Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data Safety. Show all posts
Multi-factor authentication
Cyber Security CyberThreat Data Safety Google Cloud Google security MFA Multi-factor authentication

Google Cloud to Enforce Multi-Factor Authentication for Enhanced Security in 2025

 


As part of its commitment to protecting users' privacy, Google has announced that by the end of 2025, all Google Cloud accounts will have to implement multi-factor authentication (MFA), also called two-step verification. Considering the sensitive nature of cloud deployments and the fact that phishing and stolen credentials remain among the top attack vectors observed by Mandiant Threat Intelligence, it seems likely that Google Cloud users should now be required to perform [2 steps of verification], as Mayank Upadhyay, Google Cloud's VP of Engineering and Distinguished Engineer, told the audience. 

By the end of 2025, Google's cloud division is planning to introduce an optional multi-factor authentication (MFA) feature for all users, as part of its efforts to improve account security as a part of its mission to improve security across the company. As part of a recent announcement by the tech giant, it was announced that it will begin the transition with a phased rollout, to help users adapt more smoothly to the changes. 

The technology industry and cyber security industry have long recommended multifactor authentication as a highly secure authentication method. With an additional step of verification, multi-factor authentication (MFA) dramatically reduces the risk of unauthorized logins, data breaches, and account takeovers, regardless of whether the user's password is compromised. As hackers continue to ramp up their sophisticated attacks on cloud infrastructure and sensitive data, Google is pushing for mandatory MFA as part of a growing trend in cybersecurity. 

According to recent announcements, Google is planning on requiring multi-factor authentication (MFA) for all Cloud accounts by the end of 2025, to protect cloud accounts. MFA is supposed to strengthen security while maintaining a smooth and convenient user experience online, which is exactly what Google claims. It has been reported that 70% of Google users have started using this feature and that security consultants are urging those users who are still on the fence to switch over to MFA at once. Users as well as admins who have access to Google Cloud will be affected by the implementation of the new process. 

Generally speaking, this change will not impact Google accounts of general consumer users. In a recent announcement sent made by Mayank Upadhyay, Google Cloud's VP of Engineering and Distinguished Engineer an official announcement the company stated that they plan to have mandatory MFA implemented throughout 2025 in a phased approach, with assistance being provided to help plan the deployment process. In response to Google's announcement, the company now states that it is taking a phased approach to the mandatory 2FA requirement that will apply to Google Cloud users; here's what that means in practice. 

There will be three phases to the implementation, and the first phase begins immediately with Google encouraging users to adopt 2FA if they have not yet had the chance to install 2FA protection on their account, but currently sign in with a password. Google estimates that 70% of online users have done this. As part of the first phase of the program, which is scheduled to begin in November 2024, the aim will be to encourage the adoption of MFA. The Google Cloud console will be regularly updated with helpful reminders and information. Resources will be available to help raise awareness, plan rollout and documentation of the MFA process, as well as to conduct testing and enable MFA for users with ease. The first phase of the project is scheduled to begin in November 2024 and will play a key role in facilitating the adoption of MFA. 

There will be several notes and reminders in the Google Cloud Console, including information you'll find helpful in raising awareness, planning rollouts, conducting tests, and ensuring that MFA is enabled smoothly for users, to help raise awareness. There will be a second phase that begins early next year and, at the start of the year, Google will start requiring MFA for users who sign in to Google Cloud with a password, whether they are new or existing. Nevertheless, Google has not yet expressed a concrete date for when it is planning to deploy the 2FA technology as part of phase two, which is scheduled for "early 2025". 

It is important to note, however, that all new Google Cloud users, whether or not they already have a password, will be required to implement two-factor authentication to sign in. As of now, this is a mandatory requirement, with no ifs, no buts. As soon as the Google Cloud Console, Firebase Console and iCloud are updated with the 2FA notification, Upadhyay will warn users that to continue using those tools, they need to enrol with the 2FA service. The final phase of Google Cloud's 2FA requirement will be rolled out by the end of 2025, it has been told and will be required for all users currently using federated authentication when logging into Google Cloud by that time. 

It was confirmed in the announcement that there will be flexible options for meeting this requirement. In other words, it appears to be an option for users to enable 2FA with their primary identity provider before accessing Google Cloud itself, or to add a layer of security through Google's system, using their Google account to enable 2FA through their cloud service. A senior director of technical field operations at Obsidian Security told me that the threat landscape has rapidly become more sophisticated as a result of this increased MFA prevalence. The breach data shows that 89% of compromised accounts have MFA enabled, according to Chris Fuller, senior director of technical field operations.

Several phishing-as-a-service toolkits, including the Mamba toolkit that you can buy for $250 a month, as well as non-human identity compromises, suggest that identity compromises will continue regardless of the technology used to carry out." Google's phased rollout is designed to ease users into the new requirement, which could have been met with resistance due to perceived friction in the user experience, especially when the requirement is implemented suddenly," Patrick Tiquet, Vice President of Security and Compliance at Keeper Security, said. Tiquet further emphasized that organizations leveraging Google Cloud will need to strategically prepare for MFA implementation across their workforce. 

This preparation includes comprehensive employee training on the critical role of multi-factor authentication in safeguarding organizational data and systems. Effective MFA adoption may be supported by tools such as password managers, which can streamline the process by securely storing and automatically filling MFA codes. Proper planning and training will be essential for organizations to successfully integrate MFA and enhance security measures across their teams.
Read more »
Technology
AI Artificial Intelligence CNBC Copilot CyberCrime Cybersecurity Data Privacy Data Safety Microsoft OpenAI Recall Technology

Microsoft Introduces AI Solution for Erasing Ex from Memories

 


It reveals the story of a woman who is emotionally disturbed and seeks the help of artificial intelligence as she tries to erase her past in director Vikramaditya Motwane's new Hindi film, CTRL. There is no doubt that the movie focuses on data and privacy, but humans are social animals and they need someone to listen to them, guide them, or be there as they go through life.  The CEO of Microsoft AI, Mustafa Suleyman, spoke about this recently in a CNBC interview. 

During an interview with CNN, Suleyman explained that the company is engineering AI companions to watch "what we are doing and to remember what we are doing." This will create a close relationship between AI and humans. As a result of the announcement of AI assistants for the workplace, many companies like Microsoft, OpenAI, and Google have come up with such solutions.  

It has been announced by Microsoft CEO Satya Nadella that Windows will be launching a new feature called Recall. A semantic search is more than just a keyword search; it digs deep into users' digital history to recreate moments from the past, tracking them back to the time they happened. It was announced today by Microsoft's AI CEO, Mustafa Suleyman, that Copilot, the company's artificial intelligence assistant, has been redesigned. 

Copilot, a newly revamped version of Microsoft's most popular AI companion, shares the same vision of a companion for AI that will revolutionize the way users interact with technology daily in their day-to-day lives with the AI head. After joining Microsoft earlier this year, after the company strategically hired key staff from Inflection AI, Suleyman wrote a 700-word memo describing what he refers to as a "technological paradigm shift." 

