Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Security. Show all posts
Microsoft security
Credential Security Cyber Phishing Cyber Security Data protection data security Microsoft Microsoft security

Microsoft Warns Users About Rising QR Code Phishing and Quishing Scams

 

Microsoft’s cybersecurity researchers have uncovered a growing wave of phishing scams using QR codes hidden inside emails, PDF files, and fake CAPTCHA pages. Instead of clicking suspicious links, victims scan QR codes that secretly redirect them to fraudulent websites designed to steal login credentials and session data. The attacks spread quickly because they bypass many traditional security filters and often appear harmless at first glance. 

Known as “quishing,” these scams hide malicious links inside QR codes, avoiding the usual warning signs tied to suspicious URLs. Emails often create urgency through fake compliance notices, security alerts, or missed-message warnings, encouraging users to scan the code without carefully checking the sender. According to Microsoft, attackers are impersonating HR teams, IT departments, managers, and office administrators to make messages appear legitimate. 

Once scanned, users are routed through several webpages before landing on counterfeit login portals built to capture usernames, passwords, and even live session tokens capable of bypassing some two-factor authentication protections. Researchers say more than 35,000 users across approximately 13,000 organizations worldwide have already been targeted, with cases continuing to rise. Many people trust QR codes because they are commonly used for menus, payments, and sign-ins, making them less likely to question the risks behind scanning one. 
Cybercriminals are exploiting that familiarity to trick users into exposing sensitive information. A recent case highlighted by Digit.in demonstrated how convincing these scams can be. Employees reportedly received emails appearing to come from an Office 365 administrator claiming several messages were awaiting approval. Instead of links, the email included a QR code directing users elsewhere. Investigators tested the QR code using a freshly wiped mobile device across Android and iOS platforms to minimize potential risks. 

While the QR codes in that case did not install malware or alter device settings, the test showed how easily similar scams could deceive unsuspecting users. Security professionals warn that scanning unfamiliar QR codes on devices containing banking apps, work credentials, personal photos, or confidential files can expose users to serious threats without obvious warning signs. Experts recommend avoiding QR codes sent through unsolicited emails, verifying senders carefully, and checking linked addresses before entering passwords. 

As cybercriminals increasingly rely on social engineering instead of direct hacking, simple actions like scanning a QR code are becoming new entry points for digital attacks.
Read more »
Threat Investigation
AI SOC Alert Overload Cyber Security SOC Security Threat Investigation

SOC Alert Overload: Why More Analysts Won’t Help

 

Security operations centers are facing a problem that hiring alone cannot solve. Alert volumes keep rising, attackers move faster than most human teams can investigate, and many SOCs still rely on workflows built for a much smaller stream of events. The result is a widening gap between the alerts generated by modern systems and the number that can be analyzed with real depth. 

Even when organizations add analysts, the queue often remains crowded because the underlying process still depends on manual triage. That is why security experts argue the issue is not a staffing shortage alone, but an operating-model failure that leaves teams reacting instead of defending. 

Most SOCs have already tried the obvious fixes. They prioritize critical alerts, suppress noisy detections, and tune rules to reduce false positives. Those steps help, but they do not remove the central bottleneck: too many alerts still reach humans for investigation. The article explains that low- and medium-severity events are especially dangerous because attackers often hide inside them, knowing analysts are overwhelmed. When those signals sit in a backlog, the delay becomes a security weakness in itself. 

To test whether a SOC is truly under strain, security experts suggest a quick diagnostic. Leaders should ask how many high-priority alerts were actually investigated, how often detection rules were suppressed without replacement coverage, whether analyst turnover has created a fragile bench, and what task would be sacrificed if alert volume doubled overnight. If the answers reveal gaps, the problem is not effort or discipline. It is capacity, continuity, and architecture. 

The proposed answer is not to push analysts harder, but to change how investigations are handled. AI-based SOC platforms can triage alerts at scale, document reasoning, and free analysts from repetitive work. In the examples cited, teams completed thousands of investigations quickly and recovered large amounts of analyst time. That shift also allowed some organizations to reduce SIEM-related spending by cutting unnecessary ingest and storage. Humans still matter, but their role changes: they focus on insider threats, novel attack patterns, and cases that require business or regulatory judgment. 

