Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label trending news. Show all posts
trending news
Africa under cyber threats bfsi BFSI cyber security Cyber Security News trending news

Cyber Threats Surge Across Africa’s Financial Sector, Urging Stronger Cybersecurity Defenses

 

In 2024, the financial landscape in Africa has been rocked by a series of high-impact cyberattacks, underscoring the urgent need for enhanced digital defenses across the Banking, Financial Services, and Insurance (BFSI) sector. From Uganda to Zimbabwe and South Africa, institutions are increasingly in the crosshairs of sophisticated cybercriminal groups. One of the most alarming incidents involved the Bank of Uganda, which reportedly lost approximately $16.8 million to an offshore hacking group known as “Waste.” 

In a similar breach of security, ZB Financial Holdings in Zimbabwe suffered a ransomware attack in July that led to substantial data exposure, compromising both customer details and operational systems. South Africa’s Standard Bank also confirmed a recent data breach that affected limited personal and financial data, highlighting how widespread and varied these threats have become. Interpol’s 2024 African Cyberthreat Assessment paints a grim picture—cyberattacks on African businesses surged by 23% in 2023, with ransomware and data breaches being the most prevalent. 

These figures reflect not only a rising frequency but also the growing sophistication of cybercrime on the continent. The IBM 2024 Cost of a Data Breach report further reveals that the average cost of a data breach in South Africa has risen sharply to R53.1 million, a significant jump from R49.45 million the previous year. Historical incidents continue to serve as cautionary tales. The 2020 Experian breach compromised 24 million personal records, while the 2023 Medusa ransomware attack on the Bank of Africa’s Malian unit resulted in the leak of 2TB of sensitive data. 

These events demonstrate the severe financial and reputational risks African financial institutions face. As the sector increasingly adopts technologies such as artificial intelligence, blockchain, and cloud computing, new avenues for cyber exploitation have emerged. Threats like phishing schemes, insider sabotage, and regulatory compliance issues now loom larger than ever before. “Cybercrime is evolving at an alarming rate, and financial institutions in Africa are prime targets,” said Abe Wakama, CEO of IT News Africa. 

“The BFSI Security Summit will offer a vital platform for industry leaders to collaborate, exchange knowledge, and deploy effective strategies to protect their institutions,” he further added. 

Cybersecurity experts and Chief Information Security Officers (CISOs) across the continent are responding by urging a multi-layered approach to digital defense—deploying AI-powered threat detection systems, implementing zero trust security models, and ensuring compliance with key data privacy regulations like South Africa’s Protection of Personal Information Act (POPIA) and the EU’s GDPR. Additional measures such as continuous monitoring, advanced endpoint protection, and robust incident response planning are becoming standard practice. Equally critical are human factors—regular employee training and rigorous penetration testing play a pivotal role in building organizational cyber resilience.
Read more »
trending news
Cybersecurity Attack malware News online threats trending news

Beware of Fake Viral Video Links Spreading Malware

 

McAfee Labs has uncovered a rise in cyber scams where fraudsters use fake viral video links to trick people into downloading malware. These attacks rely on social engineering, enticing users with promises of exclusive or leaked content. 

Once a user clicks on the deceptive link, they are redirected through several malicious websites before unknowingly downloading a harmful file. The scheme typically begins with a fake message or document containing a link to a trending video. Clicking the link leads to an unsafe website filled with misleading advertisements, fake download buttons, and sometimes adult content. 

These sites trick users into downloading a file—often a ZIP folder—that seems harmless but actually contains malware hidden within a password-protected archive. Once downloaded and extracted, the file reveals a setup program that, when executed, launches the malware. To make it appear legitimate, a CAPTCHA screen is displayed first. 

However, once the user clicks “OK,” the malware installs itself discreetly, injecting harmful files into the system and running hidden processes that steal data or compromise the device. While McAfee’s security measures have intercepted many such attacks, experts warn that these scams continue to evolve. 

Cybercriminals use clickbait tactics to manipulate people’s curiosity, making it crucial to stay vigilant. To protect yourself, avoid clicking on links that claim to provide exclusive or leaked videos, as these are often traps designed to distribute malware. 

Be cautious of unfamiliar websites that prompt you to download files, as they may contain hidden threats. Always scan downloaded files with reliable security software before opening them. Additionally, keep your antivirus software updated to ensure real-time protection against emerging cyber threats. Since online scams are constantly evolving, staying informed and cautious is the best defense against potential cyber risks.
Read more »
trending news
cybersecurity concerns cybersecurity news DeepSeek-R1 trending news

DeepSeek-R1 AI Under Fire for Severe Security Risks

 

DeepSeek-R1, an AI model developed in China, is facing intense scrutiny following a study by cybersecurity firm Enkrypt AI, which found it to be 11 times more vulnerable to cybercriminal exploitation compared to other AI models. The research highlights significant security risks, including the AI’s susceptibility to generating harmful content and being manipulated for illicit activities. 

This concern is further amplified by a recent data breach that exposed over a million records, raising alarms about the model’s safety. Since its launch on January 20, DeepSeek has gained immense popularity, attracting 12 million users in just two days—surpassing ChatGPT’s early adoption rate. However, its rapid rise has also triggered widespread privacy and security concerns, leading multiple governments to launch investigations or impose restrictions on its usage.  
Enkrypt AI’s security assessment revealed that DeepSeek-R1 is highly prone to manipulation, with 45% of safety tests bypassing its security mechanisms. The study found that the model could generate instructions for criminal activities, illegal weapon creation, and extremist propaganda. 