Copilot has been redesigned to create an AI experience that is more personalized and supportive, similar to Inflection AI's Pi product, which adapts to users' requirements over time, similar to the Pi product. The announcement of AI assistants for the workplace has been made by a number of companies, including Microsoft, OpenAI, and Google.  The Wall Street Journal reported that Microsoft CEO Satya Nadella explained that "Recall is not just about documents." in an interview. 

A sophisticated AI model embedded directly inside the device begins to take screenshots of users' activity and then feeds the data collected into an on-board database that analyzes these activities. By using neural processing technology, all images and interactions can be made searchable, even going as far as searching images by themselves. There are some concerns regarding the events, with Elon Musk warning in a characteristic post that this is akin to an episode of Black Mirror. Going to turn this 'feature' off in the future." 

OpenAI has introduced the ChatGPT desktop application, now powered by the latest GPT-4o model, which represents a significant advancement in artificial intelligence technology. This AI assistant offers real-time screen-reading capabilities, positioning itself as an indispensable support tool for professionals in need of timely assistance. Its enhanced functionality goes beyond merely following user commands; it actively learns from the user's workflow, adapts to individual habits, and anticipates future needs, even taking proactive actions when required. This marks a new era of intelligent and responsive AI companions. 

Jensen Huang also highlighted the advanced capabilities of AI Companion 2.0, emphasizing that this system does not just observe and support workflows—it learns and evolves with them, making it a more intuitive and helpful partner for users in their professional endeavors. Meanwhile, Zoom has introduced Zoom Workplace, an AI-powered collaboration platform designed to elevate teamwork and productivity in corporate environments. The platform now offers over 40 new features, which include updates to the Zoom AI Companion for various services such as Zoom Phone, Team Chat, Events, Contact Center, and the "Ask AI Companion" feature. 

The AI Companion functions as a generative AI assistant seamlessly integrated throughout Zoom’s platform, enhancing productivity, fostering stronger collaboration among team members, and enabling users to refine and develop their skills through AI-supported insights and assistance. The rapid advancements in artificial intelligence continue to reshape the technological landscape, as companies like Microsoft, OpenAI, and Google lead the charge in developing AI companions to support both personal and professional endeavors.

These AI solutions are designed to not only enhance productivity but also provide a more personalized, intuitive experience for users. From Microsoft’s innovative Recall feature to the revamped Copilot and the broad integration of AI companions across platforms like Zoom, these developments mark a significant shift in how humans interact with technology. While the potential benefits are vast, these innovations also raise important questions about data privacy, human-AI relationships, and the ethical implications of such immersive technology. 

As AI continues to evolve and become a more integral part of everyday life, the balance between its benefits and the concerns it may generate will undoubtedly shape the future of AI integration across industries. Microsoft and its competitors remain at the forefront of this technological revolution, striving to create tools that are not only functional but also responsive to the evolving needs of users in a rapidly changing digital world.
Read more »
Security
Cyber Attacks Data Data Safety data security perso Safety Security

Cyberattack on Maui's Community Clinic Affects 123,000 Individuals in May

 

The Community Clinic of Maui, also known as Mālama, recently notified over 123,000 individuals that their personal data had been compromised during a cyberattack in May. Hackers gained access to sensitive information between May 4 and May 7, including Social Security numbers, passport details, financial account information (such as CVV codes and expiration dates), and extensive medical records.

In addition to this, hackers obtained routing numbers, bank names, financial account details, and some biometric data. A total of 123,882 people were affected by the breach, which resulted in the clinic taking its servers offline.

Local reports suggested the incident was a ransomware attack, sparking public frustration as Mālama was forced to close for nearly two weeks. Upon reopening at the end of May, the clinic operated with limited services, and nurses had to rely on paper charts due to system-wide computer outages.

Following the attack, Mālama worked with law enforcement and cybersecurity experts to investigate the breach, with the findings confirmed on August 7. 

In a statement on its website, the clinic offered complimentary credit monitoring to those whose Social Security numbers may have been exposed, although a regulatory filing in Maine indicated that identity theft protection services were not provided. The organization has not responded to requests for clarification, and a law firm is reportedly exploring potential lawsuits against Mālama related to the breach.

The ransomware group LockBit, which was taken down by law enforcement earlier this year, claimed responsibility for the attack in June. On Tuesday, Europol and other agencies announced a coordinated effort to target the gang, resulting in four arrests and the seizure of servers critical to LockBit's operations in France, the U.K., and Spain.

In 2024, healthcare providers across the U.S. have been increasingly targeted by cyberattacks, disrupting services and threatening public safety. Notably, McLaren Health Care and Ascension, two major health systems, have faced severe ransomware incidents, and last week, one of the region's only Level 1 trauma centers had to turn away ambulances following a cyberattack.

Read more »
Security
Data Breach Data Safety data security Safety Security

Seattle Port Suffers Data Breach, Rhysida Ransomware Suspected

 

The ransomware attack has significantly disrupted the port's operations, highlighting the challenges that critical infrastructure providers face in the immediate aftermath of a cybersecurity breach. While recovery efforts are ongoing, the impact continues for some areas.

Most affected systems have been restored, but the port's website, internal portals, and the airport's mobile app remain offline. Despite this, officials reported that the majority of flights have adhered to their schedules, and cruise ship operations have remained unaffected.

The port made it clear that it refused to meet the attackers' demands, warning that the hackers may attempt to post stolen data on the dark web. In an update on Friday, the port stated, "The Port of Seattle does not plan to pay the criminals responsible for this cyberattack," said Steve Metruck, the port’s executive director. "Paying them would go against the values of the port and our responsibility to wisely manage taxpayer funds."

Port authorities have confirmed that some data was compromised by the Rhysida group in mid-to-late August. An investigation is ongoing to determine the specific nature of the stolen information, and those affected will be informed as soon as the analysis is complete.

In November 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory regarding the Rhysida group.

Metruck emphasized the port's efforts not only to restore operations but to use the experience to strengthen future security. "We remain committed to building a more resilient port and will share insights from this incident to help safeguard other businesses, critical infrastructure, and the public," he said.
Read more »
Security
Cybersecurity Data Data Breach Data Safety data security Safety Security

Fortinet Confirms Data Breach Involving Limited Number of Customers, Linked to Hacker "Fortibitch"

 

Fortinet has disclosed a data breach impacting a "small number" of its clients after a hacker, using the alias "Fortibitch," leaked 440GB of customer information on BreachForums. The hacker claimed to have accessed the data from an Azure SharePoint site, following the company's refusal to meet a ransom demand. This incident emphasizes the need for companies to secure data stored in third-party cloud services, cybersecurity experts have noted.

In a statement released on September 12, Fortinet reported that the breach involved unauthorized access to files stored on its cloud-based shared file drive. The company did not confirm the exact source of the breach but reassured that the affected data represented less than 0.3% of its over 775,000 customers—approximately 2,300 organizations. Fortinet also stated that no malicious activity had been detected around the compromised data, and no ransomware or data encryption was involved. The company has since implemented protective measures and directly communicated with impacted customers.