The broader lesson is simple. Modern SOCs need a model that matches today’s attack speed and alert volume. If the queue is always full, more people will only slow the pain, not remove it. The stronger answer is to redesign the workflow so that technology handles scale and analysts handle judgment, because that is where security value actually comes from.
Read more »
Data Leak
AI Bug Management Cloud Cyber Security Data Data Leak

9-Year-Old Linux bug Found by Researchers, Could Leak Data


Experts have revealed details of a bug in the Linux kernel that stayed unnoticed for nine years. The flaw is tracked as CVE-2026-46333 (CVSS score: 5.5). 

Improper bug management 

The incident is improper privilege management that could have allowed threat actors to reveal sensitive data as unprivileged local users and launch arbitrary commands on default installs such as Ubuntu, Debian, and Fedora. Its alias is aka ssh-keysign-pwn.

Vulnerability existed since 2016

Cybersecurity firm Qualys found the flaw. Since November 2016, the problem has been present in mainstream Linux (v4.10-rc1). 

Distribution updates and upstream patches are already accessible. There are publicly available working exploits, thus administrators should install vendor kernel upgrades right away, Qualys said.

Privilege compromise tactic

TRU discovered a small window in which a privileged process that is dropping its credentials can still be accessed through ptrace-family operations, despite the fact that its dumpable flag should have blocked that path, during ongoing study into Linux kernel privilege boundaries.  

Qualys also added that an attacker can obtain open file descriptors and authenticated inter-process channels from a dying privileged process and utilize them under their own uid by combining this window with the pidfd_getfd() syscall (introduced in v5.6-rc1, January 2020)

What is successful exploit?

Successful bug exploit can allow a local threat actor to reveal /etc/shadow and ho'st private keys under /etc/ssh/*_key, and deploy arbitrary commands as root via four distinct hacks attacking ssh-keysign, accounts-daemon, chage, and pkexec.

PoC exploit

The bug reveal is a proof-of-concept (PoC) exploit for the bug. It was released recently, and soon after, a public kernel surfaced. CVE-2026-46333 is the latest security bug revealed in Linux after Dirty Frag, Fragnesia, and Copy Fail in recent months.

How to stay safe

Experts have advised to use the latest kernel update released by Linux distributions. If users are unable to do it immediately, temporary patchwork includes raising "kernel.yama.ptrace_scope" to 2.
Qualys added, "On hosts that have allowed untrusted local users during the exposure window, treat SSH host keys and locally cached credentials as potentially disclosed. Rotate host keys and review any administrative material that lived in the memory of set-uid processes,” Qualys said.

Incident impact

The incident happened after the release of a PoC for a local privilege exploit known as PinTheft that lets local hackers get access to root privileges on Arch Linux systems. The hack requires the Reliable Datagram Sockets (RDS) module to be deployed on the victim system, readable SUID-root-binary, io_ring enabling, and x86_64 support for the given payload.

Read more »
European Union
AI Act AI Deepfakes AI Privacy AI Risks AI Security Cyber Security Deepfake Deepfake Images EU European Union

European Union Agrees to Ban AI Generated Non Consensual Sexualized Deepfakes

 

A temporary deal emerged Thursday between EU lawmakers and national representatives, targeting AI tools that create explicit fake images without consent. Such technology, when applied to produce child exploitation material, will also fall under the new restrictions. Agreement came after extended discussions on digital ethics and public safety concerns. Rules now aim to block deployment of systems designed for these harmful purposes. The move reflects growing attention to misuse of synthetic media across Europe. Final approval processes remain pending among governing bodies. 

Part of wider changes to the EU’s approach on AI, this move fits within the “Omnibus VII” laws meant to streamline digital rule-making. Rules for artificial intelligence across European countries are being aligned through these adjustments, reducing complexity where possible. One goal stands clear - making compliance less fragmented without adding new layers. 

Updates like this reshape how standards apply, slowly shifting the landscape from within. Following talks, officials announced updated guidelines banning artificial intelligence systems from producing private or explicit material about people without their agreement. These measures single out synthetic media depicting minors in sexually abusive scenarios - prompted by rising unease around how machine learning models enable manipulation, harmful behavior, and digital assault. 