Even more concerning, cybersecurity evaluations showed that DeepSeek-R1 failed in 78% of security tests, successfully generating malicious code, including malware and trojans. Compared to OpenAI’s models, DeepSeek-R1 was 4.5 times more likely to be exploited for hacking and cybercrime. 

Sahil Agarwal, CEO of Enkrypt AI, emphasized the urgent need for stronger safety measures and continuous monitoring to mitigate these threats. Due to these security concerns, several countries have initiated regulatory actions. 

Italy was the first to launch an investigation into DeepSeek’s privacy and security risks, followed by France, Germany, the Netherlands, Luxembourg, and Portugal. Taiwan has prohibited government agencies from using the AI, while South Korea has opened a formal inquiry into its data security practices. 

The United States is also responding aggressively, with NASA banning DeepSeek from federal devices. Additionally, lawmakers are considering legislation that could impose severe fines and even jail time for those using the platform in the country. The growing concerns surrounding DeepSeek-R1 come amid increasing competition between the US and China in AI development. 

Both nations are pushing the boundaries of AI for military, economic, and technological dominance. However, Enkrypt AI’s findings suggest that DeepSeek-R1’s vulnerabilities could make it a dangerous tool for cybercriminals, disinformation campaigns, and even biochemical warfare threats. With regulatory scrutiny intensifying worldwide, the AI’s future remains uncertain as authorities weigh the risks associated with its use.
Read more »
trending news
AI AI news Quantum Technology trending news

AI and Quantum Computing Revive Search Efforts for Missing Malaysia Airlines Flight MH370

 

A decade after the mysterious disappearance of Malaysia Airlines Flight MH370, advancements in technology are breathing new life into the search for answers. Despite extensive global investigations, the aircraft’s exact whereabouts remain unknown. However, emerging tools like artificial intelligence (AI), quantum computing, and cutting-edge underwater exploration are revolutionizing the way data is analyzed and search efforts are conducted, offering renewed hope for a breakthrough. 

AI is now at the forefront of processing and interpreting vast datasets, including satellite signals, ocean currents, and previous search findings. By identifying subtle patterns that might have gone unnoticed before, AI-driven algorithms are refining estimates of the aircraft’s possible location. 

At the same time, quantum computing is dramatically accelerating complex calculations that would take traditional systems years to complete. Researchers, including those from IBM’s Quantum Research Team, are using simulations to model how ocean currents may have dispersed MH370’s debris, leading to more accurate predictions of its final location. Underwater exploration is also taking a major leap forward with AI-equipped autonomous drones. 

These deep-sea vehicles, fitted with advanced sensors, can scan the ocean floor in unprecedented detail and access depths that were once unreachable. A new fleet of these drones is set to be deployed in the southern Indian Ocean, targeting previously difficult-to-explore regions. Meanwhile, improvements in satellite imaging are allowing analysts to reassess older data with enhanced clarity. 

High-resolution sensors and advanced real-time processing are helping experts identify potential debris that may have been missed in earlier searches. Private space firms are collaborating with global investigative teams to leverage these advancements and refine MH370’s last known trajectory. 

The renewed search efforts are the result of international cooperation, bringing together experts from aviation, oceanography, and data science to create a more comprehensive investigative approach. Aviation safety specialist Grant Quixley underscored the importance of these innovations, stating, “New technologies could finally help solve the mystery of MH370’s disappearance.” 

This fusion of expertise and cutting-edge science is making the investigation more thorough and data-driven than ever before. Beyond the ongoing search, these technological breakthroughs have far-reaching implications for the aviation industry.

AI and quantum computing are expected to transform areas such as predictive aircraft maintenance, air traffic management, and emergency response planning. Insights gained from the MH370 case may contribute to enhanced safety protocols, potentially preventing similar incidents in the future.
Read more »
Zyxel
cyber attack Cyber Attacks News trending news Zero day vul Zyxel

Critical Zero-Day Vulnerability in Zyxel Devices Sparks Widespread Exploitation


Cybersecurity researchers at GreyNoise have uncovered widespread exploitation of a critical zero-day vulnerability in Zyxel CPE Series devices, months after it was initially reported to the manufacturer. The flaw, identified as CVE-2024-40891, allows attackers to execute arbitrary commands on affected devices, potentially leading to data breaches, network infiltration, and complete system compromise. GreyNoise has disclosed the issue to raise awareness among organizations and individuals at risk, as mass exploitation attempts have already been observed.

Details of the Vulnerability and Exploitation

The vulnerability, CVE-2024-40891, was first reported to Zyxel by researchers at VulnCheck in August 2024. However, Zyxel has yet to release a public advisory or an official CVE entry for the flaw, leaving users without a patch to mitigate the risk. GreyNoise collaborated with VulnCheck to disclose the issue, following standard security policies. A GreyNoise spokesperson stated, “Due to first-hand, confirmed mass exploitation attempts for this vulnerability, we chose to disclose this to raise awareness among those who may be impacted.”

Security analysts at Censys estimate that approximately 1,500 devices are online and potentially vulnerable, though definitive confirmation of affected versions is still pending. The National Vulnerability Database (NVD) has not yet provided additional details about the issue. To assess the extent of malicious activity, GreyNoise and VulnCheck conducted a joint investigation, revealing that attackers are actively targeting the flaw.

