Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label User Privacy. Show all posts
User Privacy
Data Leak Mobile Security Samsung Folder Secure Folder User Privacy

Samsung Secure Folder Vulnerability Exposes Hidden Images

 

Samsung's Secure Folder, a feature designed to provide industry-grade security for sensitive data on Galaxy smartphones, has been identified to have a major flaw. Recent discoveries indicate that apps and images saved in the Secure Folder can be accessible under certain conditions, raising concerns about the privacy and security of the data stored there. 

Modus operandi

The Secure Folder acts as a "Work" profile, allowing users to keep private apps, images, and files separate from their primary profile. Normally, when an app seeks to access files from the Secure Folder, the system prevents it unless the app is specifically approved. 

However, a Reddit user named lawyerz88 revealed that this security feature is ineffective when utilising a "Work" app (with a media picker) linked to a separate work profile. In that instance, files stored in the Secure Folder become available via the app. So it is not difficult to circumvent the intended privacy protections.

“If you have the work profile enabled through something like Island or Shelter (or you know, your actual workplace), any apps in the work profile can access the entirety of files saved in a secure folder without any restrictions whatsoever.” notes the Reddit user. “It seems it’s restricted by policy only and only from the personal profile and someone forgot to restrict access via another work profile.” 

Android Authority confirmed the flaw with the Shelter app, which allows you to create a work profile on any device. This means that anyone with physical access to a Galaxy smartphone might use this flaw to view Secure Folder data. 

Samsung's claim of strong security is called into question by this defect, since private data kept in the Secure Folder can be accessed without the owner's knowledge.While accessing the Secure Folder usually requires biometric authentication or a PIN/password, the workaround via Work applications renders these safeguards ineffective. 

The tech giant reportedly acknowledged that they were aware of the user's findings after he reported them. The firm recently rectified the boot loop issue linked with the Secure Folder, and now that more people are aware of it, we hope it is resolved as quickly as possible.
Read more »
User Privacy
Cyber Fraud Data Leak Financial Scam Indian Banking MHA User Privacy

Open Access to Critical Data With Bank Staff Leading to Financial Scam

 

A concerning trend has sent shockwaves across cybersecurity authorities, with central cyber and intelligence organisations tracking and documenting large-scale data leaks perpetrated by bank staff and third party contractors. 

According to a senior Indian government official, the issue has been raised to the highest levels of government, prompting an emergency meeting at the Ministry of Home Affairs (MHA) a few weeks ago to develop a resolution. The government agencies have determined that unlimited access to critical banking data, granted to staff and third-party vendors, is directly supporting rampant cyber fraud and significant financial losses among citizens. 

“The exposure of highly sensitive banking data to employees, particularly outsourced staff and third-party vendors, is leading to severe information leaks. Cybercriminals are exploiting this breach to systematically target and defraud citizens," a top government official stated. 

What is more concerning is the potential involvement of high management-level bank executives. Intelligence agencies officials at the meeting stated that despite repeated accusations, both public and private sector institutions had failed to take action against fraudulent activity. “Shockingly, banks are neglecting action on nearly 60-70 percent of fraudulent accounts reported on the National Cybercrime Reporting Portal (NCRP)," a senior official who attended the MHA meeting noted. 

Financial intelligence agencies have also detected severe flaws in banking security. The MHA meeting featured a detailed analysis of cyber fraud trends, mule accounts, and bank reaction times. The statistics show a stunning increase in cybercrime events, demonstrating that current security measures are ineffective. Banks seem reluctant to take corrective action, creating serious concerns about their accountability. 

In line with the most recent Reserve Bank of India (RBI) recommendation, authorities have highlighted the need for swift and strict action due to the rapid evolution of cybercrime. According to officials, unregulated data leaks from banks' own infrastructure will continue to fuel cybercriminal networks, putting millions of clients at risk, unless banks strengthen their internal controls and take decisive action.
Read more »
User Privacy
Android Security Cyber Scams Mobile Security Security Update User Privacy

Android Latest Security Feature Protects Users from Cyber Scams

 

Google is developing a new security feature for Android that prevents users from updating sensitive settings while a phone call is in process. The in-call anti-scammer measures include prohibiting users from enabling settings to install apps from unidentified sources and providing accessibility access. The development was initially reported by Android Authority. 

Users who attempt to do so during phone calls receive the following message: "Scammers frequently request this type of action during phone calls, thus it is blocked to protect you. If you are being directed to take this activity by someone you do not know, it could be a scam.” 