Dark Reading noted that the hacker also leaked financial and marketing documents, product information, HR data from India, and some employee records. After unsuccessful attempts to extort the company, the hacker released the data. There was also a mention of Fortinet’s acquisitions of Lacework and NextDLP, as well as references to a Ukrainian threat group, though no direct connections were identified.

This breach highlights the growing risk of cloud data exposure. A recent analysis by Metomic revealed that more than 40% of sensitive files on Google Drive were vulnerable, with many shared publicly or with external email addresses. Experts stress the importance of using multifactor authentication (MFA), limiting employee access, and regularly monitoring cloud environments to detect and mitigate potential security lapses. They also recommend encrypting sensitive data both in transit and at rest, and enforcing zero-trust principles to reduce the risk of unauthorized access.
Read more »
VPNS
Cyber Security Data Safety Security. Safety Testers VPNS

Introducing the "World's Most Private VPN" – Now Open for Testers

 

Virtual Private Network (VPN) is a security tool that encrypts your internet connection and disguises your IP address. This is achieved by rerouting your data through an encrypted tunnel to one of the VPN’s servers.

While the technical details can be complex, using a VPN is straightforward: you select a server location and click connect. NymVPN distinguishes itself from other VPN services by offering users a choice on how their traffic is rerouted.

The Fast mode is designed for everyday online activities like messaging, casual browsing, and streaming. As suggested by its name, this mode prioritizes speed by rerouting traffic through a fully decentralized network utilizing two-hop servers. With upcoming support for WireGuard, users can anticipate even faster connections.

The Anonymous mode is tailored for highly sensitive activities and is what sets NymVPN apart from competitors. In this mode, traffic is routed through five different servers and supplemented with "network noise," making it exceptionally challenging for any third party to intercept the data.

NymVPN’s mix network is inspired by the concept of mix networks introduced by cryptographer David Chaum in the 1980s. The Mixnet approach, independently developed by Chelsea Manning while incarcerated for leaking classified documents to WikiLeaks, employs several strategies to confound data surveillance efforts, including data fragmentation, dummy data packets, timing delays, and data packet shuffling.

“With advancements in AI-driven data analytics, data surveillance capabilities are growing stronger. There’s a need for advanced decentralized networks that can thwart these tracking attempts, not just now but in the future,” explains the provider in a blog post.

NymVPN uses a mix network to disrupt data surveillance by employing techniques such as fragmenting data, adding dummy data packets, introducing timing delays, and shuffling data packets.

When the NymVPN was first launched in its Alpha phase in November, Halpin explained: “AI models are effective at analyzing data by identifying patterns. Our VPN counters this by adding fake traffic, mixing traffic, and scrambling the patterns. In essence, while our service functions like a VPN, it’s essentially an anti-artificial intelligence machine.”

How to Use NymVPN Beta

The NymVPN team is now inviting users to explore the VPN in its beta phase, test its features, and provide feedback.

To start using NymVPN, visit nymvpn.com and enter your email address. You’ll receive a confirmation email shortly; verify your subscription through the link provided.

While you wait, you can download the NymVPN app on your preferred device. The service offers applications for all major operating systems, including Android, iOS, Windows, macOS, and Linux.

Once you have installed the app, you’ll receive an anonymous credential, which you can enter under the "Add Your Credential" section in the NymVPN app's settings. You’re all set to explore and determine if this is truly the most private VPN available.
Read more »
User Privacy
Data Breach Data Safety data security Safety Security User Data User Privacy

National Public Data Breach Exposes Millions: Threat of Identity Theft Looms

 

Data breaches continue to be a persistent issue without a simple solution, as evidenced by the recent breach of the background-check service National Public Data. This incident highlights the escalating dangers and complexity of such breaches. After months of uncertainty, National Public Data has finally confirmed the breach, coinciding with a large amount of stolen data being leaked online.

In April, a hacker known as USDoD started selling a data set on cybercriminal forums for $3.5 million. The data, said to include 2.9 billion records, purportedly affected "the entire population of the USA, CA, and UK." As the weeks passed, samples of the data emerged, with researchers and other actors verifying its authenticity. By early June, it was confirmed that the data contained information like names, emails, and physical addresses.

Although the data's accuracy varies, it appears to consist of two main sets. One contains over 100 million legitimate email addresses along with other personal information. "There appears to have been a data security incident that may have involved some of your personal information," National Public Data announced on Monday. "The incident is believed to have involved a third-party bad actor who attempted to access data in late December 2023, with potential leaks occurring in April 2024 and summer 2024. The breached information includes names, email addresses, phone numbers, Social Security numbers, and mailing addresses."

The company stated it is cooperating with law enforcement and government investigators. National Public Data now faces potential class action lawsuits due to the breach.

"We have become desensitized to the continuous leaks of personal data, but there is a serious risk," says security researcher Jeremiah Fowler, who has been monitoring the National Public Data situation. "It may not be immediate, and it could take years for criminals to figure out how to use this information effectively, but a storm is coming."

When data is stolen from a single source, such as Target, it is relatively easy to trace the source. However, when information is stolen from a data broker and the company does not disclose the incident, it becomes much harder to verify the data's legitimacy and origin. Often, people whose data is compromised are unaware that National Public Data held their information.

Security researcher Troy Hunt noted in a blog post, "The only parties that know the truth are the anonymous threat actors and the data aggregator. We're left with 134M email addresses in public circulation and no clear origin or accountability." Even when a data broker admits to a breach, as National Public Data has, the stolen data may be unreliable and mixed with other datasets. Hunt found many email addresses paired with incorrect personal information, along with numerous duplicates and redundancies.

"There were no email addresses in the Social Security number files," noted Hunt, who operates the website Have I Been Pwned (HIBP). "If you find your email in this data breach via HIBP, there's no evidence your SSN was leaked, and the data next to your record may be incorrect."

For those whose Social Security numbers were included in the breach, the threat of identity theft remains significant. They are forced to freeze their credit, monitor credit reports, and set up financial monitoring services. Notifications about the breach have already been sent out by credit monitoring and threat intelligence services. Although the stolen data is flawed, researchers warn that every data set attackers obtain can fuel scamming, cybercrime, and espionage when combined with other personal data compiled by criminals over the years.

"Each data breach is a puzzle piece, and bad actors and certain nations are collecting this data," Fowler says. "When combined systematically and organized in a searchable way, numerous breaches can provide a complete profile of individual citizens."
Read more »
Vulnerabilities and Exploits
Chrome Data Safety Mozilla Firefox Safety. Security Vulnerabilities and Exploits

18-Year-Old Vulnerability in Firefox and Chrome Actively Exploited in Cyber Attacks

 

A security vulnerability, identified 18 years ago and known as "0.0.0.0 Day," has been discovered to allow malicious websites to bypass security measures in Google Chrome, Mozilla Firefox, and Apple Safari. This vulnerability enables these websites to interact with services on a local network, posing significant risks.

