Patrick Beuth, Jörg Diehl, Roman Höfner, Roman Lehberger, Friederike Röhreke, and Fidelius Schmid at Der Spiegel:

Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials. To do so, the reporters used commercial people search engines along with hacked customer data that has been published on the web. Those affected by the leaks include National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard and Secretary of Defense Pete Hegseth. Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn. They were used to create Dropbox accounts and profiles in apps that track running data. There are also WhatsApp profiles for the respective phone numbers and even Signal accounts in some cases. As such, the reporting has revealed an additional grave, previously unknown security breach at the highest levels in Washington. Hostile intelligence services could use this publicly available data to hack the communications of those affected by installing spyware on their devices. It is thus conceivable that foreign agents were privy to the Signal chat group in which Gabbard, Waltz and Hegseth discussed a military strike.

Numbers Linked to Signal Accounts

It remains unclear, however, whether this extremely problematic chat was conducted using Signal accounts linked to the private telephone numbers of the officials involved. Tulsi Gabbard has declined to comment. DER SPIEGEL reporting has demonstrated, though, that privately used and publicly accessible telephone numbers belonging to her and Waltz are, in fact, linked to Signal accounts. [...] The White House confirmed the scandal after the fact. Trump insisted that it did not include classified content, a question that is of particular relevance since members of the U.S. government are not permitted to share such information over Signal. The U.S. special envoy for Ukraine and the Middle East, Steve Witkoff, was even in Russia while participating in the chat group.

DER SPIEGEL was able to find some of the contact information for Gabbard, Hegseth and Waltz in commercial databases, while other information was in so-called password leaks, which are hardly a rarity on the internet. One example is the 2019 discovery by Troy Hunt, who found 773 million email addresses and more than 21 million passwords in a hacker forum. Since then, there have been numerous additional leaks. Criminals are constantly compiling new collections from hacks, usually to sell them on forums. [...] The mobile number provided, meanwhile, led to a WhatsApp account that Hegseth apparently only recently deleted. The profile photo showed a shirtless Hegseth in a baseball cap and necklace. Comparisons with other photos of the U.S. secretary of defense using facial recognition software were able to confirm that the photo on the WhatsApp profile was indeed Hegseth.

Several Passwords in Leaked Database

Waltz’s mobile number and email address could be found using the same service provider. The mobile phone number could even be found using a people search engine popular in the U.S. DER SPIEGEL reporters were also able to find several passwords for Waltz’s email address in leaked databases. The information also led to Waltz’s profiles for Microsoft Teams, LinkedIn, WhatsApp and Signal. National Intelligence Director Gabbard was seemingly more careful with her data than her two male colleagues. She apparently had her own data blocked in the commercial contact search engines that contained the data of Hegseth and Waltz. But her email address was to be found on WikiLeaks and Reddit. Gabbard’s email address is available in more than 10 leaks. One of those also contains a partial telephone number, which, when completed, leads to an active WhatsApp account and a Signal profile.

German publication Der Spiegel writes that several of the National Security Advisers for the Trump Administration, including Pete Hegseth, Tulsi Gabbard, and Michael Waltz, had their private data breached and the passwords found online.

Fortunately for affected customers though, it appears that only personal information was stolen during this attack and financial information wasn’t accessed.

Oh, nice. Apparently data breaches have become so commonplace that “only personal information was stolen” is regarded as A-OK now. 🙄

The darkside of the Social Media platforms

The Attention Economy

Attention is the most valuable currency in today's world.

Companies that can capture attention can make a lot of money.

Social media platforms are designed to be addictive and keep you engaged for as long as possible.

How Social Media Tracks Your Data

Social media platforms collect a lot of data about you, including your likes, dislikes, and browsing habits.

This data is used to target you with advertising.

Social media platforms may also listen to your conversations through your device's microphone (although this is not confirmed).

The Impact of Social Media on Society

Social media can create echo chambers and filter bubbles, where you are only exposed to information that confirms your existing beliefs.

This can lead to polarization and a decline in civil discourse.

Social media can also be addictive and lead to decreased productivity and attention spans.

What You Can Do

Be mindful of how much time you spend on social media.

Be critical of the information you see on social media.

Consider adjusting your privacy settings on social media platforms.

