Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Threat Landscape. Show all posts
USAID
Cyber Security Data Leak DOGE Elon Musk Threat Landscape USAID

Threat Analysts Warn of the 'Largest Data Breach' After Elon Musk's DOGE Controversy

 

The debate over Elon Musk's Department of Government Efficiency continues, with the world's richest man accused of snooping on some of America's most sensitive data. The DOGE has been tasked with reducing government spending by a paltry $2 trillion, which Musk himself admits might be unfeasible. 

However, the billionaire and his crew have lost no time to shed the fat, targeting everything from the National Space Council to USAID. Concerns have been raised regarding the DOGE's level of access, and some staff members have received death threats as a result of the debate.

"You can’t un-ring this bell,” the anonymous source told the local media outlet. Once these DOGE guys have access to these data systems, they can ostensibly do with it what they want." 

Four sources spoke to the local media outlet, but only Scott Cory would go on record. The former CIO for an HHS agency said: "The longer this goes on, the greater the risk of potential fatal compromise increases.” 

The National Oceanic and Atmospheric Administration, the Office of Personnel Management, the Department of Health and Human Services, and the U.S. Treasury have all apparently been accessed by the DOGE. "I don't think the public quite understands the level of danger," a federal agency administrator continued. 

With its newfound authority, the DOGE might prevent payments to government agencies and redirect funds to organisations it chooses. There are concerns that possible access to Federal Aviation could be "dire," even if Musk hasn't altered the current system yet. 

There have also been criticism that he has brought in a young team of technical wizards, but one payment-systems expert remarked that this is actually a good thing: "If you were going to organise a heist of the US Treasury, why in the world would you bring a handful of college students?" He went on to suggest that you'd need numerous people with at least ten years of experience with COBOL. 

Despite not being paid, working 120 hours a week, and sleeping in the offices, DOGE employees have been flexing their muscles to make some significant savings. Looking at the broad picture, one source concluded: "I'd want to believe that this is all so enormous and convoluted that they won't be successful in whatever they're attempting to do. But I wouldn't bet that outcome against their egos.”
Read more »
Threat Landscape
Cyber Security Home Security IoT Smart Device Threat Landscape

Three Ways to Safeguard Your Smart Home From Cybercriminals

 

Your smart home is a technological marvel. However, when camera flaws allow our neighbours to spy on us, smart speakers are manipulated with lasers, robot vacuums are breached to shout obscenities, and entire security systems are compromised by a smart plug, it's fair if you're hesitant to link your home to the internet. 

However, there is no reason to completely forgo the benefits of smart home devices. The idea is to recognise the risks and make use of available security features. Whether you have a network of smart kitchen gadgets or a single voice assistant, these measures will ensure that no one messes with your belongings. 

Secure your wi-fi network 

The majority of routers come with a model-specific SSID and either a random password or something generic, such as "admin," making it easier for cybercriminals to gain access to your home Wi-Fi and snoop about your linked smart home devices. Keep in mind that these manufacturer-supplied credentials are available online for anybody to use, so the first step is to secure your Wi-Fi network with a strong password. 

The process differs slightly depending on the device, but the basics are the same; here's how to get started. Those employing a mesh system will be able to manage security settings via a handy smartphone app. If your router supports it, consider altering the SSID, which is simply the name of your Wi-Fi network (e.g., PCMag_Home). While older devices are limited to WPA2, newer routers support the more secure WPA3 protocol. 

Replace outdated routers

You presumably purchased a new phone or laptop during the last several years. But how about your router? Has it accumulated dust on a shelf for far too long? If your internet performance isn't already hurting, the security of your linked gadgets very likely is. 

An ageing router indicates ageing security protocols—and an easier access point for undesirable actors. If you need a new router, the latest home internet standard is Wi-Fi 6. Prices for Wi-Fi 6 routers have dropped dramatically in recent years, with more alternatives available. Meanwhile, Wi-Fi 7 is still in its early stages of release. Check out our reviews of the finest wireless routers, gaming routers, and mesh networks.

Manage your account passwords

After securing the Wi-Fi network, it's time to safeguard the individual devices and services that connect to it. Numerous smart gadgets are managed by a smartphone app, so you'll need to create an account for each one. Using the same password for everything is handy, but it also poses a security risk.

