Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital Security. Show all posts
karnataka
CISO Cyber Crime Digital Security karnataka

Karnataka Sets Up India’s First Cyber Command Centre to Tackle Online Crimes

 


Karnataka has taken a big step to fight the rising number of online crimes. It has launched the country’s first Cyber Command Centre. This new centre will handle all matters related to cyber safety and crime under one roof. It aims to respond faster and more effectively to online threats.

The number of cybercrime cases in the state has grown a lot in the past three years. In 2022, about 18,000 cases were reported. That number rose to 22,000 in 2023 and around 23,000 in 2024. In total, Karnataka has seen over 60,000 cybercrime cases in just three years. Officials say that 20% of all cybercrime cases in India are reported from this state.

These cases include many serious issues. Some examples are online scams, hacking, blackmail, cyberstalking, fake news, and financial fraud. Crimes targeting women and children have also increased. Criminals are using fake profiles, deepfakes, and other tricks to fool people and steal their money or personal data.

A senior officer explained that many of these crimes are hard to solve. Very few cases are taken to court, and almost none end in punishment. There is also concern that many investigating officers do not have the right training to deal with high-tech crimes. To fix this, the new command centre will provide special training for both police and legal teams.

The new command will also focus on protecting the state’s digital systems. A major hacking incident recently affected the Kaveri 2.0 portal, which is used for property records. This caused major delays and losses for the state government. Officials say such incidents show how important it is to secure public digital platforms.

The officer leading this new centre is Pronab Mohanty. He is already in charge of internal security and cybercrime for the state. Now, all 45 cyber police stations in Karnataka will report directly to him. This central system is expected to improve coordination and case tracking.

The officer will also serve as the Chief Information Security Officer, or CISO, for Karnataka. That means he will look after both investigations and the security of government digital systems.

The goal of the Cyber Command Centre is not just to track and stop cybercriminals, but to make sure they face legal action. Officials believe that stronger action and more convictions will help create fear among those involved in online crimes.

This new setup could become a model for other states to follow. As cybercrime spreads its rampant growth across India, Karnataka’s decision to create a single, expert-led team could lead the way for better digital safety in the country.


Read more »
Technology
BitcoinOS Crypto Digital Security Innovation Technology

BitcoinOS to Introduce Alpha Mainnet for Digital Ownership Platform

 

BitcoinOS and Sovryn founder Edan Yago is creating a mechanism to turn Bitcoin into a digital ownership platform. Growing up in South Africa and coming from a family of Holocaust survivors, Yago's early experiences sneaking gold coins out of the nation between the ages of nine and eleven influenced his opinion that having financial independence is crucial for both human dignity and survival. 

"Money is power, and power is freedom," Yago explains. "Controlling people's access to capital means controlling their freedom. That's why property rights are critical. This conviction drives his work on BitcoinOS, which seeks to establish a foundation for digital property rights independent of governments or companies. 

Yago sees technology as the fundamental cause of societal transformation. He argues that the Industrial Revolution made slavery economically unviable, not a sudden moral awakening. However, he warns that technology needs direction, referencing how the internet morphed from a promise of decentralisation to a system dominated by industry titans.

When Yago uncovered Bitcoin in 2011, he saw it as "the missing piece" of digital property rights. Bitcoin introduced a decentralised ledger for ownership records, while Ethereum added smart contracts for decentralised computing, but both have size and efficiency restrictions.

BitcoinOS addresses these issues with zero-knowledge proofs, which enable computations to be confirmed without running on every node. "Instead of putting everything on a blockchain, we only store the proof that a computation happened correctly," Yago tells me. This technique can allow Bitcoin to support numerous types of property, including: real estate, stocks , digital identities, and other assets in Bitcoin's global ledger.

Yago characterises the cryptocurrency business as being in its "teenage years," but believes it will mature over the next decade. His vision goes beyond Bitcoin to embrace digital sovereignty and encryption as ways to better safeguard rights than traditional legal systems. 

BitcoinOS plans to launch its alpha mainnet in the coming months. Yago is optimistic about the project's potential: "We're creating property rights for the digital age." When you comprehend that, everything else comes into place." 

The quest for Bitcoin-based solutions coincides with increased institutional usage. BlackRock, the world's largest asset management, has recently launched its first Bitcoin exchange-traded product in Europe, which is now available on platforms in Paris, Amsterdam, and Frankfurt. This follows BlackRock's success in the United States, where it raised more than $50 billion for similar products.
Read more »
Ransomware attack
Cyber Security Cybersecurity Digital Security free file converter risks Identity Theft malware protection Online Safety Ransomware attack

FBI Warns Against Free Online File Converters as Potential Cybersecurity Threats

 

Free online file converters have become a popular choice for users looking to convert files into different formats. Whether transforming a PDF into a Word document or switching between media formats, these tools offer convenience with just a few clicks. However, the FBI has issued a warning about the hidden dangers associated with such services.

