Cybersecurity News, Tips, Tricks & Ideas

Google recently renamed its AI chatbot from Bard to Gemini. The company also announced the Gemini app and Advanced version for users to experience more AI features than the free version. However, researchers have found concerning holes in the Gemini Advanced as it is being used to expose confidential information. The AI chatbot does not reply to direct malicious prompts but can be easily manipulated with smart descriptions according to cybersecurity experts. The recent report also highlighted that Gemini even exposed system prompts. Know more about how the Google Gemini chatbot can be misused.

HDFC Bank has issued a new cybersecurity advisory to its customers specifically highlighting security tips that smartphone users must consider while using the HDFC mobile banking app and which may extend to mobile banking app users of other banks as well. This new cybersecurity advisory goes beyond highlighting the importance of protecting passwords, downloading banking apps from verified sources and raising awareness about phishing scams. HDFC Bank talked about a few common ‘bad habits' of smartphone users that make it easy for them to fall prey to hacking attempts and scams. If you are doing the following then you need to be more careful with your smartphone. 

For smartphone users across India, be prepared for a shift in how to call forwarding functions on your Android or iPhone devices. The Department of Telecom (DoT) is taking action to tackle fraud and online crimes perpetrated via mobile phones. As part of this initiative, telecom companies have been instructed to cease the use of USSD codes (such as *401#) for activating call-forwarding features. This directive comes into effect on April 15, 2024, until further notice.

AT&T has taken swift action to reset customer account passcodes following the disclosure of a data breach dating back to 2019. The breach, affecting a staggering 73 million current and former users, marks a significant security lapse for the telecom giant, with leaked data including sensitive personal information such as names, addresses, phone numbers, dates of birth, and social security numbers.

The government has issued a warning urging citizens to be cautious when using public phone charging stations in places like airports, cafes, hotels, and bus stands. The advisory comes amidst growing concerns over the "USB charger scam," a tactic cybercriminals use to exploit unsuspecting individuals who rely on these stations while on the move.

In a stark warning, F.A.C.C.T., a leading Russian cybersecurity firm, has raised alarm about the sinister use of eSIM technology by criminals to pilfer phone numbers, enabling access to sensitive bank accounts. The revelation, reported by Bleeping Computers, sheds light on a disturbing trend where eSIM, initially designed for convenience, are now being exploited as tools for nefarious activities.

Online service providers around the world have been integrating Multi-factor authentication to add an extra layer of security in their offerings to users when they sign in. The same has become even more important in the age of artificial intelligence-powered tools and OpenAI has just taken a big step to safeguard your ChatGPT account. Yes, AI tools such as ChatGPT also require extra security features just like the old world portals to be secure. And now, OpenAI has announced the inclusion of Multi-factor authentication to ChatGPT. This security feature will keep your account secure from hackers or those who may have surreptitiously obtained your credentials. Know more about ChatGPT Multi-factor authentication and how to enable this security feature.

From genomic information to internet-connected cars, the United States is rethinking its data protection policies -- with further trade curbs aimed at China in the cards -- as tech like AI brings new risks.

In response to critical security concerns, India's Computer Emergency Response Team (CERT-In) has issued a high-risk alert for users of Google Chrome, urging immediate action to mitigate potential threats. The advisory, released recently, highlights multiple vulnerabilities in the desktop version of Google Chrome that could be exploited by remote attackers to execute arbitrary code on targeted systems.

U.S. authorities on Friday said they had seized websites used to sell cybercriminals malware called "Warzone RAT" that could be used to steal data from victims' computers.

The Indian Computer Emergency Response Team (CERT-In) has raised a high-severity warning regarding vulnerabilities present in Google Chrome OS, urging users to update their browsers immediately. Released on February 8, 2024, under the designation CIVN-2024-0031, the security note highlights significant risks associated with Google Chrome OS versions preceding 114.0.5735.350 (Platform Version: 15437.90.0) on the LTS channel. Govt wants you to download the latest Google Chrome update as that will remove all current vulnerabilities that are there.

Cyber-skulduggery is becoming the bane of modern life. Australia's prime minister has called it a “scourge”, and he is correct. In 2022–23, nearly 94,000 cyber crimes were reported in Australia, up 23% on the previous year.