If one of those accounts is compromised and the password is revealed, hackers may gain access to all of the other accounts on which you used that password. Instead, create a one-of-a-kind password that no one else will be able to guess. You may use a random password generator to generate difficult-to-guess codes, and a password manager to remember them all for you.
Read more »
Threat Landscape
Artificial Intelligence Crypto Hack Quantum computing Technology Threat Landscape

A Looming Threat to Crypto Keys: The Risk of a Quantum Hack

 


 The Quantum Computing Threat to Cryptocurrency Security

The immense computational power that quantum computing offers raises significant concerns, particularly around its potential to compromise private keys that secure digital interactions. Among the most pressing fears is its ability to break the private keys safeguarding cryptocurrency wallets.

While this threat is genuine, it is unlikely to materialize overnight. It is, however, crucial to examine the current state of quantum computing in terms of commercial capabilities and assess its potential to pose a real danger to cryptocurrency security.

Before delving into the risks, it’s essential to understand the basics of quantum computing. Unlike classical computers, which process information using bits (either 0 or 1), quantum computers rely on quantum bits, or qubits. Qubits leverage the principles of quantum mechanics to exist in multiple states simultaneously (0, 1, or both 0 and 1, thanks to the phenomenon of superposition).

Quantum Computing Risks: Shor’s Algorithm

One of the primary risks posed by quantum computing stems from Shor’s algorithm, which allows quantum computers to factor large integers exponentially faster than classical algorithms. The security of several cryptographic systems, including RSA, relies on the difficulty of factoring large composite numbers. For instance, RSA-2048, a widely used cryptographic key size, underpins the private keys used to sign and authorize cryptocurrency transactions.

Breaking RSA-2048 with today’s classical computers, even using massive clusters of processors, would take billions of years. To illustrate, a successful attempt to crack RSA-768 (a 768-bit number) in 2009 required years of effort and hundreds of clustered machines. The computational difficulty grows exponentially with key size, making RSA-2048 virtually unbreakable within any human timescale—at least for now.

Commercial quantum computing offerings, such as IBM Q System One, Google Sycamore, Rigetti Aspen-9, and AWS Braket, are available today for those with the resources to use them. However, the number of qubits these systems offer remains limited — typically only a few dozen. This is far from sufficient to break even moderately sized cryptographic keys within any realistic timeframe. Breaking RSA-2048 would require millions of years with current quantum systems.

Beyond insufficient qubit capacity, today’s quantum computers face challenges in qubit stability, error correction, and scalability. Additionally, their operation depends on extreme conditions. Qubits are highly sensitive to electromagnetic disturbances, necessitating cryogenic temperatures and advanced magnetic shielding for stability.

Future Projections and the Quantum Threat

Unlike classical computing, quantum computing lacks a clear equivalent of Moore’s Law to predict how quickly its power will grow. Google’s Hartmut Neven proposed a “Neven’s Law” suggesting double-exponential growth in quantum computing power, but this model has yet to consistently hold up in practice beyond research and development milestones.

Hypothetically, achieving double-exponential growth to reach the approximately 20 million physical qubits needed to crack RSA-2048 could take another four years. However, this projection assumes breakthroughs in addressing error correction, qubit stability, and scalability—all formidable challenges in their own right.

While quantum computing poses a theoretical threat to cryptocurrency and other cryptographic systems, significant technical hurdles must be overcome before it becomes a tangible risk. Current commercial offerings remain far from capable of cracking RSA-2048 or similar key sizes. However, as research progresses, it is crucial for industries reliant on cryptographic security to explore quantum-resistant algorithms to stay ahead of potential threats.

Read more »
Threat Landscape
Chinese Hackers Cyber Attacks Japan MirrorFace Threat Landscape

Japan Attributes Ongoing Cyberattacks to China-Linked MirrorFace Group

 


Japan's National Police Agency (NPA) and the National Centre of Incident Readiness and Strategy for Cybersecurity (NISC) have officially attributed a prolonged cyberattack campaign targeting Japanese organizations and individuals since 2019 to the China-linked threat actor MirrorFace, also known as Earth Kasha.

The cyberattacks were designed to steal sensitive information related to Japan's national security and emerging technologies. MirrorFace is reportedly a subgroup of the Chinese state-sponsored hacking collective APT10, notorious for deploying malware tools such as ANEL, LODEINFO, and NOOPDOOR.