Researchers noted that CVE-2024-40891 shares similarities with another Zyxel vulnerability, CVE-2024-40890, which also involves authentication and command injection exploits. The key difference is that CVE-2024-40891 is exploited via telnet, while CVE-2024-40890 is HTTP-based. This latest vulnerability follows a recent warning from the Cybersecurity and Infrastructure Security Agency (CISA) and German authorities about another security flaw in Zyxel firewalls, CVE-2024-11667, which was exploited to deploy Helldown ransomware in early December.

Mitigation Strategies and Recommendations

With no official patch available, Zyxel users remain vulnerable to exploitation. Security experts urge organizations to implement temporary mitigation strategies to reduce the risk of compromise. Key recommendations include:

  1. Monitor Network Traffic: Closely monitor network traffic for unusual activity, particularly on devices running Zyxel CPE Series firmware.
  2. Restrict Access: Limit access to potentially affected devices by disabling unnecessary services, such as telnet, and implementing strict access controls.
  3. Apply Workarounds: If possible, apply any available workarounds or configuration changes recommended by cybersecurity experts until an official patch is released.
  4. Stay Informed: Keep track of updates from Zyxel and cybersecurity agencies like CISA for the latest information on vulnerability and mitigation measures.

A VulnCheck spokesperson confirmed that the firm is actively working with Zyxel on the disclosure process and expects to share further insights in the coming week. In the meantime, organizations are advised to remain vigilant and take proactive steps to protect their networks.

The widespread exploitation of CVE-2024-40891 highlights the critical importance of timely vulnerability disclosure and patch management. As attackers continue to target Zyxel devices, organizations must prioritize cybersecurity measures to safeguard their systems and data. While waiting for an official patch, implementing temporary mitigation strategies and staying informed about updates can help reduce the risk of exploitation. This incident serves as a reminder of the ongoing challenges in securing network devices and the need for collaboration between manufacturers, researchers, and users to address vulnerabilities effectively.

Read more »
trending news
AI cybersecurity Emerging tech news Generative AI latest news News Technology Technology News trending news

Generative AI in Cybersecurity: A Double-Edged Sword

Generative AI (GenAI) is transforming the cybersecurity landscape, with 52% of CISOs prioritizing innovation using emerging technologies. However, a significant disconnect exists, as only 33% of board members view these technologies as a top priority. This gap underscores the challenge of aligning strategic priorities between cybersecurity leaders and company boards.

The Role of AI in Cybersecurity

According to the latest Splunk CISO Report, cyberattacks are becoming more frequent and sophisticated. Yet, 41% of security leaders believe that the requirements for protection are becoming easier to manage, thanks to advancements in AI. Many CISOs are increasingly relying on AI to:

  • Identify risks (39%)
  • Analyze threat intelligence (39%)
  • Detect and prioritize threats (35%)

However, GenAI is a double-edged sword. While it enhances threat detection and protection, attackers are also leveraging AI to boost their efforts. For instance:

  • 32% of attackers use AI to make attacks more effective.
  • 28% use AI to increase the volume of attacks.
  • 23% use AI to develop entirely new types of threats.

This has led to growing concerns among security professionals, with 36% of CISOs citing AI-powered attacks as their biggest worry, followed by cyber extortion (24%) and data breaches (23%).

Challenges and Opportunities in Cybersecurity

One of the major challenges is the gap in budget expectations. Only 29% of CISOs feel they have sufficient funding to secure their organizations, compared to 41% of board members who believe their budgets are adequate. Additionally, 64% of CISOs attribute the cyberattacks their firms experience to a lack of support.

Despite these challenges, there is hope. A vast majority of cybersecurity experts (86%) believe that AI can help attract entry-level talent to address the skills shortage, while 65% say AI enables seasoned professionals to work more productively. Collaboration between security teams and other departments is also improving:

  • 91% of organizations are increasing security training for legal and compliance staff.
  • 90% are enhancing training for security teams.

To strengthen cyber defenses, experts emphasize the importance of foundational practices:

  1. Strong Passwords and MFA: Poor password security is linked to 80% of data breaches. Companies are encouraged to use password managers and enforce robust password policies.
  2. Regular Cybersecurity Training: Educating employees on risk management and security practices, such as using antivirus software and maintaining firewalls, can significantly reduce vulnerabilities.
  3. Third-Party Vendor Assessments: Organizations must evaluate third-party vendors for security risks, as breaches through these channels can expose even the most secure systems.

Generative AI is reshaping the cybersecurity landscape, offering both opportunities and challenges. While it enhances threat detection and operational efficiency, it also empowers attackers to launch more sophisticated and frequent attacks. To navigate this evolving landscape, organizations must align strategic priorities, invest in AI-driven solutions, and reinforce foundational cybersecurity practices. By doing so, they can better protect their systems and data in an increasingly complex threat environment.

Read more »
trending news
Google Chrome extensions attack malware News trending news

Google Chrome Extensions Compromised in Widespread Cyberattack

A cybersecurity incident has compromised at least 35 Google Chrome extensions, affecting approximately 2.6 million users globally. Over 400,000 devices have reportedly been infected with malicious code as part of a coordinated attack.

Timeline and Attack Methodology

An investigation revealed that the attack began on December 5, although related domains were registered as early as March 2024. This indicates the attackers had been preparing for months before launching their campaign.

One targeted entity was a data loss prevention startup, whose Chrome extension was exploited. The breach reportedly began with a phishing email impersonating a Google policy alert, urging a developer to install a "Privacy Policy Extension." This malicious extension, when granted permissions, allowed attackers to access the developer’s account.

