 12. 

There are no clear indications as yet as to whether the attackers exfiltrated certain data tied to customers of the company's financial-sector clients, or if they simply viewed that information. However, it acknowledges that data tied to customers of its financial-sector clients may also have been compromised. 

There is no doubt that the company is a major processor of mortgage applications, and they handle highly sensitive personal information, ranging from Social Security numbers to passport information to employment histories. However, after recent reports suggested that certain information related to residential loan files was compromised, further concerns were raised. 

A report by the New York Times reported that JPMorgan Chase, Citi, and Morgan Stanley may have been affected by the breach; JPMorgan said that its own banking systems were not directly compromised, but Citi declined to comment and Morgan Stanley refused to answer questions. It has already been reported that the FBI has opened a probe, and SitusAMC has already begun contacting impacted customers as it continues the investigation. As a result, the federal investigators are now taking an increasingly active role in investigating the breach. 

The FBI announced in a press release that they are working closely with SitusAMC and the affected institutions to determine the full extent of the breach. According to Director Kash Patel, no operational disruptions have yet been identified to banking services. He added that the bureau continues to focus on tracing the perpetrators and strengthening security measures for critical infrastructure systems. 

A longstanding vulnerability in the financial sector despite its reputation for strong cybersecurity defenses has been heightened by the incident, as a result of systemic risks associated with third-party technology providers. Despite being essential to the banking industry, SitusAMC is often overlooked outside of industry circles, and the company receives far less oversight than the major banks it supports, which can lead to the exposure of millions of records. 

As the investigation continues, neither JPMorgan Chase nor Morgan Stanley indicated what they experienced regarding the investigation. Additionally, SitusAMC's chief executive officer, Michael Franco, declined to respond to inquiries regarding the investigation, leaving many questions unanswered. 

Despite the fact that large banks invest hundreds of millions of dollars in cybersecurity each year and are widely regarded as the best-protected institutions in the private sector, experts warn that even though the banking industry is under constant pressure from increasingly sophisticated cyber threats, it is still highly vulnerable to these threats. In spite of the fact that lenders, data processors, and software providers are connected through a dense network of relationships, it is quite possible for those institutions that appear the most secure to introduce weaknesses inadvertently. 

The breach has underscored the fact that deeply embedded vulnerabilities can emerge in the most unexpected places when they are deeply embedded, as Muish Walther-Puri, head of critical digital infrastructure at TPO Group, said. The failure of a single trusted vendor can be very detrimental to the entire financial ecosystem, exposing the "unseen" risks woven into its operations, he added. He emphasized that true resilience cannot just be achieved by internal defenses alone, but also through the collective vigilance of the entire supply chain as well. 

Several industry experts are predicting that as the investigation continues, the incident will serve as a catalyst for deeper scrutiny of digital supply chains as well as a more rigorous oversight of the vendors that power critical financial operations. 

The argument goes that even if banks and lenders have formidable defenses, they still need to set higher security expectations for third parties, demanding a greater level of transparency, continuous monitoring, and greater accountability as part of their security practices. 

Having been exposed to the security breach, many people in the sector have taken note that the development of resilience these days is reliant not only on advanced technology, but also on a shared commitment to safeguard the interconnected systems that are vital to keeping the nation's financial machinery afloat.
Read more »
Youtube
Age Verification Artificial Intelligence Biometric data Personal Information Privacy Spotify Youtube

Big Tech’s New Rule: AI Age Checks Are Rolling Out Everywhere

 



Large online platforms are rapidly shifting to biometric age assurance systems, creating a scenario where users may lose access to their accounts or risk exposing sensitive personal information if automated systems make mistakes.

Online platforms have struggled for decades with how to screen underage users from adult-oriented content. Everything from graphic music tracks on Spotify to violent clips circulating on TikTok has long been available with minimal restrictions.

Recent regulatory pressure has changed this landscape. Laws such as the United Kingdom’s Online Safety Act and new state-level legislation in the United States have pushed companies including Reddit, Spotify, YouTube, and several adult-content distributors to deploy AI-driven age estimation and identity verification technologies. Pornhub’s parent company, Aylo, is also reevaluating whether it can comply with these laws after being blocked in more than a dozen US states.

These new systems require users to hand over highly sensitive personal data. Age estimation relies on analyzing one or more facial photos to infer a user’s age. Verification is more exact, but demands that the user upload a government-issued ID, which is among the most sensitive forms of personal documentation a person can share online.

Both methods depend heavily on automated facial recognition algorithms. The absence of human oversight or robust appeals mechanisms magnifies the consequences when these tools misclassify users. Incorrect age estimation can cut off access to entire categories of content or trigger more severe actions. Similar facial analysis systems have been used for years in law enforcement and in consumer applications such as Google Photos, with well-documented risks and misidentification incidents.

Refusing these checks often comes with penalties. Many services will simply block adult content until verification is completed. Others impose harsher measures. Spotify, for example, warns that accounts may be deactivated or removed altogether if age cannot be confirmed in regions where the platform enforces a minimum age requirement. According to the company, users are given ninety days to complete an ID check before their accounts face deletion.

This shift raises pressing questions about the long-term direction of these age enforcement systems. Companies frequently frame them as child-safety measures, but users are left wondering how long these platforms will protect or delete the biometric data they collect. Corporate promises can be short-lived. Numerous abandoned websites still leak personal data years after shutting down. The 23andMe bankruptcy renewed fears among genetic testing customers about what happens to their information if a company collapses. And even well-intentioned apps can create hazards. A safety-focused dating application called Tea ended up exposing seventy-two thousand users’ selfies and ID photos after a data breach.