Authorities have identified three distinct phases in MirrorFace's attack operations:
  • December 2019 – July 2023: Spear-phishing emails carrying malware like LODEINFO, LilimRAT, and NOOPDOOR targeted government agencies, think tanks, politicians, and media outlets.
  • February – October 2023: Malware such as Cobalt Strike Beacon, LODEINFO, and NOOPDOOR was deployed through vulnerabilities in network devices to infiltrate sectors like semiconductors, aerospace, and academic institutions.
  • June 2024 – Present: Phishing emails loaded with ANEL malware were sent to think tanks, political figures, and media organizations.

Sophisticated Cyberattack Techniques

MirrorFace utilized advanced methods to evade detection and maintain persistence, including:
  • Windows Sandbox Deployment: Malware was executed within the Windows Sandbox, a virtualized environment that limits malware persistence by erasing data upon system reset.
  • Evasion of Security Tools: This technique allowed malware to operate undetected by antivirus software.

Scale and Impact of the Cyberattacks

The NPA has connected MirrorFace to over 200 cyber incidents spanning five years. The affected sectors include:
  • Government Agencies
  • Defense Organizations
  • Space Research Centers
  • Private Enterprises in Advanced Technologies

Phishing emails often used compelling subjects like "Japan-US alliance" and "Taiwan Strait" to deceive recipients into downloading malicious attachments. Notable attacks linked to similar tactics include:
  • Japan Aerospace Exploration Agency (JAXA): Targeted in a sophisticated cyberattack.
  • Port of Nagoya (2023): Disrupted by a ransomware incident.

In response to these threats, the NPA issued a public warning:

“This alert aims to raise awareness among targeted organizations, businesses, and individuals about the threats they face in cyberspace by publicly disclosing the methods used in the cyber-attacks by ‘MirrorFace.’ It also seeks to encourage the implementation of appropriate security measures to prevent the expansion of damage from cyber-attacks and to avert potential harm.”

The warning underscores the need for heightened cybersecurity practices across sectors to mitigate risks from increasingly sophisticated cyber threats.
Read more »
Threat Landscape
Apple Artificial Intelligence Cyber Security Fake News Alert Threat Landscape

Apple Faces Backlash Over Misinformation from Apple Intelligence Tool

 



Apple made headlines with the launch of its Apple Intelligence tool, which quickly gained global attention. However, the tech giant now faces mounting criticism after reports emerged that the AI feature has been generating false news notifications, raising concerns about misinformation.

The British Broadcasting Corporation (BBC) was the first to report the problem, directly complaining to Apple that the AI summaries were misrepresenting their journalism. Apple responded belatedly, clarifying that its staff are working to ensure users understand these summaries are AI-generated and not official news reports.

Alan Rusbridger, former editor of The Guardian, criticized Apple, suggesting the company should withdraw the product if it is not yet ready. He warned that Apple’s technology poses a significant risk of spreading misinformation globally, potentially causing unnecessary panic among readers.

Rusbridger further emphasized that public trust in journalism is already fragile. He expressed concern that major American tech companies like Apple should not use the media industry as a testing ground for experimental features.

Pressure from Journalist Organizations

The National Union of Journalists (NUJ), a leading global body representing journalists, joined the criticism, urging Apple to take swift action to curb the spread of misinformation. The NUJ's statement echoes previous concerns raised by Reporters Without Borders (RSF).

Laura Davison, NUJ’s general secretary, stressed the urgency of the matter, stating,

"At a time when access to accurate reporting has never been more important, the public must not be placed in a position of second-guessing the accuracy of news they receive."

Apple is now under increasing pressure from media organizations and watchdog groups to resolve the issue. If the company fails to address these concerns promptly, it may be forced to remove the Apple Intelligence feature altogether.

With legal and regulatory scrutiny intensifying, Apple’s next steps will be closely watched. Prolonging the issue could invite further criticism and potential legal consequences.

This situation highlights the growing responsibility of tech companies to prevent the spread of misinformation, especially when deploying advanced AI tools. Apple must act decisively to regain public trust and ensure its technologies do not compromise the integrity of reliable journalism.
Read more »
User Security
Cyber Crime Email scam Indian Citizens Threat Landscape User Security

Threat Actors Are Sending Fraudulent Legal Notices to Target Indians

 

The Indian authorities have issued an urgent warning to residents over the widespread circulation of counterfeit emails impersonating Rajesh Kumar, CEO of the Indian Cyber Crime Coordination Centre (I4C). 