It is important to note that this vulnerability affects only Linux and macOS devices and does not impact Windows systems. On the affected devices, attackers can exploit this flaw to remotely change settings, gain unauthorized access to protected information, and, in some cases, execute remote code. Despite being reported in 2008, this issue remains unresolved in Chrome, Firefox, and Safari, although all three browsers have acknowledged the problem and are working on a fix. Researchers at Oligo Security have observed multiple threat actors exploiting this vulnerability as part of their attack strategies.

The 0.0.0.0 Day vulnerability arises from inconsistent security mechanisms across different browsers and the lack of standardization, which allows public websites to communicate with local network services using the "wildcard" IP address 0.0.0.0. Typically, this IP address represents all IP addresses on the local machine or all network interfaces on the host. It can also be used as a placeholder address in DHCP requests or interpreted as the localhost (127.0.0.1) in local networking. Malicious websites can send HTTP requests to 0.0.0.0 targeting services running on the user's local machine. Due to inconsistent security, these requests are often processed.

Existing protection mechanisms like Cross-Origin Resource Sharing (CORS) and Private Network Access (PNA) fail to prevent this risky activity, according to Oligo. Web browsers typically prevent websites from making requests to third-party sites and using the returned information to protect against malicious websites connecting to other URLs in a visitor's web browser where they may be authenticated, such as online banking portals or email servers.

Unfortunately, the risk isn't just theoretical. Oligo Security has identified several cases where the 0.0.0.0 Day vulnerability is actively exploited. One such case is the ShadowRay campaign, documented last March, targeting AI workloads running locally on developers' machines. The attack begins when a victim clicks on a link that triggers JavaScript to send an HTTP request to 'http://0[.]0[.]0[.]0:8265', typically used by Ray. 

These requests reach the local Ray cluster, leading to scenarios of arbitrary code execution, reverse shells, and configuration alterations. Another campaign targeting Selenium Grid was discovered by Wiz, where attackers use JavaScript on a public domain to send requests to 'http://0[.]0[.]0[.]0:4444.' These requests are routed to the Selenium Grid servers, enabling code execution or network reconnaissance. The "ShellTorch" vulnerability, reported by Oligo in October 2023, involves the TorchServe web panel being bound to the 0.0.0.0 IP address by default, exposing it to malicious requests.

In response to Oligo's disclosure, web browser developers are starting to take action. Google Chrome, the world's most popular web browser, plans to block access to 0.0.0.0 via a gradual rollout from version 128 to version 133. Mozilla Firefox, which does not yet implement PNA, has set the development of this feature as a high priority and has initiated temporary fixes, though no rollout dates have been provided. Apple has implemented additional IP checks on Safari and will block access to 0.0.0.0 in version 18, introduced with macOS Sequoia.

Until browser fixes are fully implemented, Oligo recommends that app developers take the following security measures:

- Implement PNA headers.
- Verify HOST headers to protect against DNS rebinding attacks.
- Do not trust localhost—add authorization, even locally.
- Use HTTPS whenever possible.
- Implement CSRF tokens, even for local apps.

Most importantly, developers should be aware that until these fixes are rolled out, it is still possible for malicious websites to route HTTP requests to internal IP addresses. This security consideration should be kept in mind when developing apps.
Read more »
Vulnerabilities and Exploits
Data Safety data security Hackers Safety Vulnerabilities and Exploits

Hackers Exploit Bytecode Interpreters to Inject Malicious Code

 

Attackers can conceal their efforts to execute malicious code by embedding commands into the machine code stored in memory by software interpreters used in many programming languages, such as VBScript and Python. This technique will be demonstrated by a group of Japanese researchers at next week's Black Hat USA conference.

Interpreters convert human-readable software code into bytecode, which are detailed programming instructions that the underlying virtual machine can understand. The research team managed to insert malicious instructions into the bytecode held in memory before execution. Since most security software does not scan bytecode, their changes went undetected. 

This method could enable attackers to hide their malicious activities from most endpoint security software. Researchers from NTT Security Holdings Corp. and the University of Tokyo will showcase this capability using the VBScript interpreter, says Toshinori Usui, a research scientist at NTT Security. The researchers have confirmed that the technique also works for inserting malicious code into the in-memory processes of both the Python and Lua interpreters.

"Malware often hides its behavior by injecting malicious code into benign processes, but existing injection-type attacks have characteristic behaviors ... which are easily detected by security products," Usui says. "The interpreter does not care about overwriting by a remote process, so we can easily replace generated bytecode with our malicious code — it's that feature we exploit."

While bytecode attacks are not entirely new, they are relatively novel. In 2018, researchers from the University of California at Irvine published a paper introducing bytecode attacks and defenses. Last year, the administrators of the Python Package Index (PyPI) removed a malicious package known as fshec2, which escaped initial detection because its malicious code was compiled as bytecode. Python compiles its bytecode into PYC files, which the Python interpreter can execute.

"This may be the first supply chain attack to leverage the fact that Python bytecode (PYC) files can be directly executed, and it comes amid a spike in malicious submissions to the Python Package Index," Karlo Zanki, a reverse engineer at ReversingLabs, said in a June 2023 analysis of the incident. "If so, it poses yet another supply chain risk going forward, since this type of attack is likely to be missed by most security tools, which only scan Python source code (PY) files."

Beyond Precompiled Malware

After an initial compromise, attackers have several options to extend their control over a targeted system: They can perform reconnaissance, attempt further system compromise using malware, or use existing tools on the system — a strategy known as "living off the land."

The NTT researchers' bytecode attack technique falls into the latter category. Instead of using pre-compiled bytecode files, their attack — called Bytecode Jiu-Jitsu — involves injecting malicious bytecode into the memory space of a running interpreter. Since most security tools do not inspect bytecode in memory, the attack can conceal the malicious commands from detection.

This approach allows attackers to bypass other more obviously malicious steps, such as calling suspicious APIs to create threads, allocating executable memory, and modifying instruction pointers, Usui explains.

"While native code has instructions directly executed by the CPU, bytecode is just data to the CPU and is interpreted and executed by the interpreter," he says. "Therefore, unlike native code, bytecode does not require execution privilege, [and our technique] does not need to prepare a memory region with execution privilege."

Improving Interpreter Defenses

Interpreter developers, security tool developers, and operating system architects can all help mitigate this problem. Although bytecode attacks do not exploit vulnerabilities in interpreters, but rather their method of code execution, certain security measures like pointer checksums could reduce the risk, according to the UC Irvine paper.

The NTT Security researchers noted that checksum defenses would likely be ineffective against their techniques and recommend that developers enforce written protections to mitigate the risk. "The ultimate countermeasure is to restrict the memory write to the interpreter," Usui says.

Presenting a new attack technique aims to show security researchers and defenders what could be possible, not to inform attackers' strategies, Usui emphasizes. "Our goal is not to abuse defensive tactics, but to ultimately be an alarm bell for security researchers around the world," he says.
Read more »
Third Party Data
Authentic Data Cyber Safety Data Safety data security Data Usage Fake Data Technology Third Party Data

Balancing Privacy and Authenticity in the Digital Age

The ubiquitous nature of online platforms has led to an increased risk of privacy breaches and data exploitation. While providing false information can serve as a protective measure against unwanted intrusions, it is essential to discern when such a strategy is appropriate. 