Despite their ease of use, free file conversion tools may serve as a gateway for malware, potentially compromising users’ sensitive data. According to TechRadar, the FBI has identified certain converters that embed malicious software into the converted files. This malware can infect the user's system, allowing hackers to steal personal and financial information undetected.

Once installed, malware can extract crucial data, including:
  • Full names and home addresses
  • Social Security numbers
  • Banking and financial details
  • Cryptocurrency wallets and access keys
The stolen information is often exploited for identity theft, financial fraud, and other cybercrimes. In some cases, hackers deploy ransomware, which locks victims out of their own systems and demands a hefty ransom for data recovery.

Ransomware attacks have surged, affecting both businesses and individuals. When malware encrypts files, victims face a difficult choice—either pay the ransom or lose access to critical data. The FBI emphasizes that these threats are not limited to corporations; everyday internet users relying on free online tools are also at risk. A report from Cisco Talos highlights ransomware as one of the most significant security threats in recent years.

Mark Michalek, FBI Denver Special Agent in Charge, advises that awareness and education are the best defenses against malware attacks. To minimize risks, users should follow these cybersecurity best practices:
  • Use trusted sources – Only download or use file conversion tools from reputable websites and developers.
  • Keep security software updated – Install and regularly update antivirus and anti-malware programs to detect potential threats.
  • Avoid suspicious links and attachments – Do not open files or click on links from unknown sources.
  • Maintain data backups – Regularly back up important files to prevent data loss in case of an attack.

If you suspect that malware has been installed through a file converter, take immediate action:
  • Disconnect from the internet to prevent further data compromise.
  • Run a full system scan using reputable antivirus software to detect and remove malicious files.
  • Report the incident to law enforcement to document the attack and seek assistance.
While free online file converters provide convenience, they also pose significant cybersecurity risks. Users must remain vigilant and prioritize safety when handling digital files. By adopting precautionary measures and staying informed, individuals can protect their sensitive data from cyber threats.
Read more »
Government surveillance
Cyber Security Data Privacy Digital Security Encryption End-to-End Encryption Government surveillance

Encryption Under Siege: A New Wave of Attacks Intensifies

 

Over the past decade, encrypted communication has become a standard for billions worldwide. Platforms like Signal, iMessage, and WhatsApp use default end-to-end encryption, ensuring user privacy. Despite widespread adoption, governments continue pushing for greater access, threatening encryption’s integrity.

Recently, authorities in the UK, France, and Sweden have introduced policies that could weaken encryption, adding to EU and Indian regulatory measures that challenge privacy. Meanwhile, US intelligence agencies, previously critical of encryption, now advocate for its use after major cybersecurity breaches. The shift follows an incident where the China-backed hacking group Salt Typhoon infiltrated US telecom networks. Simultaneously, the second Trump administration is expanding surveillance of undocumented migrants and reassessing intelligence-sharing agreements.

“The trend is bleak,” says Carmela Troncoso, privacy and cryptography researcher at the Max-Planck Institute for Security and Privacy. “New policies are emerging that undermine encryption.”

Law enforcement argues encryption obstructs criminal investigations, leading governments to demand backdoor access to encrypted platforms. Experts warn such access could be exploited by malicious actors, jeopardizing security. Apple, for example, recently withdrew its encrypted iCloud backup system from the UK after receiving a secret government order. The company’s compliance would require creating a backdoor, a move expected to be challenged in court on March 14. Similarly, Sweden is considering laws requiring messaging services like Signal and WhatsApp to retain message copies for law enforcement access, prompting Signal to threaten market exit.

“Some democracies are reverting to crude approaches to circumvent encryption,” says Callum Voge, director of governmental affairs at the Internet Society.

A growing concern is client-side scanning, a technology that scans messages on users’ devices before encryption. While presented as a compromise, experts argue it introduces vulnerabilities. The EU has debated its implementation for years, with some member states advocating stronger encryption while others push for increased surveillance. Apple abandoned a similar initiative after warning that scanning for one type of content could pave the way for mass surveillance.

“Europe is divided, with some countries strongly in favor of scanning and others strongly against it,” says Voge.

Another pressing threat is the potential banning of encrypted services. Russia blocked Signal in 2024, while India’s legal battle with WhatsApp could force the platform to abandon encryption or exit the market. The country has already prohibited multiple VPN services, further limiting digital privacy options.

Despite mounting threats, pro-encryption responses have emerged. The US Cybersecurity and Infrastructure Security Agency and the FBI have urged encrypted communication use following recent cybersecurity breaches. Sweden’s armed forces also endorse Signal for unclassified communications, recognizing its security benefits.