Furthermore, it prevents users from granting an app access to accessibility services during a phone call. The feature is now active in Android 16 Beta 2, which was released earlier this week. With this latest update, the goal is to increase friction to a technique that malicious actors frequently utilise to propagate malware. 

These tactics, known as telephone-oriented attack delivery (TOAD), entail sending SMS messages to potential targets and encouraging them to contact a number by creating a false feeling of urgency.

Last year, NCC Group and Finland's National Cyber Security Centre (NCSC-FI) revealed that fraudsters were distributing dropper programs via SMS messages and phone calls to deceive users into installing malware like Vultr. 

The development comes after Google increased restricted settings to cover more permission categories, preventing sideloaded applications from accessing sensitive data. To combat fraud, it has also enabled the automated blocking of potentially unsafe app sideloading in markets such as Brazil, Hong Kong, India, Kenya, Nigeria, the Philippines, Singapore, South Africa, Thailand, and Vietnam. 

Sideloading the safe way 

By following certain guidelines and best practices, you can sideload apps in a safer manner. To reduce the risks of sideloading, you can take the following actions. 

Verify the source: Only download apps from reliable and trustworthy sources. Avoid downloading applications from random websites, torrents, or file-sharing services. 

Check app authenticity: Ensure that the sideloading app is the original, unaltered version from the developer. Verify the app's digital signature if possible. 

Enable unknown sources selectively: On Android, you must allow "Unknown Sources." This enables you to sideload apps. This should be switched off when not in use. 

Employ a reputable APK repository: Aptoide and APKMirror are two trustworthy third-party app stores to use when sideloading Android apps. These programs select apps and examine them for malware. 

Use mobile security software: To safeguard your smartphone from possible dangers, use a trustworthy mobile security application. Malicious sideloaded apps can also be detected by many security applications.
Read more »
User Privacy
Data Breach Health Sisters Medical Data US Hospital User Privacy

US Health System Notifies Nearly 900K Patients Regarding a 2023 Data Breach

 

Hospital Sisters Health System informed nearly 882,000 patients that a cyberattack in August 2023 resulted in a data breach that compromised their private and medical data. 

Established in 1875, HSHS works with about 2,200 physicians and employs over 12,000 employees. It also runs a network of physician practices and 15 community hospitals in Illinois and Wisconsin, including two children's hospitals. 

The non-profit healthcare institution stated in data breach notifications given to those affected that the incident was discovered on August 27, 2023, after determining that the hacker had gained access to the HSHS network.

Following the security incident, its systems were affected by a widespread outage that knocked out "virtually all operating systems" and phone systems in Illinois and Wisconsin hospitals. HSHS also hired external security specialists to investigate the incident, assess the impact, and assist the IT staff in restoring hacked systems.

"We are prioritizing patient safety as we establish a process for restoration. With the support of third-party experts, we are bringing our systems back online as quickly and as safely as possible," HSHS noted in a September 2024 statement. "A health system of our size operates hundreds of system applications across thousands of servers, and as such, our restoration and investigative work will take some time to complete.” 

While the incident and subsequent outage appear to be the result of a ransomware attack, no ransomware outfit has claimed responsibility for the breach. Following the forensic inspection, HSHS discovered that between August 16 and August 27, 2023, the perpetrators had accessed files on hacked systems.

The information accessed by attackers while inside HSHS' systems varies by individual, but it typically includes a combination of name, address, date of birth, medical record number, limited treatment data, health insurance information, Social Security number, and/or driver's license number. 

While HSHS stated that there is no evidence that the victims' information was utilised in fraud or identity theft activities, it recommended impacted individuals to keep an eye on their account statements and credit reports for suspicious behaviour. The health system also provides free Equifax credit monitoring for one year to anybody harmed by the breach.

New York Blood Centre (NYBC), one of the biggest independent blood collection and distribution organisations in the world, announced that it had to reschedule some appointments due to a ransomware attack, Connecticut healthcare provider Community Health Centre (CHC) informed more than a million patients regarding a data breach last week. 

UnitedHealth said earlier this month that the Change Healthcare ransomware assault last year had stolen the data of some 190 million Americans, nearly twice as many as the 100 million that were made public in October.
Read more »
User Privacy
Cyber Scam Malicious Campaign malware Tria Stealer User Privacy

Fake Wedding Invitation Malware Targets Android Users

 

Malicious actors are propagating a recently discovered Android malware called Tria by sending phoney wedding invitations to consumers in Brunei and Malaysia. 