These fraudulent emails, with misleading subject lines like "Urgent Notification!" and "Court Notification," falsely accuse recipients of cybercrime and pressure them to respond. The PIB Fact Check team has identified these emails as fraudulent, emphasising that they were sent with malicious purpose to trick recipients and exploit their fears. 

Fake email threat

The bogus emails exploit the logos of prominent Indian institutions, such as the Indian Cyber Crime Coordination Centre (I4C), Intelligence Bureau (IB), and Delhi Police, as proof of legitimacy. They also represent themselves by using the names and contact information of senior officials to deceive recipients. These fake emails have been sent to government offices, people, and organisations, posing as official correspondence. 

In a tweet from its official handle, @PIBFactCheck, the bureau clarified that these emails are absolutely fraudulent and deceitful. "It is vital to note that neither the undersigned nor this unit originated such emails. Furthermore, no permission has been obtained for the creation or distribution of such content," the release noted. 

Cybercrime impact in India 

Concern over the rise in cybercrime in India is growing. Avinash Mohanty, the commissioner of police for Cyberabad, claims that cybercrime makes up more than 30% of the commissionerate's cognisable offences and that it may soon reach 50%. It is alarming to learn that every minute, Indian residents lose between 1.3 and 1.5 lakh rupees to hackers. This startling statistic emphasises the importance of raising awareness and vigilance against online fraud and scams. 

The recovery rate for cybercrime damages in the nation remains dismally low, averaging less than 20%. This increases the financial and emotional toll on sufferers. The increase in cybercrime impacts not only individuals and businesses, but also government institutions, which have been targeted in cases of espionage and data breaches.

In recent years, India has had a number of high-profile data breaches, the most significant of which involved Aadhaar, the country's unique citizen identification system. This breach affected over a billion Indians' personal information, including bank account numbers, addresses, and fingerprints. In 2024, the cost of data breaches in India would exceed two million US dollars, illustrating the increasing sophistication of cyberattacks and their devastating consequences.
Read more »
VoIP Servers
Cyber Security DDOS Attacks Proxy Server Threat Landscape VoIP Servers

Understanding VoIP DDoS Attacks: Prevention and Mitigation Strategies

 


A distributed denial-of-service (DDoS) attack targets a VoIP server by overwhelming it with phony user requests. This excessive traffic can exceed the network’s capacity, causing service disruptions and making genuine user requests unprocessable. Online criminals exploit these attacks to disrupt Voice Over Internet Protocol (VoIP) network services, the backbone of modern business phone systems and customer service software. VoIP services are particularly susceptible to DDoS attacks, as even a failed attempt can significantly degrade voice call quality and reliability. 
  
Modus Operandi of VoIP DDoS Attacks 
 
DDoS attacks aim to overwhelm a network with fake traffic, resulting in service denial for legitimate users. A typical VoIP server managing hundreds of calls per hour might struggle to respond to thousands of requests per second during an attack. Key attack methods include:
  • Botnets: Hackers deploy large networks of compromised devices, such as PCs, routers, mobile phones, and IoT devices, to generate attack traffic.
  • SIP Flood Attack: The attacker sends numerous Session Initiation Protocol (SIP) call requests, crashing the victim's VoIP server.
  • SIP Reflection Attack: Hackers spoof the victim's IP address and send queries to random servers, which flood the victim’s server with responses, overloading it.
Mitigation Tips to Defend Against VoIP DDoS Attacks 
 
Adopting robust defense mechanisms can help protect VoIP systems from DDoS attacks. Key strategies include: 
  
1. Use a Reverse Proxy A reverse proxy acts as an intermediary between clients and servers, handling and filtering requests to shield the server. Benefits include:
  • Regulating inbound traffic to ensure only legitimate requests pass through.
  • Disguising the origin server's IP address to prevent direct targeting by hackers.
  • Minimizing latency by offloading tasks such as encrypting and decrypting TLS/SSL communications.
2. Real-Time Network Monitoring Real-time monitoring tools establish a baseline of regular activity to detect anomalies. These tools:
  • Identify unusual network behavior, enabling rapid responses to DDoS-induced traffic spikes.
  • Protect endpoint protocols and IP blocks from malicious requests.
  • Help prevent VoIP fraud by detecting and mitigating suspicious activities.
3. Implement Rate Limiting Rate limiting reduces the impact of malicious bot traffic by controlling the volume of requests. It works by:
  • Delaying or blocking excessive requests from a single IP or multiple sources.
  • Setting thresholds to limit the frequency of actions within a specific time frame.
  • Ensuring only legitimate traffic reaches critical resources.
Rate limiting effectively curtails attackers' ability to sustain a successful DDoS attack. 