With the UK’s March 14 legal proceedings over Apple’s backdoor request approaching, US senators and privacy organizations are demanding greater transparency. UK civil rights groups are challenging the confidential nature of such surveillance orders.

“The UK government may have come for Apple today, but tomorrow it could be Google, Microsoft, or even your VPN provider,” warns Privacy International.

Encryption remains fundamental to human rights, safeguarding free speech, secure communication, and data privacy. “Encryption is crucial because it enables a full spectrum of human rights,” says Namrata Maheshwari of Access Now. “It supports privacy, freedom of expression, organization, and association.”

As governments push for greater surveillance, the fight for encryption and privacy continues, shaping the future of digital security worldwide.


Read more »
Password Manager
Credentials cyber attack Cybersecurity Digital Security Hacking Infostealer malware MFA Password Manager

Cybercriminals Intensify Attacks on Password Managers

 

Cybercriminals are increasingly setting their sights on password managers as a way to infiltrate critical digital accounts.

According to Picus Security’s Red Report 2025, which analyzed over a million malware samples from the past year, a quarter (25%) of all malware now targets credentials stored in password managers. Researchers noted that this marks a threefold surge compared to the previous year.

“For the first time ever, stealing credentials from password stores is in the top 10 techniques listed in the MITRE ATT&CK Framework,” they said. “The report reveals that these top 10 techniques accounted for 9Beyond the growing frequency of attacks, hackers are also deploying more advanced techniques. 3% of all malicious actions in 2024.”

Advanced Hacking Techniques

Dr. Suleyman Ozarslan, co-founder and VP of Picus Labs, revealed that cybercriminals use sophisticated methods like memory scraping, registry harvesting, and breaching both local and cloud-based password stores to extract credentials.

To counter this rising threat, Ozarslan emphasized the importance of using password managers alongside multi-factor authentication (MFA). He also warned against password reuse, particularly for password.

Beyond the growing frequency of attacks, hackers are also deploying more advanced techniques. Picus Security highlighted that modern cybercriminals are now favoring long-term, multi-stage attacks that leverage a new generation of malware. These advanced infostealers are designed for stealth, persistence, and automation.

Researchers compared this evolution in cyber threats to “the perfect heist,” noting that most malware samples execute over a dozen malicious actions to bypass security defenses, escalate privileges, and exfiltrate data.

A password manager is a cybersecurity tool that securely stores, generates, and auto-fills strong passwords across websites and apps. By eliminating the need to remember multiple passwords, it strengthens security and reduces the risk of breaches. Experts consider it an essential component of cybersecurity best practices.
Read more »
Perception Point
Artificial Intelligence Cyber Security Digital Security Fortinet Perception Point

Fortinet Acquires Perception Point to Enhance AI-Driven Cybersecurity

 


Fortinet, a global leader in cybersecurity with a market valuation of approximately $75 billion, has acquired Israeli company Perception Point to bolster its email and collaboration security capabilities. While the financial terms of the deal remain undisclosed, this acquisition is set to expand Fortinet's AI-driven cybersecurity solutions.

Expanding Protections for Modern Workspaces

Perception Point's advanced technology secures vital business tools such as email platforms like Microsoft Outlook and Slack, as well as cloud storage services. It also extends protection to web browsers and social media platforms, recognizing their increasing vulnerability to cyberattacks.

With businesses shifting to hybrid and cloud-first strategies, the need for robust protection across these platforms has grown significantly. Fortinet has integrated Perception Point's technology into its Security Fabric platform, enhancing protection against sophisticated cyber threats while simplifying security management for organizations.

About Perception Point

Founded in 2015 by Michael Aminov and Shlomi Levin, alumni of Israel’s Intelligence Corps technology unit, Perception Point has become a recognized leader in cybersecurity innovation. The company is currently led by Yoram Salinger, a veteran tech executive and former CEO of RedBand. Over the years, Perception Point has secured $74 million in funding from major investors, including Nokia Growth Partners, Pitango, and SOMV.

The company's expertise extends to browser-based security, which was highlighted by its acquisition of Hysolate. This strategic move demonstrates Perception Point's commitment to innovation and growth in the cybersecurity landscape.

Fortinet's Continued Investment in Israeli Cybersecurity

Fortinet’s acquisition of Perception Point follows its 2019 purchase of Israeli company EnSilo, which specializes in threat detection. These investments underscore Fortinet’s recognition of Israel as a global hub for cutting-edge cybersecurity technologies and innovation.

Addressing the Rise in Cyberattacks

As cyber threats become increasingly sophisticated, companies like Fortinet are proactively strengthening digital security measures. Perception Point’s AI-powered solutions will enable Fortinet to address emerging risks targeting email systems and collaboration tools, ensuring that modern businesses can operate securely in today’s digital-first environment.