There are extensions and apps available to help you limit your social media usage.

Note-To check if your email address has been compromised, you can visit the website Have I Been Pwned: https://haveibeenpwned.com/

What is Zero Trust Architecture?

Zero Trust Architecture (ZTA) is a security model that operates on the principle "never trust, always verify." Unlike traditional security models that assume everything within a network is trustworthy, ZTA requires verification for every access request, regardless of whether it originates inside or outside the network.  

Why is it Important?  

In today's digital landscape, cyber threats are becoming increasingly sophisticated. Zero Trust Architecture helps mitigate risks by continuously verifying every user and device, ensuring that only authorized entities can access sensitive information.  

How Does It Protect You?  

1. Enhanced Security: By requiring strict verification, ZTA minimizes the risk of unauthorized access and data breaches.  

2. Reduced Attack Surface: Limiting access to only what is necessary decreases potential entry points for attackers.  

3. Real-time Monitoring: Continuous monitoring and verification help detect and respond to threats promptly.  

Adopt Zero Trust Architecture with Century Solutions Group to fortify your cybersecurity defenses and protect your business from evolving cyber threats! #ZeroTrust #CyberSecurity #CenturySolutionsGroup 

Learn More:https://centurygroup.net/cloud-computing/cyber-security/

Reminder to set up 2FA

Change your Tumblr password now.

Humongous data breach just happened, with loads upon loads of sites being affected. Tumblr's among those. Also on the list is Wattpad for you fanfic people out there- among many, many other places.

There's a searchable list at the bottom of the article. Highly recommend scrolling or searching through, seeing what places you may be on that have been affected, and securing all your accounts. This thing's kind of big.

If you know people on any of the sites affected, let them know about this too, and spread the article around.

Clean it up hiro….

Data breaches, digital IDs, and mass surveillance—are we trading privacy for convenience? Plus, a song about your screen watching you back.

STEP-BY-STEP GUIDE TO ENCRYPTING EMAILS IN OUTLOOK, GMAIL, AND OTHER SERVICES

Email encryption is essential for safeguarding sensitive information from unauthorized access. This article provides step-by-step instructions to encrypt emails across various platforms, including Outlook, Gmail, iOS, and Android. Encrypting Emails in Microsoft Outlook To encrypt emails in Outlook, a Digital ID, also known as an email certificate, is required. This certificate can be obtained…

How to Develop an Effective Cybersecurity Incident Response Plan for Businesses

Data breaches have become more frequent and costly than ever. In 2021, the average data breach cost companies more than $4 million. Threat actors are increasingly likely to be sophisticated. The emergence of ransomware-as-a-service (RaaS) has allowed even unsophisticated, inexperienced parties to execute harmful, disruptive, costly attacks. In this atmosphere, what can businesses do to best…

Digital Disruption: How Ad Agencies are Navigating the Online Landscape

In an era marked by rapid technological advancements, the concept of digital disruption has emerged as a transformative force, reshaping industries and landscapes globally. This phenomenon refers to the profound impact that digital technologies have on traditional business models, challenging established norms and fostering innovation. As we delve into the intricate dynamics of digital disruption, we explore its implications on the online landscape and the pivotal role played by ad agencies, particularly in the context of India.

Digital disruption encompasses a spectrum of technological innovations, from artificial intelligence and big data to social media and e-commerce. These advancements often lead to the creation of new markets, the demise of outdated business models, and a fundamental shift in consumer behavior. The online landscape, in particular, bears witness to these seismic changes, as businesses strive to stay relevant in an environment that is constantly evolving.

Digital Disruption in online landscape

Digital disruption has reshaped the advertising landscape, challenging traditional models and pushing agencies to adapt to the online realm. This shift comes with various types of disruptions, each presenting unique challenges and opportunities.

1. Virality: Riding the Wave or Wiping Out?

The rise of social media has given campaigns the potential to go viral, reaching unprecedented audiences. Ad agencies must navigate the fine line between creating shareable content and the risks associated with unpredictable virality. While viral campaigns can boost brand visibility, they also require careful management to avoid unintended consequences.

2. Data Breach: Protecting Trust in the Digital Age

As agencies increasingly rely on data for targeted campaigns, the threat of data breaches looms large. Maintaining client and consumer trust is paramount. Agencies must invest in robust cybersecurity measures, ensuring the protection of sensitive information. A breach not only jeopardizes data but can irreparably damage an agency's reputation.