Once access was obtained, the attackers uploaded a malicious update to the compromised extensions. This update bypassed security protocols and was automatically distributed to users, facilitating the infection. The primary objective appeared to be data harvesting, with an emphasis on collecting Facebook-related information from users.

Company Response and Security Observations

The affected company reported that the compromised employee had Google Advanced Protection and multi-factor authentication (MFA) enabled. Despite following standard protocols, the employee inadvertently authorized a malicious third-party application. The company clarified that no suspicious MFA prompts were received, and the employee's Google credentials remained secure.

Domains associated with the attack were initially registered in March 2024, with additional registrations occurring closer to the campaign’s escalation in November and December.

This incident underscores the evolving tactics of cybercriminals and the importance of constant vigilance and robust cybersecurity measures, particularly in the face of sophisticated phishing campaigns.

Read more »
trending news
Cyber Secuirty Cyber Security News Passkeys authentication trending news

Are Passkeys the Future of Authentication? Current Hurdles Say Otherwise

For years, cybersecurity experts have criticized passwords as outdated and insecure. Frequently re-used, susceptible to phishing, and vulnerable to leaks, they remain one of the weakest links in online security. Passkeys have been hailed as the solution — a frictionless and secure alternative that leverages biometric authentication while addressing many of the vulnerabilities associated with traditional passwords.

However, despite their promise, passkeys face challenges that could hinder their widespread adoption. While the technology offers undeniable advantages, issues like inconsistent functionality and platform lock-ins complicate the user experience.

How Passkeys Work

Passkeys represent a safer and more streamlined authentication method. Instead of typing a password, users authenticate through biometric verification, such as Face ID, Touch ID, or similar local methods. This approach shifts the security focus to the device itself, adopting a trust model akin to mobile payment systems like Apple Pay. In theory, this allows for seamless logins across devices.

The Reality of Cross-Platform Challenges

In practice, however, the experience is less cohesive. Within Apple’s ecosystem, passkeys function smoothly, with iCloud synchronization ensuring consistency. Yet outside this "walled garden," complications arise.

As highlighted by Ars Technica, users attempting to log into the same service with passkeys across platforms—such as PayPal on Windows versus iOS — encounter varying experiences. Some services further restrict passkey usage to specific browsers, frustrating users who frequently switch between platforms.

Platform Lock-In and User Frustration

A more pressing issue is platform dominance. Tech giants like Apple and Google often push users toward their proprietary passkey management systems, sometimes overriding user preferences. For instance, even if a passkey is synced via a third-party password manager, users may still be redirected to Google’s system when logging into certain sites, such as LinkedIn.

Adding to the frustration, many services operate passkeys alongside passwords rather than replacing them entirely. This undermines the very purpose of passkeys, as users are still required to create passwords during registration, perpetuating traditional security risks.

The Push for a Password-Free Future

Despite these setbacks, some organizations are leading the charge toward a password-free future. As Grayson Mixon, a user commenting on the issue, noted:

"The company I work for introduced passkeys months ago. Now they are disabling passwords as an option. It will be passkeys only in 2025."

While such initiatives signal progress, the path to universal adoption of passkeys is far from straightforward. For passkeys to truly replace passwords, the industry must overcome challenges related to interoperability, user convenience, and platform neutrality.

Passkeys have the potential to revolutionize online authentication, offering a more secure and convenient alternative to passwords. Yet, current inconsistencies and platform restrictions highlight the need for continued innovation and collaboration across the tech industry. Until these hurdles are addressed, the journey toward a password-free digital landscape will remain a work in progress.

Read more »
trending news
Cybersecurity Breach Data Breach EU News SecurityScorecard trending news

Third-Party Data Breaches Expose Cybersecurity Risks in EU's Largest Firms

A recent report by SecurityScorecard has shed light on the widespread issue of third-party data breaches among the European Union’s top companies. The study, which evaluated the cybersecurity health of the region’s 100 largest firms, revealed that 98% experienced breaches through external vendors over the past year. This alarming figure underscores the vulnerabilities posed by interconnected digital ecosystems.

Industry Disparities in Cybersecurity

While only 18% of the companies reported direct breaches, the prevalence of third-party incidents highlights hidden risks that could disrupt operations across multiple sectors. Security performance varied significantly by industry, with the transport sector standing out for its robust defenses. All companies in this sector received high cybersecurity ratings, reflecting strong proactive measures.

In contrast, the energy sector lagged behind, with 75% of firms scoring poorly, receiving cybersecurity grades of C or lower. Alarmingly, one in four energy companies reported direct breaches, further exposing their susceptibility to cyber threats.

Regional differences also emerged, with Scandinavian, British, and German firms demonstrating stronger cybersecurity postures. Meanwhile, French companies recorded the highest rates of third- and fourth-party breaches, reaching 98% and 100%, respectively.

Ryan Sherstobitoff, Senior Vice President of Threat Research and Intelligence at SecurityScorecard, stressed the importance of prioritizing third-party risk management. His remarks come as the EU prepares to implement the Digital Operational Resilience Act (DORA), a regulation designed to enhance the cybersecurity infrastructure of financial institutions.

“With regulations like DORA set to reshape cybersecurity standards, European companies must prioritise third-party risk management and leverage rating systems to safeguard their ecosystems,” Sherstobitoff stated in a media briefing.