Even when companies publicly state that they do not retain facial images or ID scans, risks remain. Discord recently revealed that age verification materials, including seventy thousand IDs, were compromised after a third-party contractor called 5CA was breached.

Platforms assert that user privacy is protected by strong safeguards, but the details often remain vague. When asked how YouTube secures age assurance data, Google offered only a general statement claiming that it employs advanced protections and allows users to adjust their privacy settings or delete data. It did not specify the precise security controls in place.

Spotify has outsourced its age assurance system to Yoti, a digital identity provider. The company states that it does not store facial images or ID scans submitted during verification. Yoti receives the data directly and deletes it immediately after the evaluation, according to Spotify. The platform retains only minimal information about the outcome: the user’s age in years, the method used, and the date the check occurred. Spotify adds that it uses measures such as pseudonymization, encryption, and limited retention policies to prevent unauthorized access. Yoti publicly discloses some technical safeguards, including use of TLS 1.2 by default and TLS 1.3 where supported.

Privacy specialists argue that these assurances are insufficient. Adam Schwartz, privacy litigation director at the Electronic Frontier Foundation, told PCMag that facial scanning systems represent an inherent threat, regardless of whether they are being used to predict age, identity, or demographic traits. He reiterated the organization’s stance supporting a ban on government deployment of facial recognition and strict regulation for private-sector use.

Schwartz raises several issues. Facial age estimation is imprecise by design, meaning it will inevitably classify some adults as minors and deny them access. Errors in facial analysis also tend to fall disproportionately on specific groups. Misidentification incidents involving people of color and women are well documented. Google Photos once mislabeled a Black software engineer and his friend as animals, underlining systemic flaws in training data and model accuracy. These biases translate directly into unequal treatment when facial scans determine whether someone is allowed to enter a website.

He also warns that widespread facial scanning increases privacy and security risks because faces function as permanent biometric identifiers. Unlike passwords, a person cannot replace their face if it becomes part of a leaked dataset. Schwartz notes that at least one age verification vendor has already suffered a breach, underscoring material vulnerabilities in the system.

Another major problem is the absence of meaningful recourse when AI misjudges a user’s age. Spotify’s approach illustrates the dilemma. If the algorithm flags a user as too young, the company may lock the account, enforce viewing restrictions, or require a government ID upload to correct the error. This places users in a difficult position, forcing them to choose between potentially losing access or surrendering more sensitive data.

Do not upload identity documents unless required, check a platform’s published privacy and retention statements before you comply, and use account recovery channels if you believe an automated decision is wrong. Companies and regulators must do better at reducing vendor exposure, increasing transparency, and ensuring appeals are effective. 

Despite these growing concerns, users continue to find ways around verification tools. Discord users have discovered that uploading photos of fictional characters can bypass facial age checks. Virtual private networks remain a viable method for accessing age-restricted platforms such as YouTube, just as they help users access content that is regionally restricted. Alternative applications like NewPipe offer similar functionality to YouTube without requiring formal age validation, though these tools often lack the refinement and features of mainstream platforms.


Read more »
Under-16 Ban
Age Restriction Australia Digital Wellbeing Mobile Security Social Media Ban Under-16 Ban

Australia Bans Under-16s from Social Media Starting December

 

Australia is introducing a world-first ban blocking under-16s from most major social media platforms, and Meta has begun shutting down or freezing teen accounts in advance of the law taking effect. 

From 10 December, Australians under 16 will be barred from using platforms including Instagram, Facebook, Threads, TikTok, YouTube, X, Reddit, Snapchat and others, with services facing fines up to A$50m if they do not take “reasonable steps” to keep underage users out. Prime Minister Anthony Albanese has called the measure “world-leading”, arguing it will protect children from online pressure, unwanted contact and other risks. 

Meta’s account shutdown plan

Meta has started messaging users it believes are 13–15 years old, telling them their Instagram, Facebook and Threads accounts will be deactivated from 4 December and that no new under-16 accounts can be created from that date.Affected teens are being urged to update contact details so they can be notified when eligible to rejoin and are given options to download and save their photos, videos and messages before deactivation. 

Teens who say they are old enough to stay on the platforms can challenge Meta’s decision by submitting a “video selfie” for facial age estimation or uploading a driving licence or other government ID. These and other age-assurance tools were recently tested for the government by the Australian Childrens’ eSafety provider, which concluded that no single foolproof solution exists and that each method has trade-offs.

Enforcement, concerns and workarounds

Australia’s e-Safety Commissioner says the goal is to shield teens from harm while online, but platforms warn tech-savvy young people may try to circumvent restrictions and argue instead for laws requiring parental consent for under-16s. In a related move, Roblox has said it will block under-16s from chatting with unknown adults and will introduce mandatory age verification for chat in Australia, New Zealand and the Netherlands from December before expanding globally. 

The e-Safety regulator has listed the services subject to the ban: Facebook, Instagram, Kick, Reddit, Snapchat, Threads, TikTok, X and YouTube. Exempt services include Discord, GitHub, Google Classroom, Lego Play, Messenger, Roblox, Steam and Steam Chat, WhatsApp and YouTube Kids, which are viewed as either educational, messaging-focused or more controlled environments for younger users.
Read more »
Subscribe to: Comments (Atom)

Featured