Conclusion

Fortinet’s acquisition of Perception Point represents a significant step in its mission to provide comprehensive cybersecurity solutions. By integrating advanced AI technologies, Fortinet is poised to deliver enhanced protection for modern workspaces, meeting the growing demand for secure, seamless operations across industries.

Read more »
Social Security Number
Data Breach Digital Security Passwords Sensitive data Social Security Number

Why Ignoring Data Breaches Can Be Costly




Data breaches are now more rampant than ever, exposing passwords and payment details to hackers. You could be getting breach alerts that pop up every so often, warning you that your data has been exposed. It's a wake-up call on how rampant the breaches are.

A Persistent Problem 

Data breaches have become part of our online lives. From credit card numbers to social security information, hackers never cease their attempts to access sensitive data. In fact, many breaches are financially driven, and about 95% of cyberattacks aim for money or valuable information. Still, despite all the news every day, companies often do not realise they have been breached until almost six months pass. The average time to discovery is 194 days according to Varonis. Therefore, the attackers have sufficient time to use the information before the companies can even initiate their response.

Rise of Breach Blindness

Over time, exposure to breach after breach has created "breach blindness," as if these alerts do not matter anymore. Since most of the time, nothing immediate happens, it is easy to scroll past breach notifications without thinking twice. This apathy is dangerous. Such a lack of care could mean stolen identities, financial fraud, and no one holding the companies accountable for their inability to protect the data.

When companies lose money as a result of these breaches, the consumer pays for it in the form of higher fees or costs. IBM reports that the worldwide average cost of a data breach is nearly $5 million, a 10% increase from last year. Such a high cost is a burden shared between the consumer and the economy at large.

How to Protect Your Data

Although companies are liable for securing data, there are various measures that can be undertaken personally. The first and most obvious measure is that your account should have a very strong and unique password. Hackers rely on frequently used, weakly protected passwords to bypass most accounts. Changing them with complexity makes it even more challenging for attackers to bypass and get to compromising your data.

It is much important to stay vigilant nowadays with data breaches being as common as a part and parcel of the internet. This breach, little by little, erodes privacy online and security. Stop pretending not to know those prompts; take them as warnings to check on your web security and work on strengthening it if needed. The one thing to do with all this is to keep apprised so as to not be taken in on the hook.




Read more »
training
Awareness Cyber Attacks Cyberattacks Cybersecurity Data protection Digital Security Education human error legislation malware training

Addressing Human Error in Cybersecurity: The Unseen Weak Link

 

Despite significant progress in cybersecurity, human error remains the most significant vulnerability in the system. Research consistently shows that the vast majority of successful cyberattacks stem from human mistakes, with recent data suggesting it accounts for 68% of breaches.

No matter how advanced cybersecurity technology becomes, the human factor continues to be the weakest link. This issue affects all digital device users, yet current cyber education initiatives and emerging regulations fail to effectively target this problem.

In cybersecurity, human errors fall into two categories. The first is skills-based errors, which happen during routine tasks, often when someone's attention is divided. For instance, you might forget to back up your data because of distractions, leaving you vulnerable in the event of an attack.

The second type involves knowledge-based errors, where less experienced users make mistakes due to a lack of knowledge or not following specific security protocols. A common example is clicking on a suspicious link, leading to malware infection and data loss.

Despite heavy investment in cybersecurity training, results have been mixed. These initiatives often adopt a one-size-fits-all, technology-driven approach, focusing on technical skills like password management or multi-factor authentication. However, they fail to address the psychological and behavioral factors behind human actions.

Changing behavior is far more complex than simply providing information. Public health campaigns, like Australia’s successful “Slip, Slop, Slap” sun safety campaign, demonstrate that sustained efforts can lead to behavioral change. The same principle should apply to cybersecurity education, as simply knowing best practices doesn’t always lead to their consistent application.

Australia’s proposed cybersecurity legislation includes measures to combat ransomware, enhance data protection, and set minimum standards for smart devices. While these are important, they mainly focus on technical and procedural solutions. Meanwhile, the U.S. is taking a more human-centric approach, with its Federal Cybersecurity Research Plan placing human factors at the forefront of system design and security.

Three Key Strategies for Human-Centric Cybersecurity

  • Simplify Practices: Cybersecurity processes should be intuitive and easily integrated into daily workflows to reduce cognitive load.
  • Promote Positive Behavior: Education should highlight the benefits of good cybersecurity practices rather than relying on fear tactics.
  • Adopt a Long-term Approach: Changing behavior is an ongoing effort. Cybersecurity training must be continually updated to address new threats.
A truly secure digital environment demands a blend of strong technology, effective policies, and a well-educated, security-conscious public. By better understanding human error, we can design more effective cybersecurity strategies that align with human behavior.
Read more »
Subscribe to: Posts (Atom)