3. Polarization: Navigating the Diverse Digital Landscape

The online space often amplifies societal divisions, posing a challenge for ad agencies aiming to appeal to diverse audiences. Navigating polarized opinions requires a delicate balance in messaging to avoid alienating portions of the audience. Agencies need strategies that resonate across various demographics while staying true to brand values.

4. Information Overload: Cutting Through the Noise

In the digital era, consumers are bombarded with information, leading to attention scarcity. Ad agencies must craft campaigns that cut through the noise, capturing attention and delivering a clear message. Creativity, concise storytelling, and understanding the platforms where the target audience resides are essential in overcoming the challenge of information overload.

5. Crisis Situation: Turning Challenges into Opportunities

Digital disruptions can quickly escalate into full-blown crises. Whether it's negative social media sentiment, a PR disaster, or a viral campaign gone awry, ad agencies must be equipped to handle crises promptly and effectively. Having a crisis management plan, transparency, and a quick response are crucial in mitigating damage and preserving reputation.

6. Lack of Authenticity: Building Genuine Connections

In a digital landscape filled with curated content, authenticity stands out. Ad agencies face the challenge of creating campaigns that resonate on a personal level. Authenticity builds trust, and consumers are more likely to engage with brands that genuinely reflect values. Crafting campaigns with sincerity, transparency, and relatability is key to overcoming the perception of inauthenticity.

Navigating the Landscape: Strategies for Success

1. Adaptability and Innovation: Ad agencies must embrace change and constantly innovate to stay ahead in the rapidly evolving digital landscape.

2. Investment in Cybersecurity: To address the threat of data breaches, agencies need robust cybersecurity measures, employee training, and a proactive approach to data protection.

3. Diversity and Inclusion: To navigate polarization, agencies should prioritize diversity and inclusion in their teams, ensuring a broad perspective in campaign creation.

4. Audience-Centric Approach: Overcoming information overload requires a deep understanding of the target audience. Agencies should tailor campaigns to specific platforms and consumer behaviors.

5. Crisis Management Preparedness: Having a well-defined crisis management plan, coupled with transparency and quick responses, can turn crises into opportunities for rebuilding trust.

6. Authentic Storytelling: Crafting authentic narratives that resonate with consumers is vital. Ad agencies should focus on building genuine connections through relatable content.

For ad agencies in Delhi, navigating this dynamic digital landscape requires agility, adaptability, and a keen understanding of emerging trends. The traditional advertising playbook has been rewritten, with digital platforms becoming the new battleground for brands vying for consumer attention. Adapting to this shift, ad agencies are leveraging data-driven insights to tailor marketing strategies that resonate with online audiences.

One notable aspect of digital disruption is the democratization of advertising. The rise of social media platforms and online marketplaces has provided businesses, regardless of size, with the opportunity to connect directly with their target audience. Ad agencies in India are capitalizing on this trend by crafting campaigns that engage users on platforms like Facebook, Instagram, and Twitter, fostering a more personalized and interactive brand-consumer relationship.

The advent of programmatic advertising is another facet of digital disruption that has revolutionized the ad industry. This automated, data-driven approach to buying and placing ads allows agencies to optimize campaigns in real-time, ensuring maximum impact and efficiency. Ad agencies in India are increasingly embracing programmatic advertising to enhance their clients' reach and engagement in the crowded online space.

However, with great opportunities come significant challenges. Ad agencies grapple with the need to stay abreast of the latest technological trends, while also addressing concerns related to data privacy and ad fraud. As the online landscape evolves, agencies must strike a delicate balance between innovation and ethical considerations to build trust with both clients and consumers.

In the Indian context, where digital adoption is rapidly increasing, ad agencies play a crucial role in bridging the gap between traditional and digital advertising. They act as catalysts for businesses looking to make a seamless transition into the online realm, ensuring that marketing strategies align with the preferences and behaviors of the diverse Indian audience.