Governments and businesses are not prepared for the havoc quantum computers will sow in cybersecurity by the end of the decade, according to an International Business Machines Corp. executive.  “Is quantum going to really create a cybersecurity Armageddon?” Ana Paula Assis, IBM's general manager of Europe, Middle East and Africa, said on a panel at the World Economic Forum in Davos on Wednesday. “It's going to.” 

Artificial intelligence technology (AI) has grown by leaps and bounds in the last few months, but so has the number of miscreants using it to defraud people. One of the most prominent dangers emerged recently has been deepfake videos. For the unaware, deepfakes are AI-generated videos, images, and audio that are edited or manipulated to make anyone say or do anything that they did not do in real life. Deepfake videos are mostly being used by cybercriminals for illegal purposes. While nations are drafting and amending IT regulations to deal with this threat, malicious threat actors are all out to carry out these illicit activities, and deepfakes have now entered the crypto world too! Solana co-founder Anatoly Yakovenko recently became the latest victim of deepfakes in the crypto world. Know all about it.

On the last day of the year, a new online scam has surfaced which is trapping many innocent people. On January 16, the inauguration ceremony for the Ram Mandir in Ayodhya will begin, with the consecration of Ram Lalla scheduled for January 22. Ahead of the big event, some bad actors are asking people for donations by pretending to be representatives of the Shri Ram Janmbhoomi Teerth Kshetra, the trust constituted to look after the construction and management of the Ram Mandir. These scammers are pulling off a QR code scam where they share a fake QR code to transfer the money to their own accounts.

Deepfakes have become a rising concern lately, with several eminent personalities including celebrities falling victim. There have been several instances where threat actors have even defrauded the victim by using deepfakes or fake voices. While the advancements in artificial intelligence (AI) have increased productivity and helped users in their day-to-day lives, the technology has also been misused to carry out such scams and identity theft. After holding dialogues with tech and social media companies, the Government of India has now issued an advisory to the platforms. Know all about it.

As a citizen of today, you enjoy several digital systems, be it smartphones, email, voice AI like Alexa, or IoT. If you are part of any digital system, you are vulnerable to a cyberattack. In an era dominated by interconnected systems, the constant threat of cyberattacks, and businesses and individuals increasingly relying on digital platforms, the need for robust defenses against cyber threats has never been more critical.

Cyber risks are cited as the biggest threat faced by Indian organisations with 38 per cent of respondents feeling highly or extremely exposed to it, says a survey.

With 2023 set to end, companies around the world are enjoying the Christmas period. However, malicious threat actors are taking advantage of this lapse in security measures.  Phishing scams, malware, and other forms of cyber-attacks are being discovered almost every day that target innocent people. Now, a new Instagram phishing email campaign is doing the rounds where threat actors are targeting the login credentials of users by posing as Meta employees in a bid to not only get access to their usernames and passwords but also their backup codes. Know how this new Instagram phishing email campaign takes place and how to stay safe - 5 tips.

In October, Comcast Cable Communications, the American internet service provider that operates as Xfinity, got hit by a massive hack. Software used by Xfinity proved to be the door through which malicious activity was carried out. Although the vulnerability was fixed by Citrix in the same month, it has now been revealed that the internal data of the company, which included customer records including names, passwords, as well as a part of their social security numbers, was accessed during the intrusion.

Over the last few months, the adoption of artificial intelligence (AI) has been rapid. The world's biggest tech companies have made efforts to incorporate this technology into their suite of products, making the user experience a lot more convenient. However, the rapid advancements in AI have also given rise to AI scams. Yes, even the cybercriminals have jumped on the AI bandwagon. There have been several instances where threat actors have defrauded the victim by using deepfakes or fake voices. And now shocking details have emerged of  a Lucknow man who was defrauded of Rs. 45000 when he was targeted using a fake AI-generated voice of a relative. Know what happened in this AI voice scam.

The Indian government has issued a critical alert to users of Samsung smartphones across the country, urging them to swiftly update their handsets in response to identified security vulnerabilities. The advisory, issued by the Computer Emergency Response Team of India (CERT-In) highlights a threat to Samsung devices operating on Android versions 11, 12, 13, and 14. These vulnerabilities, if exploited, could potentially allow unauthorised access to sensitive data on these devices.

Have you ever thought that a bug can enter your Android device through your lock screen? This is quite shocking as all Android users necessarily have lock screens on their smartphones. Hackers seem to have found a new way to steal our data. In a recent discovery, a significant lock screen vulnerability on Android 13 and Android 14 has been unveiled. According to reports, it even gives attackers physical access to exploit an Android phone lock screen flaw and gain unauthorized access to personal data stored on the device. Check here to know all about this danger.