Though broad in scope, enforcement hinges on consistent oversight across platforms where such technologies operate. Still, Marilena Raouna noted the deal could ease repeated paperwork demands on firms in the EU's tech industry - so long as safeguards around AI oversight remain intact. Compliance dates shift for high-risk AI under the new version of the framework. Starting December 2, 2027, standalone systems classified as high risk must follow the requirements. 

By August 2, 2028, those integrated into physical products come into scope. The timeline change appears in the current draft deal. Rules apply earlier to independent platforms than built-in ones. Registration of exempted AI tools in the European Union's high-risk database forms part of the deal. Authorities believe tracking these technologies will support clearer monitoring. Oversight gains clarity when deployments become visible through such records. Among updated measures, tighter rules return for handling sensitive personal details via AI aimed at spotting or fixing skewed algorithms. 

Government representatives noted these changes strengthen individual privacy safeguards, yet still require firms to justify extensive data use with concrete need. Now arriving amid global scrutiny, the deal reflects mounting demands on authorities to control tools that craft lifelike false media through artificial intelligence. 

While Europe's officials stress consequences, they point especially at intimate imagery made without permission - citing threats it poses to personal boundaries, digital safety, truth integrity, and public standing. Though not yet legally binding, the agreement advances the EU’s push to shape how artificial intelligence is built and used throughout its countries. Approval must come later, but momentum continues.
Read more »
European Union hacking
Chinese Cyber Threat Chinese Hackers Cyber Security Cyberespionage Cybersecurity EU cybersecurity European Union hacking

Chinese Cyber Threats to Europe Growing Through Silent Espionage Tactics

 

Chinese state-supported hacking groups are becoming one of the most serious cybersecurity concerns for the European Union, with experts cautioning that their activities often go unnoticed due to their discreet nature.

Unlike the highly visible cyberattacks commonly associated with Russia, Chinese-linked operations usually focus on quietly gaining long-term access to systems and collecting intelligence over extended periods.

According to Antonia Hmaidi, a senior analyst at the Mercator Institute for China Studies, one of the major risks involves cyber actors targeting small office devices used across Europe. These include routers, printers, and network equipment that frequently lack strong security protections, making them easier to exploit as entry points into larger systems.

“It’s not like Russian attacks, which are very visible. Therefore, we tend to underestimate it,” Hmaidi said.

Concerns over cyberespionage continue to rise

European authorities have increasingly expressed concerns over cyberespionage activities allegedly linked to China, especially as more incidents involving government agencies and private businesses continue to surface.

Rather than disrupting systems immediately, these cyber campaigns are often aimed at gathering confidential information and monitoring sensitive activity over time.

In response to growing security risks, several European institutions have tightened cybersecurity precautions. Earlier this year, members of the European Parliament travelling to China were reportedly advised to use burner phones and avoid carrying personal electronic devices.

Officials stated that the measures were introduced to minimise the possibility of surveillance or cyber intrusion during overseas visits. Lawmakers and staff members were also provided with security guidance and training before departure.

Similar safety protocols have been adopted by other EU institutions as well. Reports suggest that internal guidelines within the Council of the European Union recommend officials avoid carrying electronic devices to certain countries, including China. If devices must be taken, authorities reportedly advise wiping them completely after returning.

At the same time, staff members of the European Commission travelling abroad have reportedly been issued temporary phones and basic laptops to reduce the risk of espionage.

A stealth-driven cyber strategy

Cybersecurity experts believe Chinese cyber operations differ significantly from more aggressive attacks because they prioritise stealth, persistence, and long-term infiltration.

Instead of causing immediate and visible disruption, attackers quietly enter systems, observe operations, and gradually extract valuable information. This strategy makes detection far more difficult and allows intruders to remain active within networks for long periods without being discovered.

As Europe becomes increasingly dependent on digital infrastructure for governance, business, and communication, analysts warn that failing to recognise these hidden cyber risks could pose serious challenges to the region’s long-term security and technological independence.
Read more »
Meta Privacy Concerns
child online safety laws Cyber Security Digital Security Meta Meta Platforms Meta Privacy Concerns

Meta Challenges Ofcom Over Online Safety Act Fees and Penalties

 

Challenging new rules, Meta - owner of Facebook and Instagram - is taking Ofcom to the High Court amid disputes about charges tied to the Online Safety Act. The legal move stems from disagreements on how costs and fines are set by the UK's communications watchdog. 