According to a report published by the Russian cybersecurity firm Kaspersky, the attackers have been using private and group chats on Telegram and WhatsApp since mid-2024 to distribute the malware, inviting users to weddings and prompting them to install a mobile app in order to get the invitation.

Once the malware is installed, it can collect private information from call logs, emails (including Gmail and Outlook), SMS messages, and messaging apps (such as WhatsApp and WhatsApp Business). 

Researchers caution that accounts that depend on email and messaging app authentication could be compromised, passwords can be reset, or online banking can be accessed using the stolen data. 

The attackers' main objective seems to be taking complete control of the victims' Telegram and WhatsApp accounts so they can make phoney money requests to connections or propagate malware. To process stolen data, the hackers employ two Telegram bots: one for managing SMS data and another for gathering text from emails and instant messaging apps. 

According to Kaspersky, posts on social media sites like Facebook and X suggest that the campaign has reached a number of Android users in Malaysia, while the precise number of victims is still unknown.

The researchers have not identified a specific organisation responsible for the attack, but evidence implies that the hackers are Indonesian-speaking. 

In 2023, Kaspersky discovered a similar effort known as UdangaSteal, in which hackers stole text messages from users in Indonesia, Malaysia, and India and transmitted the data to their servers using a Telegram bot. The attackers utilised a variety of deceptive approaches to trick users into installing malicious files, such as bogus wedding invites, package delivery notifications, annual tax payment reminders, and job offers. 

Despite their similarities, experts identify major differences between the two attacks, such as distinct malware code, geographic targets, and attack techniques. While UdangaSteal has always focused on SMS theft, experts say Tria has a larger reach, attacking emails and chat apps as well as SMS conversations.
Read more »
Virtual Credit Card
Cyber Security Financial Security Online Scam User Privacy Virtual Credit Card

Here's The Ultimate Guide to Virtual Credit Card in Safeguarding Online Privacy

 

Virtual credit cards are digital versions of physical credit cards. They generate a unique credit card number that you can use instead of your physical card number, avoiding the merchant from storing your credit card data and making your financial data more safe. 

With security breaches in the news, using a virtual card adds an extra degree of security. Several major credit card issuers provide virtual cards, although there are several outliers. Virtual credit cards provide more than just security. A virtual credit card allows you to utilise a newly created account before the physical card arrives, allowing you to collect rewards right away or make progress towards a welcome bonus. 

Are virtual cards safer than physical cards? 

Virtual cards provide an additional layer of security over physical cards by safeguarding your real credit card information. This makes them safer than physical cards in various aspects: 

  • Virtual credit cards might have spending caps and be restricted to specific merchants. They can also be configured for single use, deactivating automatically after the very first transaction. These restrictions provide extra fraud protection compared to a standard credit card.
  • Unlike conventional credit cards, virtual cards cannot be stolen or misplaced. If you carry a physical credit card and it is stolen, you may be susceptible to scam. Virtual cards are stored in your digital wallet, keeping you secure from fraud.
  • Virtual credit cards must adhere to the Payment Card Industry Data Security Standard (PCI DSS), which includes standards and guidelines aimed at safeguarding credit and debit transactions and preventing the exploitation of cardholder data. 

Benefits and drawbacks 

Virtual credit cards have many benefits, but there are a few drawbacks. Here are some of the advantages and disadvantages of virtual cards.

Pros: 

Enhanced security: Using virtual cards to make online transactions safeguards your actual credit card information and adds an extra layer of security over physical credit cards. Flexibility: Without changing your actual credit card, you can choose which vendors you want to use the card with, set up expiration dates, and create specific spending limitations.

Convenience: Virtual credit cards are generated instantly and can be utilised immediately for online purchases and contactless payments. Cons: Not always able to utilise them in-store: Not every retailer accepts contactless methods like Apple Pay or Google Pay. When it comes to in-store stores, you can be constrained, even though virtual cards are perfect for internet buying. 

Cons:

Refunds could be difficult: Every retailer has different regulations, and some could only give refunds for the original payment method. If you utilised a virtual credit card number that is no longer active, this can be an issue. Instead, you may get a cheque, a gift card or store credit in this situation.