VoIP DDoS attacks pose significant risks to modern communication systems, but proactive measures can mitigate these threats. By using reverse proxies, adopting real-time monitoring tools, and implementing rate-limiting techniques, organizations can safeguard their VoIP infrastructure against malicious traffic and ensure uninterrupted services.
Read more »
User Privacy
Google Mobile Security RCS Threat Landscape User Privacy

Here's Why You Need A New App After Google RCS Issue

 

Google Messages has suddenly gone haywire. After years of campaigning, the "seamless messaging" dream was finally realised, but it vanished as quickly as it arrived. Currently, the question is whether it has any prospect of ever returning. 

Like a slow-motion train crash, Google quickly appreciated Apple for its long-awaited adoption of RCS, but as soon as it went live, it was criticised for its awkward security flaw. Despite iMessage's constant praise of its end-to-end encryption, those green bubbles are still without it. 

Quick to react, Google and the GSMA said that end-to-end encryption for RCS is currently being developed. China comes along to ruin the fun, even though that might have won the day. Apple, Google, and other companies insist on end-to-end encryption since it appears that state-sponsored hackers have infiltrated US telco networks. 

Cross-platform RCS has suffered severely as a result of the FBI and CISA are now both cautioning the public to utilise encrypted platforms properly. There is no security when texting from an Android phone to an iPhone, as Samsung has warned customers. 

Google and the GSMA were quick to respond, promising that end-to-end encryption for RCS is in the works. But, although that might have won the day, China arrives to spoil the fun. It appears that state-sponsored hackers have broken into US telco networks, highlighting why Apple, Google, and others advocate for end-to-end encryption in the first place. With the FBI and CISA now warning citizens to use appropriately encrypted systems, cross-platform RCS has taken a significant knock. Even Samsung has advised consumers that texting from Android to iPhone is not secure. 

Apple has never denied that iMessage is only secure within its own walled garden. Google, not Apple, pushed for cross-platform RCS. When it finally arrived with iOS 18, Google sent out public messages about non-blurry images and other new capabilities, whereas Apple said little, if anything at all. 

So now it's up to Google Messages to pick up the pieces of this security catastrophe and figure out what to do next. How quickly can RCS be beefed up to meet the "responsible encryption" standard specified by the US government officials? Given the official warnings, how do Google and Apple encourage consumers to send basic RCS/SMS texts? How quickly will network confidence get better? 

However, with timing being everything, the ultimate impediment to that RCS train could be Apple's upcoming iPhone update—iOS 18.2. To everyone's surprise, the iMaker has chosen to provide all of its users—not just those in controlled Europe—the ability to choose their default apps. For the first time, choose an over-the-top service like WhatsApp or Signal as your primary call and message provider. 

The 2024 RCS dream has suffered a setback, though whether it has been buried beneath the waters remains to be seen. What is evident is that this benefits Meta, which owns the world's largest end-to-end encrypted messaging systems, WhatsApp and Facebook Messenger, even if they are not "responsibly" encrypted, as defined by the FBI, which requires authorised access to content when necessary. 

Google Messages customers who use that platform to text friends, family, and colleagues will now require a new app. If you don't already have WhatsApp, Messenger, or Signal, you should download them right now. WhatsApp is the clear winner, striking the ideal combination between security, functionality, and scalability. Many of the people you communicate with will already have the app installed.

In keeping with the security theme, you must take two steps to guarantee the integrity of end-to-end encryption. Start by correctly configuring WhatsApp (or a substitute). This includes passkeys when they are available and two-factor authentication. Second, make sure you avoid taking any chances when installing apps, downloading files, or clicking links. It's as if you haven't secured your stuff at all if an attacker uses malware to take over your phone or lures you into installing malicious software, regardless of the messenger you use. 

The irony for Google has continued with the announcement that Samsung is discontinuing RCS for millions of Galaxy users who are still using Samsung Messages and advising they migrate to Google Messages. The Galaxy maker told Verizon customers that "Samsung Messages will no longer support RCS after 1.6.2025." Switch to Google Messages to keep the more robust messaging you're accustomed to.”
Read more »
Subscribe to: Posts (Atom)