Strengthening Cybersecurity Resilience

DORA introduces stricter requirements for banks, insurance companies, and investment firms to bolster their resilience against cyberattacks and operational disruptions. As organizations gear up for the rollout of this framework, addressing third-party risks will be crucial for maintaining operational integrity and adhering to evolving cybersecurity standards.

The findings from SecurityScorecard highlight the urgent need for EU businesses to fortify their digital ecosystems and prepare for regulatory demands. By addressing third-party vulnerabilities, organizations can better safeguard their operations and protect against emerging threats.

Read more »
UEFI Bootkit
Bookitty Data theft extortion Linux Systems malware Malware Attack News trending news UEFI Bootkit

Bootkitty: The Game-Changing Malware Targeting Linux Systems

 

This malware, named Bootkitty, introduces a new method of attacking Linux, which has traditionally been considered safer from such stealthy threats compared to Windows. Bootkits are highly dangerous because they infect a computer’s boot process, loading before the operating system starts. 

This allows them to take deep control of a system while avoiding detection by traditional security tools.   

Bootkitty specifically targets certain versions of Ubuntu Linux by bypassing critical security checks during system boot.   

How Bootkitty Works  


ESET discovered Bootkitty in November 2024 when a suspicious file, bootkit.efi, was uploaded to VirusTotal. The malware uses advanced techniques to bypass kernel signature verification and inject malicious components during the system boot process.   

It relies on a self-signed certificate, meaning it won’t function on systems with Secure Boot enabled.   The malware hooks into UEFI security protocols and GRUB bootloader functions, disabling key security checks and loading malicious modules into the Linux kernel.  Bootkitty also forces a malicious library to load into system processes upon startup.   

However, the malware is not without flaws.  It only works on specific GRUB and kernel versions, which limits its effectiveness.  It can cause system crashes due to compatibility issues.   

During their investigation, researchers also found another suspicious file, BCDropper, likely associated with Bootkitty. BCDropper installs a rootkit named BCObserver, which provides stealthy control by hiding files, processes, and open ports on the infected system.   

Growing Threat to Linux   


Although Bootkitty is not yet fully developed or actively deployed in real-world attacks, its discovery is concerning. It signals that cybercriminals are increasingly targeting Linux as more businesses rely on it for critical operations.  

To help organizations defend against Bootkitty, ESET has published indicators of compromise (IoCs) on GitHub.   

Recommendations for Protection   


  • Enable Secure Boot: Since Bootkitty cannot operate with Secure Boot enabled, this is a crucial defense. 
  • Update Security Tools: Keeping antivirus and other security software up to date can help detect and block new threats.  

This discovery underscores the growing sophistication of Linux-targeted malware and the need for robust security practices to safeguard critical systems.
Read more »
trending news
company data theft corporate cyber attacks cyberattacks trending news malware News trending news

BianLian Ransomware Gang Shifts Tactics: A New Era of Cyber Threats

 

A recent advisory from the FBI, CISA, and Australia’s Cyber Security Centre reveals a tactical shift by the ransomware group BianLian, marking a significant evolution in cyber extortion. The update, issued on November 20, 2024, highlights how the group has abandoned traditional encryption-based attacks in favor of exfiltration-only extortion, a trend gaining momentum across the cybercrime landscape. Previously known for their double-extortion model—encrypting victims' data while threatening to release stolen files—BianLian has moved exclusively to encryption-less attacks since early 2023. 

Instead of locking victims out of their systems, the group focuses solely on stealing sensitive data and leveraging it to demand ransoms. This new approach leaves the victims’ systems intact, but their sensitive information becomes the ultimate bargaining chip. “This method allows criminals to exploit multiple avenues for extortion,” the advisory states. “Even when victims pay, stolen data is rarely deleted and often surfaces on the Dark Web.” 

The shift reflects both a response to improved corporate defenses and a focus on operational efficiency. Muhammad Yahya Patel, lead security engineer at Check Point Software, noted that exfiltration-only attacks require fewer resources, making them harder to detect. “This tactic reduces the need for encryption malware, minimizing operational complexity and allowing attackers to stay under the radar,” Patel explained. 

Organizations with robust backup systems can recover from encryption-based attacks, diminishing their effectiveness. Pedro Umbelino, principal research scientist at Bitsight, observed, “Encryption rarely leads to data loss now, but companies still fear the public release of stolen data. Ransomware operators are prioritizing simpler methods to maximize profit.” The trend extends beyond BianLian. Darren Williams, CEO of BlackFog, revealed that 94% of ransomware attacks in 2024 now center on data theft rather than encryption. 

“The value of intellectual property, customer, and personal data has made exfiltration the preferred method for cybercriminals,” Williams noted. 

For organizations, this shift underscores the urgency of adapting cybersecurity defenses. Unlike encryption attacks, data exfiltration is harder to detect and often unnoticed until it’s too late. Investing in advanced monitoring tools, enhancing incident response plans, and fostering a culture of cybersecurity awareness are critical steps in mitigating this emerging threat. The rise of exfiltration-only ransomware is a stark reminder of cybercriminals’ adaptability. Businesses must evolve their defenses to match the growing sophistication of their adversaries.
Read more »
trending news
Game Emulation News online games Technology trending news

Game Emulation: Keeping Classic Games Alive Despite Legal Hurdles

 For retro gaming fans, playing classic video games from decades past is a dream, but it’s tough to do legally. This is where game emulation comes in — a way to recreate old consoles in software, letting people play vintage games on modern devices. Despite opposition from big game companies, emulation developers put in years of work to make these games playable. 