There are specific scenarios where employing fake information can mitigate privacy risks:

  • Advertising Platforms: Many advertising platforms collect user data for targeted advertising. Using fabricated information can reduce exposure to unsolicited advertisements and potentially prevent data breaches.
  • Public Wi-Fi Networks: Public Wi-Fi hotspots are often susceptible to cyberattacks. Providing personal information on these networks can compromise sensitive data.
  • Online Surveys and Quizzes: These platforms frequently harvest user data for marketing purposes. To safeguard personal information, it is advisable to use fictitious details.
  • Online Forums and Communities: While online forums offer a platform for interaction, they also pose risks to privacy. Employing pseudonyms and fake information can protect identity and prevent unwanted contact.
  • Low-Trust E-commerce Platforms: For one-time purchases from less reputable online retailers, particularly those not requiring physical product delivery, providing fake information can minimize data exposure.
  • Free Trial Sign-ups: Many free trial offers require personal information. To avoid subsequent spam and potential data misuse, using fabricated details is recommended.

Essential Platforms Requiring Authentic Information

Despite the benefits of using fake information in certain contexts, it is crucial to provide accurate details on platforms that demand authenticity:

  • Government Websites: Government platforms often require verified personal information for various services and processes.
  • Financial Institutions: Financial platforms, including banks and investment platforms, necessitate accurate information for account management and security purposes.
  • Professional Networking Sites: Professional networking platforms like Linkedin and job application portals require authentic details for professional networking and employment opportunities.
  • Healthcare and Medical Websites: Medical and healthcare platforms necessitate accurate information for diagnosis, treatment, and medical records.

By carefully considering the nature of online platforms and the potential risks involved, individuals can effectively balance privacy protection with the need for authentic information.

Moreoever, while using fake information can offer certain advantages, it is essential to comply with relevant laws and regulations. Misrepresenting oneself can have legal consequences.


Read more »
Spyware
Data Data Safety malware Safety Security Spyware

Report: Spyware Maker's Data Leak Exposes Malware Used on Windows, Mac, Android, and Chromebook Devices

A Minnesota-based spyware company has been hacked, exposing thousands of devices worldwide under its covert surveillance, TechCrunch has learned.

A source familiar with the breach provided TechCrunch with files from the company’s servers, detailing device activity logs from phones, tablets, and computers monitored by Spytech. Some files date back to early June. TechCrunch confirmed the authenticity of the data by analyzing logs, including those from the company's CEO, who installed the spyware on his own device.

The leaked data reveals that Spytech's software, including Realtime-Spy and SpyAgent, has compromised over 10,000 devices since 2013. These include Android devices, Chromebooks, Macs, and Windows PCs globally.

Spytech is the latest in a series of spyware makers hacked in recent years, being the fourth this year alone, according to TechCrunch.

When contacted, Spytech CEO Nathan Polencheck stated that TechCrunch's email was the first he had heard of the breach and that he was investigating the situation.

Spytech produces remote access applications, often labeled as "stalkerware," marketed for parental control but also advertised for spousal surveillance. Monitoring activities of children or employees is legal, but unauthorized monitoring of a device is illegal, leading to prosecutions for both spyware sellers and users.

Stalkerware apps are typically installed by someone with physical access to the device and can remain hidden and difficult to detect. These apps transmit keystrokes, browsing history, device activity, and, for Android devices, location data to a dashboard controlled by the installer.

The breached data seen by TechCrunch includes activity logs for all devices under Spytech's control, mostly Windows PCs, with fewer Android devices, Macs, and Chromebooks. The logs were not encrypted.

TechCrunch analyzed location data from compromised Android phones and mapped the coordinates offline to protect victims' privacy. The data indicates Spytech's spyware monitors devices primarily in Europe and the United States, with other clusters in Africa, Asia, Australia, and the Middle East.

One record linked to Polencheck's administrator account includes the geolocation of his residence in Red Wing, Minnesota.

While the data contains sensitive information from individuals unaware their devices are monitored, there isn't enough identifiable information for TechCrunch to notify victims of the breach. Spytech’s CEO did not comment on whether the company plans to notify its customers or authorities as required by law.

Spytech has operated since at least 1998, remaining largely unnoticed until 2009, when an Ohio man was convicted of using its spyware to infect a children's hospital's systems, targeting his ex-partner's email. The spyware collected sensitive health information, leading to the sender's guilty plea for illegal interception of communications.

Recently, Spytech is the second U.S.-based spyware company to experience a data breach. In May, Michigan-based pcTattletale was hacked, leading to its shutdown and deletion of victim data without notifying affected individuals. Data breach notification service Have I Been Pwned later listed 138,000 pcTattletale customers as having signed up for the service.
Read more »
Third Party Data
Data Breach Data Leak Data Safety data security Safety Security Third Party Data

Hacker Alleges Theft of Piramal Group’s Employee Data; Company Denies Breach as "Erroneous and Misleading"

 


Recent reports have suggested that employee data belonging to Piramal Group, including names and email addresses of both current and former staff members, may have been compromised and offered for sale on the dark web. These allegations have understandably raised concerns regarding the security of sensitive information within the organization. 

However, Piramal Group has firmly denied any breach, attributing the purported data leak to a third-party platform. The Indian government's Computer Emergency Response Team (CERT-In) was also notified of the situation and has confirmed that there was no compromise in Piramal Group's systems.

The controversy arose when a hacker reportedly posted a small portion of the stolen data on a prominent cybercrime forum last week. The publication that brought this issue to light claims to have accessed a larger sample of data from the alleged hacker and validated it using a job listing portal. This development has highlighted the importance of robust data security measures and has led to widespread speculation about the integrity of Piramal Group's systems.

In response to these allegations, a spokesperson for Piramal Group provided a detailed statement to the Times of India, emphasizing, "As mentioned earlier, we can confirm that there has been no data breach at Piramal Group.The suspicious activity on the dark web was evaluated and confirmed by our cybersecurity team as a false claim.

As per our investigation, the sample data shared is not Piramal Organization data and has no relevance to us. On further investigation we have also found that the information in question seems to have originated from a third-party platform, Mailinator and not any of the systems at Piramal. Mailinator is not associated with Piramal Group in any form

We have also shared the same feedback with regulatory authority, CERT IN and kept them informed.

We reiterate that there has been no breach of our data and any assertion to this effect is erroneous and misleading."

The detailed response from Piramal Group underscores their commitment to data security and transparency. As the investigation continues, the company remains vigilant in protecting the personal information of its employees and upholding the trust placed in them by their stakeholders.
Read more »
VPN
Cyber Security Data Safety IP Address User Privacy VPN

Here's How to Change IP Address Without VPN

 

The internet is becoming an increasingly important aspect of people's lives since it allows them to perform an array of activities with minimal effort. However, it is also becoming a more dangerous place, as many hackers harm you by breaking into your servers and networks and stealing your private data. Hiding or changing your IP address is one way to secure your online activity. In this article, we'll go over how to change it without a VPN and why you should use one. 