The Uttar Pradesh Police has launched an investigation after a Noida resident found herself at the receiving end of a new cyber fraud trend, wherein she was duped of more than ₹11 lakh and held under "digital arrest" for a day, officials said on Saturday.

In a recent interview, Saikat Mitra, Vice President and Head of Trust and Safety for Asia-Pacific at Google, shed light on the challenges faced in addressing the issue of fraudulent loan apps on the Google Play Store. Mitra explained that the delay in addressing these concerns stemmed from the fact that the apps, while not containing malware or harmful content, exhibited problematic business practices in the real world. When developers submit apps for listing on the Play Store, Google scrutinises them extensively, considering factors like code integrity and content safety.

Researchers have demonstrated six different attacks that can break the secure connection of devices connected via Bluetooth and hijack data from innocent victims. Scarily, all devices between 2014 and now are vulnerable to this risk. The particular Bluetooth security flaw was found to be present on all devices using Bluetooth 4.2 to 5.4. Additionally, the report has found that the AirDrop feature on iPhones is at particular risk from this attack.

Online scams are rising phenomenally, and some experts believe that it is about to explode even further. According to a report by Scamwatch, an online scam-monitoring website, a total of 257,392 cases have been reported by October 2023, marking a sharp increase from 2022's 239,237 cases. Cybercriminals have begun taking the help of generative AI tools such as ChatGPT to start campaigns at a much faster rate and they are making their fake claims much more believable, indicating they will easily fool the victim with their nefarious tactics. Earlier, this was a huge problem for cybercriminals.

In these, post-Covid days, we are heavily reliant on calling customer care services for every small query or problem. However, when looking for the customer care number, we often do a peremptory Google Search and dial the first number that appears on the list without giving it a second thought. It proved costly for a doctor who was caught up in an online cab refund scam. In a hurry, a Delhi doctor fell into a trap laid down by these criminals while trying to connect to the cab service customer care, which he found online. In the shocking event, the man, named Pradeep Chowdhury, lost over Rs. 4.9 lakh while asking for a refund due to the overcharging by the cab driver. Check out how the case took place.

In the ever-evolving landscape of online scams in India, perpetrators are adopting increasingly innovative tactics to exploit unsuspecting victims. While scams like job fraud on messaging platforms and the imposter army officer scheme have gained attention, a new form of deception, the courier delivery scam has been quietly infiltrating the scene. The big point to pay attention to is that the scam started with just a Rs. 5 payment

The cyberattack that paralyzed several major Australian ports was a sharp reminder of what governments and experts say is a growing threat to shipping, the lifeblood of the global economy.

Electronics makers Siemens, Ericsson and Schneider Electric, along with industry group DigitalEurope warned on Monday that onerous proposed EU rules targeting cybersecurity risks of smart devices could disrupt supply chains on a scale similar to during the pandemic.

In recent times, India has faced an alarming rise in cybercrime, with cybercriminals continuously developing new and innovative methods to deceive unsuspecting citizens. Among these tactics, the proliferation of fake e-challan scams has become a serious concern. These scams prey on individuals' fear of traffic violations, demanding payments for offenses that never occurred. The Information Security Awareness (ISEA) by MeitY has issued a warning about this growing threat.

Stanford University said on Friday that it is investigating a cybersecurity incident that struck its Department of Public Safety.

On Tuesday, Meta was served a lawsuit by more than 30 US states, including 8 individual lawsuits from states, over the alleged use of features in Instagram and Facebook to lure children to the platform and get them hooked on harmful content. This fresh case has again opened the longstanding issue of companies exploiting children, one of the most vulnerable demographics of any digital user base in order to gain profit. However, Meta is not the only one to blame here. For years, many tech firms including Google, Microsoft, Apple, and others have faced similar lawsuits for failing to protect underage users.

Cyber crimes are at an all-time high. As per data released by Delhi Police, more than 25000 cyber fraud cases have been filed till August 2023, marking a 212 percent increase compared to the previous year's 8000 registered cases in the same period. The scammers are also getting increasingly audacious, even starting their crime sprees on social media apps to catch victims in their comfort zones. Recently, a scammer tried to pull off an online gift card scam against the general counsel of Viacom18, a media company. However, he was not prepared for the way the head of the legal division caught him in the act.