Game emulators work by reading game files, called ROMs, and creating a digital version of the console they were designed for. Riley Testut, creator of the Delta emulator, says it’s like opening an image file: the ROM is the data, and the emulator brings it to life with visuals and sound. 

Testut and his team spent years refining Delta, even adding new features like online multiplayer for Nintendo DS games. Some consoles are easy to emulate, while others are a challenge. Older systems like the Game Boy are simpler, but emulating a PlayStation requires recreating multiple processors and intricate hardware functions. Developers use tools like OpenGL or Vulkan to help with complex 3D graphics, especially on mobile devices. 

Emulators like Emudeck, popular on the Steam Deck, make it easy to access multiple games in one place. For those wanting an even more authentic experience, FPGA hardware emulation mimics old consoles precisely, though it’s costly. While game companies often frown on ROMs, some, like Xbox, use emulation to re-release classic games legally. 

However, legal questions remain, and complex licensing issues keep many games out of reach. Despite these challenges, emulation is thriving, driven by fans and developers who want to preserve gaming history. Though legal issues persist, emulation is vital for keeping classic games alive and accessible to new generations.
Read more »
trending news
AI threats Artifical Inteligence News Techn trending news

Big Tech’s Data-Driven AI: Transparency, Consent, and Your Privacy

In the evolving world of AI, data transparency and user privacy are gaining significant attention as companies rely on massive amounts of information to fuel their AI models. While Big Tech giants need enormous datasets to train their AI systems, legal frameworks increasingly require these firms to clarify what they do with users’ personal data. Today, many major tech players use customer data to train AI models, but the specifics often remain obscure to the average user. 

In some instances, companies operate on an “opt-in” model where data usage requires explicit user consent. In others, it’s “opt-out”—data is used automatically unless the user takes steps to decline, and even this may vary based on regional regulations. For example, Meta’s data-use policies for Facebook and Instagram are “opt-out” only in Europe and Brazil, not the U.S., where laws like California’s Consumer Privacy Act enforce more transparency but allow limited control. 

The industry’s quest for data has led to a “land grab,” as companies race to stockpile information before emerging laws impose stricter guidelines. This data frenzy affects users differently across sectors: consumer platforms like social media often limit users’ choice to restrict data use, while enterprise software clients expect privacy guarantees.  

Controversy around data use has even caused some firms to change course. Adobe, following backlash over potentially using business customer data for training, pledged not to employ it for AI model development. Similarly, Apple has crafted a privacy-first architecture for its AI, promising on-device processing whenever possible and, when necessary, private cloud storage. Microsoft’s AI, including its Copilot+ features, has faced scrutiny as well. 

Privacy concerns delayed some features, prompting the company to refine how data like screenshots and app usage are managed. OpenAI, a leader in generative AI, offers varied data-use policies for free and paid users, giving businesses greater control over data than typical consumers.
Read more »
trending news
cyberattacks news Data protection Data Theft Privacy smart home devices trending news

UK Watchdog Urges Data Privacy Overhaul as Smart Devices Collect “Excessive” User Data

 

A new study by consumer group Which? has revealed that popular smart devices are gathering excessive amounts of personal data from users, often beyond what’s required for functionality. The study examined smart TVs, air fryers, speakers, and wearables, rating each based on data access requests. 

Findings suggested many of these devices may be gathering and sharing data with third parties, often for marketing purposes. “Smart tech manufacturers and their partners seem to collect data recklessly, with minimal transparency,” said Harry Rose from Which?, calling for stricter guidelines on data collection. The UK’s Information Commissioner’s Office (ICO) is expected to release updated guidance on data privacy for smart devices in 2025, which Rose urged be backed by effective enforcement. 

The study found all three tested air fryers, including one from Xiaomi, requested precise user locations and audio recording permissions without clarification. Xiaomi’s fryer app was also linked to trackers from Facebook and TikTok, raising concerns about data being sent to servers in China, though Xiaomi disputes the findings, calling them “inaccurate and misleading.” 

Similar privacy concerns were highlighted for wearables, with the Huawei Ultimate smartwatch reportedly asking for risky permissions, such as access to location, audio recording, and stored files. Huawei defended these requests, stating that permissions are necessary for health and fitness tracking and that no data is used for marketing. 

Smart TVs from brands like Samsung and LG also collected extensive data, with both brands connecting to Facebook and Google trackers, while Samsung’s app made additional phone permission requests. Smart speakers weren’t exempt from scrutiny; the Bose Home Portable speaker reportedly had several trackers, including from digital marketing firms.  

Slavka Bielikova, ICO’s principal policy adviser, noted, “Smart products know a lot about us and that’s why it’s vital for consumers to trust that their information is used responsibly.” She emphasized the ICO’s upcoming guidance, aiming to clarify expectations for manufacturers to protect consumers. 

As the debate over data privacy intensifies, Which? recommends that consumers opt out of unnecessary data collection requests and regularly review app permissions for added security.
Read more »
trending news
cyber attack news Cyberattack Technology Threats trending news

Cybersecurity and AI Challenges: How Companies Must Evolve to Stay Secure and Competitive

 

Cybersecurity remains a big concern, with a recent study from DataDome showing that 91% of websites are at risk from bot attacks. The study looked at over 14,000 sites in industries like healthcare, luxury goods, and e-commerce, revealing that many businesses with sensitive data are not well protected. Even large companies, though slightly better equipped, let through half of the basic bot threats. 