What is an IP address? 

IP addresses, often known as "internet protocol," are a string of digits that help identify the network that each individual is using. They will let you send and receive data across a network. They normally include a lot of data on your online activities, location, and data. They are an important aspect of the internet and how it functions. 

However, because it contains a large amount of private information about internet users, it can lead to a variety of issues and cybercrimes, which is why remaining safe and protected is critical, and one way to do so is to change your IP address, with or without a VPN. 

You may be wondering how you can change your IP address without using a VPN. That is possible, and to assist you change it so that you stay safe and keep your data secure, here are multiple ways to change IP address without VPN: 

Change your network: This is the most obvious and straightforward approach to change your IP address. Changing your network and using a new one will instantly generate you a new IP address. 

Tor Browser: When you use the Tor browser, nodes conceal your IP address when you connect to any network. The nodes will change every time you use them. That ensures your privacy as well. 

Disconnect the modem: If you unplug your modem for a few hours, you can get a new IP address when you turn it back on. 

Proxy server: Depending on the server you connect to, a proxy will mask and disguise your IP address before assigning a new one. 

Your internet service provider might be able to modify your IP address for you if you request it and provide an appropriate reason.
Read more »
Vulnerabilities and Exploits
Account security Account Takeover BreachForums Dark Web Data Safety GitHub NPM Vulnerabilities and Exploits

Critical npm Account Takeover Vulnerability Sold on Dark Web

 

A cybercriminal known as Alderson1337 has emerged on BreachForums, offering a critical exploit targeting npm accounts. This vulnerability poses a significant threat to npm, a crucial package manager for JavaScript managed by npm, Inc., a subsidiary of GitHub. Alderson1337 claims this exploit can enable attackers to hijack npm accounts linked to specific employees within organizations. 

The method involves embedding undetectable backdoors into npm packages used by these employees, potentially compromising numerous devices upon updates. This exploit could have widespread implications for organizational security. Instead of sharing a proof of concept (PoC) publicly, Alderson1337 has invited interested buyers to contact him privately, aiming to maintain the exploit’s confidentiality and exclusivity. If executed successfully, this npm exploit could inject backdoors into npm packages, leading to extensive device compromise. 

However, npm has not yet issued an official statement, leaving the claims unverified. The incident primarily impacts npm Inc., with npmjs.com being the related website. While the potential repercussions are global, the specific industry impact remains undefined. Account takeover (ATO) vulnerabilities represent severe risks where cybercriminals gain unauthorized access to online accounts by exploiting stolen credentials. These credentials are often obtained through social engineering, data breaches, or phishing attacks. 

Once acquired, attackers use automated bots to test these credentials across various platforms, including travel, retail, finance, eCommerce, and social media sites. Users’ reluctance to update passwords and reusing them across different platforms increase the risk of credential stuffing and brute force attacks. Such practices allow attackers to access accounts, potentially leading to identity theft, financial fraud, or misuse of personal information. To mitigate ATO attack risks, experts recommend adopting strong password management practices, including using unique, complex passwords for each account and enabling two-factor authentication (2FA) wherever possible. Regular monitoring for unauthorized account activities and promptly responding to suspicious login attempts are also crucial for maintaining account security. 

While Alderson1337’s claims await verification, this incident underscores the ongoing challenges posed by account takeover vulnerabilities in today’s interconnected digital landscape. Vigilance and collaboration across the cybersecurity community are essential to mitigating these threats and preserving the integrity of online platforms and services.
Read more »
User Privacy
Data Breach Data Safety Illegal spying Law Enforcement United States User Privacy

Law Enforcement is Spying on Thousands of U.S. Citizens' Mail

 

The Washington Post reported on Monday that federal law enforcement authorities have long received information about certain Americans' mail via a little-known U.S. Postal Service operation known as the "mail covers program.” While officials argue that the program is solely used to investigate criminal activities, it appears to be widely used, with some Americans claiming to have been targeted by the program despite having done nothing unlawful. 

The mail covers program prevents outside agencies from opening a person's mail, but it does allow them to look at the information printed on the outside of letters and packages. According to a previously leaked program document, a "mail cover" is an "investigative tool employed to record data appearing on the outside of a mailpiece." For obvious reasons, this could still provide quite a lot of information regarding an individual under surveillance. 

The FBI, IRS, Department of Homeland Security, and the Postal Service's own investigative department, the United States Postal Inspection Service, have all requested information. However, the Washington Post claims that "state and local police forces" have also used the program. The good news for investigators—and the bad news for the rest of us—is that accessing the contents of the mail label is not subject to a judge's approval or a court order.

How often is the program used? The answer is quite a lot. A recent audit of the program revealed that the Post Office authorised more than 158,000 information requests over a four-year period. Meanwhile, recent information provided to legislators who were intrigued about the programme revealed that police agencies made "an average of about 6,700 requests per year," the Post writes. Those same legislators, including Ron Wyden (D-Ore.) and Elizabeth Warren (D-Mass.), have taken it upon themselves to ask for further transparency and better controls on the program. 

The program pales in comparison to another well-known mail-tracking program, Mail Isolation Control and Tracking, which is believed to photograph the exteriors of every item of mail that passes through the United States Postal Service. This program is allegedly designed for routing and organisation, but it can also be utilised for law enforcement purposes.
Read more »
Sp1d3r
Cyber Attacks CyberCrime Cybersecurity CyberThreat Data hack Data Safety Food Giand Microsoft Sp1d3r

Fast Food Giant Jollibee Suffers Major Cyberattack, 32 Million Affected

 


Jollibee Foods Corp., a fast-food company specializing in Filipino fare, is investigating a report of a data breach in its delivery service system, adding its name to a growing list of companies which have been targeted by hackers in recent years. Earlier today, Jollibee sent us a statement informing us that “a cybersecurity incident” had reportedly affected the company, “along with other companies.” 

The company stated in the statement that they had addressed the incident. A massive data breach has allegedly taken place at the Philippine fast-food chain, Jollibee. On June 20, 2024, an actor claimed responsibility for breaching the systems of Jollibee Foods Corporation, causing the Jollibee cyberattack to become known. Known as "Sp1d3r", the notorious attacker claimed that he was able to obtain the sensitive data of 32 million customers of a fast food chain and offered to sell the database for $40,000. 

An archive that was sold by an actor under the alias "Sp1d3r" has been found on Deep Web Konek. According to the archive, the data contains sensitive information on 32 million Jollibee customers, including their full names, mailing addresses, phone numbers, and e-mail addresses, among other things. A cybercriminal account known as “Sp1d3r” was posted on the BreachForums network on June 1, 2012, claiming that they had stolen the sensitive personal data of over 190 million people from QuoteWizard. 

According to the alleged database, the data included customer details, partial credit card numbers insurance quotes, and other personal information. The same threat actor also affected Advance Auto Parts, Inc., another American automobile aftermarket component supplier. Using the name Sp1d3r, the attacker claimed that three terabytes of customer information were stolen from Snowflake, a cloud storage service that the company used, and then sold it for $15 million to the company. 