Teen safety has been a huge concern for parents worried about their children's safety as incidents of crime soar. Now, teens are also aware of safety measures and they themselves are taking precautionary measures to keep themselves and their near ones safe. The extent to which teens are willing to go for safety's sake, however, is stunning, as is shown by this survey. In fact, tens of millions of teens are willingly opting to get tracked by parents. A recent survey shows that most teenagers believe that location tracking by their parents is beneficial for their safety. This is totally opposite to what most films and TV shows indicate through their content. Know how today's generation really feels about location tracking.

S Somanath, the chairman of the Indian Space Research Organisation (ISRO) on Saturday said that the country's space agency is facing more than 100 cyber-attacks daily. Somanath, while speaking on the concluding session of the 16th edition of the c0c0n, a two-day international cyber conference in Kerala's Kochi, further said that the possibility of cyber-attacks is much higher in rocket technology which uses ultra-modern software and chip-based hardware.

Cybersecurity has become a major concern because of the continuous development of new technologies and cybercriminals are using everything at their disposal to breach your bank accounts and empty it of its contents. Massive financial losses have happened to victims and getting back the same has proved to be virtually impossible. And malware is the medium through which these cybercriminals infiltrate your gadgets to spy on you, and discover your secret passwords. There is a constant threat hanging over everyone in the cyber world. The latest example to emerge is that of the Xenomorph Android malware. It has resurfaced again in its new version, and it is more dangerous than ever. Now, it has evolved into a greater threat and according to experts, it has infiltrated over 100 different banking and cryptocurrency apps. Read here to know, how it can affect you:

When we think of digital gadgets around us that can be a privacy concern, the car is rarely ever in the top 10 of anyone's list. However, a recent Mozilla Foundation study has found that it is not only a privacy concern, but the worst offender of it. The study reviewed 25 car brands and found that every single one of them was collecting more personal information about the users than it needed. Additionally, it also found that 84 percent of them sold the data. Making matters worse, 92 percent of the car brands gave the drivers little control over their own data, meaning users cannot have their data deleted from the company server if they wanted to.

Your Android phone might be at risk, the Indian government has warned! In a recent development, the Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology, has sounded the alarm on what it deems as "high" security risks lurking in the Android ecosystem. These vulnerabilities, if left unaddressed, could potentially provide malicious actors with unauthorized access to users' Android devices, putting sensitive information in jeopardy. The primary recourse offered to safeguard against this looming threat is to promptly update all applications directly through the official Play Store and check for available Android OS updates.

Starting October 5, India will host the ICC Cricket World Cup 2023 for the next month and a half, During this period, a total of 48 ODI matches will be played between the 10 teams that have qualified for the event. Ahead of the the event, many locals as well as people traveling from foreign nations will look to book match tickets and hotels to watch their nation play live. This moment of excitement and passion, unfortunately, is also the playground for cyber criminals who will be looking to scam people out of their personal data and money. The danger is ever present and now, McAfee has warned of 5 online scams that people can get trapped in while booking tickets and making travel plans online.

Union Minister Rajeev Chandrasekhar on Tuesday said that Digital Public Infrastructure (DPI) is a powerful mechanism for inclusion, especially for countries in the global south.

In a breakthrough development, Barracuda Networks, Inc., a cloud-first security solutions provider, has revealed impressive results from the first half of 2023. Their AI-based pattern analysis, employed by Barracuda Managed XDR, successfully detected and neutralised thousands of high-risk incidents within a vast pool of nearly one trillion IT events.

In the advanced digital age where business is booming and the general population increasingly relying on the internet and AI tools, there are some people who are abusing the technology to steal money and data. Every now and then we hear stories about scams being spread by malicious software through various apps. One of these was found recently. Experts have exposed a dangerous banking malware called MMRat, which is undetectable and even manages to evade antivirus scanning software. Know how it works.

British officials are warning organisations about integrating artificial intelligence-driven chatbots into their businesses, saying that research has increasingly shown that they can be tricked into performing harmful tasks.

Technological breakthroughs have grown extremely prevalent in an increasingly digitized environment, revolutionizing the various facets of our daily lives. The growth of Artificial Intelligence (AI) in recent years has been a spectacular breakthrough, ushering in a new era of possibilities and transformations. AI technologies and applications have found their way into a variety of industries, allowing for automation, better decision-making, and overall efficiency. However, as the world embraces digitalization and artificial intelligence, it is also confronted with the darker side of this technological revolution: the new perils of cybercrime.