As cyberattacks become more advanced, companies need to improve their defenses to avoid being targeted. DataDome’s study used simple bots, but it’s a reminder that more sophisticated attacks could cause even more damage. On top of cybersecurity issues, many companies face challenges in managing their data, especially when it comes to using generative AI.
 
Lakshmikant (LK) Gundavarapu, Chief Innovation Officer at Tredence, points out that AI relies on clean, well-organized data to work effectively. Unfortunately, many businesses struggle to keep their data in order, making it hard to get the most out of AI tools. Gundavarapu emphasizes that having a clear picture of their data is key for companies to use AI successfully. 

Meanwhile, President Joe Biden has introduced a new policy that highlights the importance of AI in national security. This policy focuses on protecting AI development and addressing risks like biological, chemical, and nuclear threats, while encouraging collaboration with other countries to manage AI responsibly. 

This follows an earlier executive order aimed at setting rules for AI use in the U.S. As cybersecurity threats grow and AI regulations evolve, tech companies like Microsoft, Google, and Meta are also facing challenges. While all three reported strong earnings driven by cloud and AI services, investors are cautious about their future spending plans. 

In today’s fast-changing environment, businesses need to prioritize strong cybersecurity and proper data management to remain competitive and secure.
Read more »
trending news
bank scams call scams Data Theft News Phishing Attacks Phising trending news

FakeCall Malware for Android Escalates Threat, Hijacks Outgoing Bank Calls

 

A newly evolved version of the FakeCall malware, a dangerous Android banking trojan, has been discovered hijacking users’ outgoing calls to their financial institutions, redirecting them to phone numbers controlled by attackers. The malware, first identified by Kaspersky in April 2022, focuses on voice phishing (vishing) scams, tricking victims into revealing sensitive banking information. 

The trojan presents a fake call interface that closely mimics Android’s default dialer, convincing victims they are communicating with legitimate bank representatives. 

This makes it challenging for users to discern the deception. When attempting to call their bank, the malware secretly redirects the call to attackers, who impersonate bank officials to steal personal information and money from accounts. A new report from Zimperium reveals that the latest FakeCall variant further enhances its capabilities. 

By tricking users into setting it as the default call handler during installation, the malware gains the ability to intercept both incoming and outgoing calls. In addition, the malware manipulates the Android user interface to show the bank’s actual phone number while connecting the victim to a scammer, deepening the illusion of legitimacy. The updated malware also adds new, though still developing, functionalities. 

It now uses Android’s Accessibility Service to simulate user actions, control the dialer interface, and automatically grant itself permissions. FakeCall’s operators have also introduced a Bluetooth listener and a screen state monitor, indicating ongoing development toward more advanced attack methods. Additional commands integrated into the latest version include capturing live screen content, taking screenshots, and accessing or deleting device images. 

These upgrades demonstrate the malware’s evolving sophistication, as it becomes harder to detect and remove. Security experts recommend avoiding the manual installation of Android apps through APKs, encouraging users to rely on the Google Play Store for app downloads. Though malware can still infiltrate Google Play, the platform’s security measures, such as Google Play Protect, can help identify and remove malicious apps when detected.
Read more »
VIPRE
Business Email Compromise Cyber crimes Cybersecurity trending news VIPRE

Business Email Compromise Soars in Q3 2024 as Cybercriminals Refine Tactics: VIPRE Report

 

Global cybersecurity provider VIPRE Security Group has published its Q3 2024 Email Threat Trends Report, revealing an alarming rise in business email compromise (BEC) and highlighting the evolving techniques cyber criminals are using to deceive employees and breach corporate security. According to VIPRE’s analysis of 1.8 billion global emails, 208 million were flagged as malicious, with BEC scams making up 58% of phishing attempts. 

VIPRE noted that 89% of these attacks used impersonation, often of senior executives or IT personnel, in an attempt to exploit employees’ trust in authority figures. The manufacturing sector experienced a notable 8% spike in BEC attacks this quarter, increasing from 2% in Q1 to 10% in Q3. 

The report attributes this surge partly to the industry’s extensive use of mobile devices for remote sign-ins, which can leave employees more vulnerable to attacks. Email threats during the quarter were predominantly scams (34%), commercial spam (30%), and phishing (20%), overshadowing ransomware and malware, which together made up less than 20% of email-based attacks. 

Despite their lower prevalence, ransomware and malware remain a significant concern in the cybersecurity industry. To evade detection by modern security measures, cybercriminals have started disguising malicious attachments as voicemails or essential security updates. Microsoft PDF and .DOCX files were the most common formats, with 2.18 million emails containing harmful attachments, representing a 30% rise from Q2’s 21%. In Q3, URL redirection became a popular technique among attackers, representing 52% of email-based scams. 

Cybercriminals used clean URLs within emails to bypass security checks, redirecting recipients to meticulously crafted fraudulent websites. VIPRE also observed a shift in malspam tactics, with attackers favouring attachments (64%) over malicious links (36%). Formats such as LNK, ZIP, and DOCX were common in these campaigns. 