Moreover, Sp1d3r is selling “extensive records” of food delivery orders, sales transactions, and service details, as indicated in its report. According to the company, the cyberattack may result in damages of up to $3 million. According to the company's response, it is currently actively investigating the incident, and response protocols have been deployed. However, they did not confirm the breach or the theft of data, nor did they deny it. Several big companies in the Philippines have been breached, including Maxicare, Jollibee Foods Corporation, and the Maritime Industry Authority (Marina), which exposed the personal information of their customers in an attempt to evade taxes. 

A data breach at Maxcare on June 19, which exposed the personal information of 13,000 members of the company, less than one per cent of its entire membership base, was confirmed by the company on June 19. As stated on its website, the firm consists of 20,000 physicians and specialists who are attached to over 1,300 hospitals, clinics, dental clinics, 140 rehabilitation centres, dialysis centres, and eye clinics, which serve as a platform for research. 

In the last few months, the company has grown to include over 1.8 million members across the country, from the corporate sector to small and medium-sized companies to the individual and family segments. It is believed that the exposed records belong to those who utilized Lab@Home, a third-party booking platform for home care providers. According to the threat actor, he had carried out a cyberattack and obtained access to 32 million customer information, such as names, addresses, phone numbers, emails, and hashed passwords, in a cyberattack. 

In addition, the hacker is also suspected of exfiltrating 600 million rows of data related to food delivery, sales orders, transactions, customer details, and other details regarding service providers. There is evidence supporting these claims provided in the TA through a sample of the data formatted in tabular format, which can be opened up using spreadsheet applications such as Microsoft Excel or Google Sheets. Although there are still a lot of questions surrounding the exact details of the alleged data breach, it is evident that the potential consequences of this breach are grave. 

Also, Deep Web Konek made known information regarding a data breach that allegedly occurred at the Philippines’ largest fast food chain, Jollibee Foods Corporation, and was disclosed by the group. A certain amount of data including the names and addresses of 32 million customers as well as 650 million records related to Jollibee's food delivery operations could have been exposed, according to the group. Among the data that has been compromised is reportedly sensitive information such as name, address, phone number, and e-mail address of the customers, along with hashed passwords. In addition, a vast number of records were exposed regarding delivery orders for food, transactions for sales and details concerning services. 

A report from the Cyber Security Information and Analysis Group said that the exposed data spans multiple tables, indicating a comprehensive and deep breach of Jollibee's systems. It has not been announced what the consequences of the breach will be Jollibee yet. The maritime industry authority of the Philippines reported on June 16 that, as a result of an attack and compromise of four of its web-based systems, the authority has been compromised. 

As a result, Marina said that it immediately dispatched officials and employees to its centre to put in place measures to ensure that the integrity of the system is maintained and protected. There is no doubt that Jollibee is investigating the claims made by "Sp1d3r". However, the threat actor has been implicated in several recent data breaches, including attacks on several customers of Snowflake, which is one of the most popular cloud data storage vendors. 

Jollibee's cyber attack is a stark reminder of the vulnerability of the digital world, where even the most successful and established businesses are susceptible to cyberattacks from notorious hackers, who may even become the perpetrators themselves. Customers must remain vigilant and follow any further guidance provided by Jollibee and cybersecurity experts as this may lead to further security breaches.
Read more »
Third Party Access Audit
Corporate data Cyber Security Cyberattacks CyberCrime Data Safety Third Party Access Audit

Securing Corporate Data: The Crucial Role of Third-Party Access Audits

 


Organizations' data and systems can be compromised by seemingly benign entities—third-party contractors, vendors, and outsourced service providers—when those entities are seemingly innocent. External entities that perform these tasks must have access to sensitive data and systems. However, improper management of these access rights often results in data breaches and other security incidents when they are not properly managed. 

According to a Security Scorecard study (via Security magazine) published in February 2024, third parties pose a continuing security risk to organizations. According to the report, 98% of all companies have been compromised by a third party, and 29% of all breaches have been attributed to third-party attacks. Consequently, organizations should consider implementing efficient and effective third-party risk management strategies to safeguard their assets from the threat of external threats. 

Keeping an organization's security, compliance, and operational concerns in mind is essential when it comes to auditing the access rights of external vendors and contractors. In addition to protecting data integrity, confidentiality, and availability, it also serves multiple other important functions within an organization. Security Posture Enhanced by Auditor: Audits ensure that only authorized third parties can access sensitive systems, and as a result, security incidents can be prevented by monitoring activity for abnormal behaviour. Data Access Control over data access is part of several compliance standards across regulated industries. 

By conducting regular third-party access audits, companies can ensure compliance with regulations such as GDPR, HIPAA, and SOX, document access specifics, and prevent potential legal and financial repercussions. To ensure the continuity of business, organizations need to enforce access controls that align with the roles of third parties to prevent unauthorized changes or disruptions that may hurt their operations. Critical systems will benefit from this approach in terms of operational integrity. 

Third-Party Access Auditing: Third-party access auditing helps prevent the risk of security breaches and privacy incidents, which could result in significant financial losses, legal fees, and fines in the future due to remediation costs and legal fees. In addition to protecting their data, organizations can protect their financial health from the negative impacts of data breaches by proactively managing and auditing third-party access. It is important to maintain stakeholder trust and reputation by conducting regular audits that demonstrate users' commitment to data security, which in turn strengthens stakeholder trust. The process assists in preventing breaches of customer trust, which can result in loss of customer trust as well as damage to users' reputations, thereby fostering long-term customer relationships. 

There is a potential risk associated with third-party access, which is why organizations need to manage and audit these permissions continuously. This article will provide users with five key steps they can follow to effectively audit their third-party access. Identify and catalogue third-party accounts by identifying and cataloguing them. Users' enterprise resource planning (ERP) systems could contain vendor accounts, while their project management tools may contain contractor accounts. The need to list these accounts, describe their access levels, and make clear the data or systems they can interact with is extremely important. 

Check the scope of access, and ensure that it is necessary. This involves reviewing the third party's roles and responsibilities concerning the scope of access. There must be no more access granted to third parties than is necessary to fulfil their contractual obligations and they should follow the principle of least privilege. It is vital to understand how third-party entities manage employee lifecycles. Engage with these entities to learn, in particular, how they manage the creation, modification, and termination of access rights. Having an audit trail is imperative because a mistake in deactivating the access of an ex-employee could result in unauthorized access and potential security breaches. 

Establish a regular audit trail. Invest in implementing a system that will audit the access of third parties regularly, such as a platform for identity governance and administration. It involves logging all access events as well as reviewing these logs to detect any unauthorized or abnormal patterns of access. It is important to determine how frequently these audits should be conducted based on the sensitivity of the information being accessed and the history of the third party. The third-party access policy should be integrated into the overall security policy of users' organizations. 

For a firm's security policy to function effectively, third-party access controls and auditing also need to become a standard part of it. Using this policy control, users can ensure that any access granted to third parties is subject to the same security measures and scrutiny as any access granted to internal users. Access by third parties raises several red flags Organizations must keep an eye out for certain warning signs that may indicate that third-party access rights are being misused or mismanaged. The use of generic email accounts or shared log-ins should be avoided by third parties. 