In conclusion, digital disruption is a force that cannot be ignored, and ad agencies in India are at the forefront of navigating this transformative wave. By embracing innovative technologies, adapting to shifting consumer behaviors, and fostering a culture of continuous learning, these agencies are not just surviving but thriving in the fast-paced world of digital advertising. As the online landscape continues to evolve, the role of ad agencies remains pivotal in helping businesses not only stay afloat but also stand out in the digital sea of opportunities.

This post was originally published on: Apppl Combine

How to Manage Your Digital Footprint

In today’s interconnected world, our online presence is more significant than ever. Every click, share, and post contributes to our digital footprint, shaping how we are perceived both personally and professionally. This comprehensive guide on how to manage your digital footprint aims to equip you with the knowledge and tools necessary to take control of your online identity, ensuring it reflects…

Looking for the latest cyber security news? Stay informed with up-to-date reports and analyses from industry experts. From data breaches to new security protocols, they cover all aspects of cybersecurity to help you protect your digital assets.

Digitalisation: A Double-Edged Sword for Consumers and Financial Systems, Says RBI Report

In its Report on Currency and Finance (RCF) for 2023–24, the Reserve Bank of India (RBI) highlighted the transformative yet challenging impacts of digitalisation on consumer behavior and financial systems. Released on Monday, the report underscores how the convenience and accessibility brought by digitalisation can also lead to impulsive spending, herd behavior, and heightened risks of data breaches.

Benefits and Risks of Digitalisation

Digitalisation undoubtedly enhances the ease with which consumers can access financial services. However, it also introduces new risks. The RBI report points out that the rapid spread of financial trends and choices through digital platforms can influence consumers to follow the crowd, leading to impulsive spending and herd behavior. This is particularly evident during market frenzies, where mass buying or selling of stocks can trigger similar actions from other consumers.

Moreover, the interconnected nature of the digital financial system can complicate financial stability. For instance, widespread withdrawal of deposits due to herd behavior could lead to bank runs or failures.

Data Breaches: A Growing Concern

The report also highlights the growing threat of data breaches. In 2023, the average cost of a data breach in India was $2.18 million, marking a 28% increase since 2020. Common attacks include phishing and the use of stolen or compromised credentials. These breaches pose significant risks to both consumers and financial institutions.

Implications for Monetary Policy

Digitalisation impacts inflation, output dynamics, and the transmission of monetary policy in various ways. The report suggests that if digitalisation shifts credit supply from regulated banks to less-regulated non-banks, it could dampen the effectiveness of monetary policy. As such, central banks must integrate digitalisation considerations into their models to ensure effective monetary policy and financial stability.

Proactive Measures and International Collaboration

The RBI has been proactive in leveraging the benefits of digitalisation while mitigating associated risks. Digitalisation holds the potential to boost India’s external trade in goods and services, particularly in modern services exports. It can also reduce the cost of international remittances, benefiting recipients through higher incomes or savings.

In a significant step towards enhancing cross-border payments, the RBI joined Project Nexus, aiming to interlink domestic Fast Payments Systems (FPS) across several countries, including Malaysia, the Philippines, Singapore, and Thailand. This follows the integration of India’s Unified Payments Interface (UPI) with Singapore’s PayNow, facilitating faster and more affordable remittances between the two nations. Similarly, an MoU with the Central Bank of UAE aims to link India’s UPI with UAE’s Instant Payment Platform (IPP).

The Rise of UPI

The report highlights the explosive growth of UPI, which has seen a tenfold increase in volume over the past four years. From 12.5 billion transactions in 2019–20 to 131 billion in 2023–24, UPI now accounts for 80% of all digital payment volumes in India. As of June 2024, UPI is recording nearly 14 billion transactions monthly, driven by 424 million unique users.

Future Outlook

Cross-border digital trade policies will be crucial in leveraging new opportunities and ensuring data security and cybersecurity. The internationalisation of the rupee is also progressing, supported by a comprehensive policy approach.

In summary, while digitalisation brings significant benefits, it also poses new challenges. The RBI’s report emphasizes the need for a balanced approach to harness its advantages while managing the associated risks to consumer behavior, financial stability, and data security.

Preventing Ransomware Attacks: Proactive Measures to Shield Your Business

New Post has been published on https://thedigitalinsider.com/preventing-ransomware-attacks-proactive-measures-to-shield-your-business/

Preventing Ransomware Attacks: Proactive Measures to Shield Your Business

All forms of cyber attacks are dangerous to organizations in one way or another. Even small data breaches can lead to time-consuming and expensive disruptions to day-to-day operations.