Redline, a notorious malware family, remained the most prevalent, designed to steal sensitive data from web browsers. Usman Choudhary, VIPRE’s CPTO, emphasized the need for robust cybersecurity measures, especially as the holiday season approaches. “BEC email and phishing attacks are becoming more targeted and convincing,” he said, highlighting the urgency of employee education to counter these threats.
Read more »
trending news
Cyber Crime CyberCrime cybercrime news data crime Illicit Payment Gateways Indian Cybercrimes News trending news

India Cracks Down on Cybercrime with Warning Against Illegal Payment Gateways

 

In a sweeping move to combat organized cybercrime, India’s Ministry of Home Affairs (MHA), through the Indian Cybercrime Coordination Center (I4C), has issued a stark warning about illegal payment gateways reportedly run by transnational cyber criminals. These illicit gateways—PeacePay, RTX Pay, PoccoPay, and RPPay—are allegedly being used as conduits for money laundering, utilizing mule bank accounts rented from shell companies and individuals. 

The network is operated by foreign nationals and offers money laundering as a service, allowing criminal organizations to process and disguise illicit funds. Recent nationwide raids by Gujarat (Indian State) and Andhra Pradesh (Indian State) police have uncovered a complex network of digital payment platforms linked to various cybercrimes, the Ministry of Home Affairs announced in a press statement. 

These platforms exploit rented bank accounts—sourced through social media platforms like Telegram and Facebook—that belong to shell entities or individuals. “Current and saving accounts are scouted through social media, primarily from Telegram and Facebook,” the statement said, underlining the role of social media in recruiting mule accounts for illegal activities. 

According to the Cybercrime Coordination Center, these mule accounts are often remotely controlled by overseas operatives who leverage them to process transactions for various fraudulent schemes. These range from fake investment and offshore betting scams to phony stock trading platforms. Once funds are deposited, they are quickly transferred to other accounts, employing bulk payout options provided by banks to obscure the money trail. 

The Coordination Center has urged citizens to avoid renting or selling their bank accounts or company registration documents to these illegal platforms, as involvement with such illicit activities can carry severe legal repercussions, including potential arrest. 

The Center also stressed that banks may enhance their monitoring mechanisms to detect the misuse of bank accounts associated with illegal payment gateways. This crackdown comes as part of India’s broader efforts to secure its digital finance ecosystem amid a rise in cybercrime.
Read more »
trending news
Google News Online Security Technology trending news

Google Begins Testing Verified Checkmarks for Websites in Search Results

 

Google has started testing a new feature in its search results that adds a blue checkmark next to certain websites, aiming to enhance user security while browsing. As of now, this experiment is limited to a small number of users and websites, with the checkmarks appearing next to well-known companies such as Microsoft, Meta, and Apple. The blue checkmark serves as an indicator that the website is verified by Google. 

When users hover over the checkmark, a message explains, “This icon is being shown because Google’s signals suggest that this business is the business that it says it is.” However, Google clarifies that this verification does not guarantee the full reliability of the website, meaning users should still exercise caution. 

This feature resembles Google’s previous initiative, the BIMI (Brand Indicators for Message Identification) system, introduced in Gmail in 2023. BIMI uses blue markers to verify the authenticity of email senders, ensuring that businesses sending emails are legitimate and own the domains and logos they use. 

The goal of BIMI was to combat phishing and other malicious activities by allowing users to quickly identify verified businesses. While the checkmark feature is currently only being tested with a select group of users and websites, it has the potential to be expanded in the future. 

If widely implemented, it could help users easily identify trusted websites directly from search results, offering an extra level of safety when browsing the internet. Although it is unclear when or if Google plans to roll out the feature to all users, a company spokesperson confirmed that the test is underway. 

This new experiment could be a step towards making the internet a safer space, particularly as users grow more concerned about online threats such as phishing and scams. For now, Google is monitoring the test to assess its effectiveness before deciding on a broader launch.
Read more »
trending news
cyber attack Cyber attacks on Industrial leaders cyberattack news digital scam Indian cyber crimes trending news

Indian Textile Tycoon Duped of ₹7 Crore in Elaborate ‘Digital Arrest’ Scam

 

In a shocking incident, SP Oswal, chairman of the Vardhman Group, India, fell victim to a scam that cost him over INR 7 crore. The 82-year-old businessman was tricked into believing he was under investigation for money laundering, with scammers posing as officials from the Central Bureau of Investigation (CBI) and even impersonating Chief Justice of India DY Chandrachud. Through fake court setups, police uniforms, and ID cards, the conmen convinced Oswal that his “digital arrest” was legitimate. 

This case is part of a growing trend where scammers create fear and panic in victims’ minds, leading them to comply with demands for money. Experts have highlighted that the fear psychosis these scammers create makes even well-informed individuals vulnerable to such tactics. 

Oswal is not the only Indian high-profile victim; a lawyer from Bengaluru, and a doctor in Noida were also similarly duped. The lawyer, in particular, was forced to undergo a fake “narcotics test,” strip on camera, and lost INR 14 lakh in the process. Cyber law expert Pawan Duggal explains that “digital arrest” refers to a scam where victims are made to believe they are under investigation for serious crimes. 

Scammers use fake props and legal threats to intimidate their targets into handing over large sums of money. Victims are often coerced into keeping their cameras and microphones on at all times, further intensifying the pressure. The Ministry of Home Affairs has issued warnings about these scams and urged citizens to report suspicious calls on the cybercrime helpline (1930) or via their website. 

Authorities are working with agencies like the Indian Cyber Crime Coordination Centre (I4C) to combat the growing threat of cyber scams. Experts also stress that there is no legal provision for “digital arrest” and advise people to verify suspicious calls through official channels.
Read more »
Subscribe to: Posts (Atom)