This can cause challenges in attributing actions to specific users since a generic email address or shared login allows them to use multiple accounts. Accessing data unexpectedly during unusual hours, accessing data unexpectedly or making too many attempts to log in can all be indicators that the account of a third party has been compromised. Offboarding Processes Lack: Make sure that there are processes in place that will make sure not only that new third-party access is obtained, but that these third-party access processes will make sure it is effectively offboarded when the contract expires or changes. 

A third-party attack poses a significant risk that is often overlooked until it leads to a breach of the security system. To mitigate this risk, organizations can rely on robust auditing practices to ensure that they are handling it correctly. It is not just about protecting sensitive data, it is also about maintaining the integrity of the IT environment and maintaining customers' and stakeholders' trust in it, as well as ensuring that data is kept confidential. Achieving and managing third-party access is imperative for businesses today. It is both a security measure and an imperative for business operations.
Read more »
OnStar Smart Driver
Automobile Car Data Cyber Security Data Brokers data misuse Data Privacy Data Safety Data Stolen EFF GPS OnStar Smart Driver

The Hidden Cost of Connected Cars: Your Driving Data and Insurance

 

Driving to a weekend getaway or a doctor's appointment leaves more than just a memory; it leaves a data trail. Modern cars equipped with internet capabilities, GPS tracking, or services like OnStar, capture your driving history. This data is not just stored—it can be sold to your insurance company. A recent report highlighted how ordinary driving activities generate a data footprint that can be sold to insurers. These data collections often occur through "safe driving" programs installed in your vehicle or connected car apps. Real-time tracking usually begins when you download an app or agree to terms on your car's dashboard screen. 

Car technology has evolved significantly since General Motors introduced OnStar in 1996. From mobile data enhancing navigation to telematics in the 2010s, today’s cars are more connected than ever. This connectivity offers benefits like emergency alerts, maintenance notifications, and software updates. By 2030, it's predicted that over 95% of new cars will have some form of internet connectivity. Manufacturers like General Motors, Kia, Subaru, and Mitsubishi offer services that collect and share your driving data with insurance companies. Insurers purchase this data to analyze your driving habits, influencing your "risk score" and potentially increasing your premiums. 

One example is the OnStar Smart Driver program, which collects data and sends it to manufacturers who then sell it to data brokers. These brokers resell the data to various buyers, including insurance companies. Following a critical report, General Motors announced it would stop sharing data with these brokers. Consumers often unknowingly consent to this data collection. Salespeople at dealerships may enroll customers without clear consent, motivated by bonuses. The lengthy and complex “terms and conditions” disclosures further obscure the process, making it hard for consumers to understand what they're agreeing to. Even diligent readers struggle to grasp the full extent of data collection. 

This situation leaves consumers under constant surveillance, with their driving data monetized without their explicit consent. This extends beyond driving, impacting various aspects of daily life. To address these privacy concerns, the Electronic Frontier Foundation (EFF) advocates for comprehensive data privacy legislation with strong data minimization rules and clear, opt-in consent requirements. Such legislation would ensure that only necessary data is collected to provide requested services. For example, while location data might be needed for emergency assistance, additional data should not be collected or sold. 

Consumers need to be aware of how their data is processed and have control over it. Opt-in consent rules are crucial, requiring companies to obtain informed and voluntary permission before processing any data. This consent must be clear and not hidden in lengthy, jargon-filled terms. Currently, consumers often do not control or even know who accesses their data. This lack of transparency and control highlights the need for stronger privacy protections. By enforcing opt-in consent and data minimization, we can better safeguard personal data and maintain privacy.
Read more »
Technology
Apple CyberCrime Cybersecurity Cyberthreats Cyerattacks Data Safety iPhones Meta NVIDIA Technology

Nvidia Climbs to Second Place in Global Market Value, Surpassing Apple

 


This month, Nvidia has achieved a historic achievement by overtaking Apple to become the world's second most valuable company, a feat that has only been possible because of the overwhelming demand for its advanced chips that are used to handle artificial intelligence tasks. A staggering $1.8 trillion has been added to the market value of the Santa Clara, California-based company's shares over the past year, increasing its market value by a staggering 147% this year. 

Nvidia has achieved a market capitalisation of over $3 trillion as a result of this surge, becoming the first semiconductor company to achieve this milestone. The value of Nvidia's shares has skyrocketed over the past few years, making it the second most valuable company in the world and larger than Apple, thanks to its surge in value. As a consequence of the excitement regarding artificial intelligence, which is largely based on Nvidia chips, the company has seen its shares rise dramatically over the past few years.

The popularity of the company has resulted in it becoming the largest company in Silicon Valley, which has led it to replace Apple, which has seen its share price fall due to concerns regarding iPhone sales in China and other concerns. Several weeks from now, Nvidia will be split ten times for ten shares, a move that could greatly increase the appeal of its stock to investors on a personal level. Nvidia’s surge over Apple’s market value signals a shift in Silicon Valley, where the co-founded company by Steve Jobs has dominated the field since the iPhone was launched in 2007. While Apple gained 0.78 per cent, the world’s most valuable company, Microsoft gained 1.91 per cent in value. 

As a result of the company’s graphics processing units fuelling a boom in artificial intelligence (AI), Nvidia’s rally continues an extraordinary streak of gains for the company. There has been a 260 per cent increase in revenue for the company in recent years, as tech titans such as Microsoft, Meta, Google, and Amazon race to implement artificial intelligence. 

Last month, Nvidia announced a 10-for-1 stock split as a way of making stock ownership more accessible to employees and investors. In the first half of this year, Nvidia shares have more than doubled in value after almost tripling in value in 2023. With the implementation of the split on Friday, the company will be able to appeal to a larger number of small-time investors, as the company's shares will become even more attractive. 

As a consequence of Microsoft, Meta Platforms, and Alphabet, all of these major tech companies are eager to enhance their artificial intelligence capabilities, which is why Nvidia's stock price has surged 147% in 2024. According to recent revenue estimates, the company's stock has gained close to $150 million in market capitalisation in one day, which is more than the entire market capitalization of AT&T. As well as a 4.5% increase in the PHLX chip index, many companies have benefited from the current optimism surrounding artificial intelligence, including Super Micro Computer, which builds AI-optimized servers using Nvidia chips. 

During his visit to the Computex tech fair in Taiwan, former Taipei resident Jensen Huang, chairman & CEO of Nvidia, received extensive media coverage that highlighted both his influence on the company's growing importance as well as his association with the event. Compared to Apple, there are challenges facing Apple due to weak demand for iPhones in China and stiff competition from its Chinese competitors. According to some analysts, Apple misses out on incorporating AI features compared to other tech giants because the company has been so slow in incorporating them. 

According to LSEG data, Nvidia's stock trades today at 39 times expected earnings, but the stock is still considered less expensive than a year ago, when the stock traded at more than 70 times expected earnings, indicating it's less expensive than it used to be.
Read more »
Subscribe to: Posts (Atom)