July 2025 marked the start of a legal shift meant to curb damaging material on internet services. Funding oversight duties now fall partly on big tech firms, each paying yearly charges based on global earnings. These payments support Ofcom’s work monitoring digital spaces. Rules took effect without delay once enacted. Revenue ties ensure contributions scale with company size. Later in 2025, new rules took effect targeting firms with annual earnings above £250 million. 

These apply specifically to digital spaces like social networks and search tools - any platform allowing user-generated posts falls under scrutiny. While scale matters, the core focus remains on interactive online environments. Revenue size triggers obligation; activity type defines scope. What stands out is how Meta views the regulator's approach to setting operational charges and potential fines as skewed, placing too much burden on just a few major tech players. Shaped by courtroom arguments, legal representatives emphasized that today’s framework demands disproportionate contributions from firms like theirs. 

Though the Online Safety Act applies across a wide range of online services, the cost structure reflects something narrower in practice. One outcome - seen clearly - is that even minor shifts in methodology could alter financial exposure significantly. Behind these figures lies an assumption: larger platforms must pay more simply because they can. Yet the law itself does not single them out for heavier obligations. 

Instead, what emerges is a system where scale becomes a proxy for liability without clear justification. Disputing the method behind calculating eligible international income forms part of the legal argument. Court documents show Meta arguing penalties ought to reflect earnings only from UK-based operations, not total global turnover. Should firms fail to meet online safety duties, penalty amounts might reach 10% of global turnover - or £18 million - whichever figure exceeds the other. 

Another layer emerges where Meta contests methods used to assign sanctions if several units within one corporate family share fault. Later in London, at an early court session, officials heard that Epic Games - creator of Fortnite - and the Computer and Communications Industry Association might ask to join the legal matter. The possibility emerged through statements presented to the High Court. 

Later this year, more sessions will follow after Mr Justice Chamberlain pointed to matters of broad public significance in the case. Come October, a complete hearing should unfold. Following prior disputes over the Online Safety Act by various groups, litigation has now emerged again. Though distinct, last year’s challenge by the Wikimedia Foundation dealt with related rules on age checks - and ended in defeat. 

Despite pushback, Ofcom stood by its method, saying fees and penalties followed directly from how the law is written. Rather than accept Meta's concerns, the authority insisted the system makes sure firms with major online influence support efforts to keep users safe. Still, Meta insists it will keep working alongside Ofcom, though parts of the rollout feel excessive to them. Even with their suggested adjustments, oversight bodies could still hand down penalties among the highest ever seen on British companies.
Read more »
Data Privacy Laws
AI Chatbots AI Model AI Privacy Canada ChatGPT Privacy ChatGPT. OpenAI Cyber Privacy Cyber Security Data Privacy Laws

Canadian Privacy Regulators Say OpenAI Violated Federal and Provincial Privacy Laws

 

After months of scrutiny, Canadian oversight bodies determined OpenAI did not meet several national and regional data protection standards while developing its AI systems. This outcome emerged from a coordinated review spearheaded by federal Privacy Commissioner Philippe Dufresne, working together with counterparts in Alberta, Quebec, and British Columbia. 

What stood out in the findings was a pattern of data handling at OpenAI - massive volumes of personal details gathered, yet lacking strong protections or clear approval from affected people. Because of this approach, authorities concluded it clashed with rules set by Canada’s privacy law, known formally as PIPEDA, guiding how firms manage private data while conducting commercial activities. 

The way ChatGPT and similar artificial intelligence models were developed raised notable questions for oversight bodies. A key point centered on data collection practices - information about people pulled from open internet resources and external databases, often without clear notice to those affected. Officials pointed out that many users remain unaware their details might feed into machine learning processes. 

Another concern emerged around control: few practical options let individuals inspect, update, or request deletion of their data linked to these systems’ training records or responses. Oversight groups stressed that current safeguards fall short in offering real transparency or user agency. Questions arose about how dependable ChatGPT's answers really are. 