Unsuitable for reservations: It may be challenging to match your payment method at check-in if you use a virtual card to make a hotel reservation. Since hotels usually need a physical card when you check in, using a virtual card can need further verification, such as getting in touch with your bank.
Read more »
User Privacy
Data Breach Data Leak Healthcare Hack Medical Data User Privacy

Community Health Centre Data Breach Impacts Over 1 Million Patients

 

Over a million people have been notified of a recent data breach by Community Health Centre, a nonprofit healthcare organisation based in Middletown, Connecticut. On January 2, 2025, unauthorised activity was detected in its computer systems, and external cybersecurity specialists were hired to help with the investigation and establish the nature and scale of the unauthorised activity. 

The investigation revealed that an online criminal gained access to its computer systems and stole data from the network. The Community Health Centre did not confirm whether a ransom demand was made; however, it did state that no data was deleted from its network and no files were encrypted, therefore the incident had no effect on its daily operations.

In the statement to the Attorney General of Maine, Community Health Centre explained that "there is no current threat to our systems, and we believe we stopped the criminal hacker's access within hours." The breach initially occurred on October 14, 2024, according to the breach notice from the Maine Attorney General.

The file review is now concluded, and the Community Health Centre has confirmed that the following data may have been compromised: names, addresses, phone numbers, email addresses, dates of birth, diagnoses, test results, treatment information, health insurance information, and Social Security numbers.

Up to 1,060,936 people have been impacted, including paediatric patients, their parents, and guardians. Some of the affected individuals passed away, and notifications are being given to their nearest of kin. While the majority of affected patients are likely from Connecticut, the California Attorney General has also been notified of the data leak. 

With over 1 million records, this is the most significant healthcare data breach revealed this year. Employees at Moses-Weitzman Health System were also impacted.

According to Community Health Centre, software has been put in place to keep an eye on its systems for suspicious activity, and security has been reinforced. Community Health Centre has provided the impacted individuals with free identity theft protection services for a period of 24 months, even though there are currently no signs that any of the stolen data has been compromised.
Read more »
User Privacy
Business Security Cyber Security Data Leak Insider Threat User Privacy

Three Ways To Prevent Insider Threat Driven Data Leaks

 

The United States is poised to undergo a period of highly disruptive transformation. The incoming administration has promised to make significant changes, including forming a new body, the Department of Governmental Efficiency (DOGE), with the aim of substantially reducing the size of the government. 

Many people in our hugely polarised society are unhappy with the upcoming changes. Some will even refuse to "go down without a fight" and attempt to sabotage the shift or the new administration's prospects for success. How? One popular disruption method is to leak bits and pieces of insider information in order to distract, provoke opposition, and ultimately stall the changes.

While insider leaks can occur at any organisation and at any moment, a controversial move can be a major driver for such threats. We don't need to look far back for examples of this. After Donald Trump was elected to his first term, someone explicitly got a job as an IRS contractor so that he could leak the tax returns of key leaders, including President Trump. There was also information disclosed concerning a Trump cabinet pick. 

It's possible that this behaviour will worsen significantly. Agencies and organisations can take proactive measures to prepare for this. 

Launch an insider threat program: Nearly 80% of organisations have noticed an increase in insider threat activity since 2019, and just 30% believe they have the ability to deal with the situation. While external threats are frequently addressed, according to IBM's Cost of a Data Breach report, breaches by people within an organisation were the most costly, averaging just shy of $5 million.

Having a formal security strategy in place can safeguard sensitive data, maintain operational integrity, and ensure that your organization's communication links remain open and secure. Start by assessing your risk, establishing guidelines for data sharing and management, and installing technologies to monitor user activity, detect irregularities, and notify security teams of potential risks. 

Individualize information: Organisations can also explore using steganographic technologies to personalise the information they send to their employees. Forensic watermarking technology allows sensitive information to be shared in such a way that each employee receives a completely unique copy that is undetectable to the human eye. With this technology in place, employees are more likely to think twice before giving a secret presentation on future strategy. If a leak still occurs, the organisation can easily identify the source.

Avoid sharing files: The world must shift away from using files to share personal information. At first glance, it may appear impossible, yet changing the way organisations share information might help them preserve their most valuable information. File sharing is more than a risk factor; it is also a threat vector, as files are the source of the majority of data exfiltration risks. As a result, deleting them would naturally eliminate the threat. What are the alternatives? Using SaaS applications in which no one can download anything. This strategy also helps to safeguard against external attacks.
Read more »
Subscribe to: Posts (Atom)