The dark side of any technological advancement is that bad actors will use it for their personal advantage. We are already seeing this happen with artificial intelligence as AI-powered malware is being spotted, as well as a higher number of deepfakes have also surfaced. But the threat that is reaching a highly concerning level has to do with QR code-based scams. These online scams are on the rise and have led many people to fall prey to scammers and they end up losing a fortune. You need to know how a QR Code scam works because that will also help you in avoiding such scams altogether. So, let us take a look.

A 66-year-old man from Navi Mumbai was allegedly cheated to the tune of ₹17 lakh by cyber fraudsters on the pretext of offering him payment for an online task, police said on Saturday. An offence in this connection was registered at the Nerul police station on Friday, an official said.

At the start, the job looked like a well-paid role in finance. It ended with a $10,000-a-month drug habit and a cell in a German prison.

In recent times, India has witnessed a surge in online scams, leaving many innocent individuals facing financial losses. Common scams include YouTube video likes, Telegram-assigned tasks, and deceptive work-from-home job offers. Now, a new kind of scam has emerged, affecting those who frequently order food from delivery apps.

Kaleigha Hayes, a student at the University of Maryland Eastern Shore, is trying to trick an AI chatbot into revealing to her a credit card number — one which may be buried deep in the training data used to build the artificial intelligence model. “It's all about just getting it to say what it's not supposed to,” she tells me.

Phishing refers to a tactic employed by criminals who use fraudulent emails, text messages, or calls to deceive individuals and thereby steal their money and other financial information. The ultimate goal often involves luring victims into visiting a website, which can then lead to downloading malicious software onto their computers or the theft of sensitive personal data, such as bank details. These phishing messages are carefully crafted to persuade recipients to click on seemingly legitimate links, although they are actually designed to deceive. These deceptive practices can result in significant financial loss.

A 78-year-old man, M. Mohammed Basheer of Kozhikode Vandipetta, attempted to cancel an IRCTC ticket, but fell prey to a cunning scam, resulting in a loss of ₹4 lakhs. Basheer unknowingly accessed a fake website where a person posing as a railway employee reached out to him.

In the digital age, safeguarding your personal data has never been more critical as there is so much more to lose, from money to private photos and other data. But did you know that, among the most vulnerable pieces of information is your phone number, especially when it comes to online scams. Here's a proactive strategy to ensure that your phone number stays out of the wrong hands.

Hospitals and clinics in several states on Friday began the time-consuming process of recovering from a cyberattack that disrupted their computer systems, forcing some emergency rooms to shut down and ambulances to be diverted.

By Shardul Amarchand Mangaldas & Co.

The generative artificial intelligence revolution has brought new avenues of growth and potential for massive advancements, but along with that have come new threats to security and privacy. Recently we have seen instances of cybercrimes emerge where criminals and bad actors have been leveraging generative AI for malicious purposes. Just last month, a man in Thiruvananthapuram was scammed of Rs. 40,000 after the scammer used deepfakes to impersonate someone the victim knew. These crimes, which now use advanced AI malware, have risen so much that even the Federal Bureau of Investigation (FBI) in the USA had to issue a warning to the public to raise awareness of such crimes.

Cybercriminals are constantly evolving their tactics to stay ahead of cybersecurity measures, much to the despair of innocent smartphone users. This makes it crucial for users and businesses to stay vigilant and adopt robust security measures, because if they don't, they stand to lose their valuable data and money to hackers.

The Indian Computer Emergency Response Team (CERT-In) has issued a warning about a new internet ransomware virus called 'Akira,' which is causing significant concern. This malicious software is designed to target both Windows and Linux-based systems.

Hackers and propagandists are wielding artificial intelligence (AI) to create malicious software, draft convincing phishing emails and spread disinformation online, Canada's top cybersecurity official told Reuters, early evidence that the technological revolution sweeping Silicon Valley has also been adopted by cybercriminals.

President Joe Biden said Friday that new commitments by Amazon, Google, Meta, Microsoft and other companies that are leading the development of artificial intelligence technology to meet a set of AI safeguards brokered by his White House are an important step toward managing the “enormous” promise and risks posed by the technology.