Some pointed out that current methods for managing false or confusing replies fall short - especially if private information is at stake. Even so, Canadian privacy authorities observed OpenAI engaging throughout the probe, committing in advance to adjustments meant to bring operations into line with national data rules. Following these steps, it appears older versions of the AI were phased out due to shortfalls in compliance, while new filters emerged - meant to spot and obscure details like contact numbers or full names across both open-access and legally obtained training collections. 

Some time soon, OpenAI will adjust how it explains the role of user chats in training its systems. A new phase involves more noticeable alerts for people using ChatGPT without logging in. These notices aim to guide visitors away from submitting private details. How exchanges help shape upcoming models will also become part of that message. Updates are meant to surface key points earlier in the experience. 

Further changes include streamlining how users access their data, while offering straightforward steps for disputing AI-generated inaccuracies. Officials emphasized protections for young relatives of well-known individuals - models must now avoid revealing personal details like names or birthdays if the child is not publicly recognized. 

Later scrutiny emerged when news surfaced connecting OpenAI to alarms tied to a violent event in Tumbler Ridge during early 2026, reigniting interest in an inquiry first begun in 2023. Though internal signals about the individual's activity were reportedly noticed earlier, officials claimed the firm failed to forward such red flags to Canadian authorities. Because of what followed, oversight bodies emphasized better coordination among artificial intelligence developers, police units, and public health offices whenever physical harm appears likely. 

Rather than wait, expectations now lean toward faster information sharing across these groups. Pressure mounts globally as scrutiny increases on firms using artificial intelligence, pushing them toward stronger safeguards for personal data. How information is gathered and applied in training powerful models now faces closer examination. 

Greater openness about methods has become harder to avoid. Responsibility for outcomes ties directly to practices behind massive data processing. Standards shift under persistent demands for clearer conduct.
Read more »
Tech
Banks Cyber Security Data Data Leak digital scam identity Scam Tech

High Court Squashes Ban for Sim-Swap Fraud, Says Zero Customer Liability


In an important ruling amid surging digital financial fraud attacks, the Bombay HC sided with the customer protection norms. It directed Bank of Baroda to return Rs. 1.24 crore to the victim private firm that lost money in a SIM-swap case. The court stressed that if a consumer reports fraud promptly in time, “zero liability” is ruled, and the bank must reimburse the losses.                 

Private company reported the incident immediately

The order was given by a division bench of the HC, which included Justices Manjusha Deshpande and Bharati Dangre, when private company PNP Polytex (based in Mumbai) submitted a petition. Polytex alleged that Rs.1.24 crore had been stolen from its bank accounts illegally and without knowledge. 

About court proceedings

As per the submissions to the court, the firm informed the bank soon after finding malicious transactions and asked the accounts to be frozen. The bank could only save Rs. 47.8 lakh, the remaining money was already stolen by the hackers. After this, the firm moved to HC for help.

Later, enquiry revealed that the scam was done using a SIM-swap tactic, where hackers get control of the target’s registered contact number. This lets the hackers intercept OTPs and do banking transactions without the account owner's consent and knowledge. The high court found that the scam was done by third-parties, and showed no evidence of negligence on consumer’s end.

What is RBI’s zero liability rule?

During the proceedings, the court referred to the July 6, 2017 statement given by the RBI, which laid down the customer protection guidelines in incidents of illegal electronic banking transactions. According to the circular, the consumers are entitled to zero liability if they report fraud transactions within 72 hours (three days).

In the judgement, the high court stressed that if a customer informs the bank about a scam or fraud, it is the duty of the bank to return the disputed amount back to the victim’s account. The court also said that the burden of proving customer negligence is on the bank too.  

The court rejected the bank's defenses that it had followed the due process and security measures, and the bench  labelled the argument as a “lame excuse,” saying that such mechanisms become powerless when a SIM card is hacked. The court also attributed another ruling in an incident where HDFC bank was held liable under similar situations. 

Bank will return stolen amount with interest

After revising the previously frozen funds, the High Court ordered the bank to return the remaining sum plus 6% interest within eight weeks. 

Read more »
Subscribe to: Posts (Atom)