One of the most destructive forms of cybercrime businesses face is ransomware. These types of attacks are highly sophisticated both in their design and in the way they’re delivered. Even just visiting a website or downloading a compromised file can bring an entire organization to a complete standstill.

Mounting a strong defense against ransomware attacks requires careful planning and a disciplined approach to cyber readiness.

Strong Endpoint Security

Any device that’s used to access your business network or adjacent systems is known as an “endpoint.” While all businesses have multiple endpoints they need to be mindful of, organizations with decentralized teams tend to have significantly more they need to track and protect. This is typically due to remote working employees accessing company assets from personal laptops and mobile devices.

The more endpoints a business needs to manage, the higher the chances that attackers can find hackable points of entry. To mitigate these risks effectively, it’s essential to first identify all the potential access points a business has. Businesses can then use a combination of EDR (Endpoint Detection and Response) solutions and access controls to help reduce the risk of unauthorized individuals posing as legitimate employees. 

Having an updated BYOD (Bring Your Own Device) policy in place is also important when improving cybersecurity. These policies outline specific best practices for employees when using their own devices for business-related purposes – whether they’re in the office or working remotely. This can include avoiding the use of public Wi-Fi networks, keeping devices locked when not in use, and keeping security software up-to-date.

Better Password Policies and Multi-Factor Authentication

Whether they know it or not, your employees are the first line of defense when it comes to avoiding ransomware attacks. Poorly configured user credentials and bad password management habits can easily contribute to an employee inadvertently putting an organization at more risk of a security breach than necessary. 

While most people like having a fair amount of flexibility when creating a password they can easily remember, it’s important as a business to establish certain best practices that need to be followed. This includes ensuring employees are creating longer and more unique passwords, leveraging MFA (multi-factor authentication) security features, and refreshing their credentials at regular intervals throughout the year.

Data Backup and Recovery

Having regular backups of your databases and systems is one way to increase your operational resilience in the wake of a major cyberattack. In the event your organization is hit with ransomware and your critical data becomes inaccessible, you’ll be able to rely on your backups to help recover your systems. While this process can take some time, it’s a much more reliable alternative to paying a ransom amount.

When planning your backups, there is a 3-2-1 rule you should follow. This rule stipulates that you should:

Have three up-to-date copies of your database

Use two different data storage formats (internal, external, etc.)

Keep at least one copy stored off premises

Following this best practice lowers the likelihood that “all” your backups become compromised and gives you the best chance for recovering your systems successfully.

Network Segmentation and Access Control

One of the most challenging things about ransomware is its ability to spread rapidly to other connected systems. A viable strategy for limiting this ability is to segment your networks, breaking them up into smaller, isolated strings of a wider network. 

Network segmentation makes it so that if one system becomes compromised, attackers still won’t have open access to a system. This makes it much harder for malware to spread.

Maintaining strict access control policies is another way you can reduce your attack surface. Access control systems limit the amount of free access that users have in a system at any given time. In these types of systems, the best practice is to ensure that regardless of who someone is, they should still only ever have just enough permissions in place to access the information they need to accomplish their tasks – nothing more, nothing less.

Vulnerability Management and Penetration Testing

To create a safer digital environment for your business, it’s important to regularly scan systems for new vulnerabilities that may have surfaced. While businesses may spend a lot of time putting various security initiatives into place, as the organization grows, these initiatives may not be as effective as they used to be. 

However, identifying security gaps across business infrastructures can be incredibly time-consuming for many organizations. Working with penetration testing partners is a great way to fill this gap.

Pentesting services can be invaluable when helping businesses pinpoint precisely where their security systems are failing. By using simulated real-world attacks, penetration testers can help businesses see where their most significant security weaknesses are and prioritize the adjustments that will bring the most value when protecting against ransomware attacks.

Data Security Compliance and Ethical AI Practices

There are various considerations you want to make when implementing new security protocols for your business. Ransomware attacks can do much more than disrupt day-to-day operations. They can also lead to data security compliance issues that can lead to a long list of legal headaches and do irreparable damage to your reputation.

Because of this, it’s important to ensure all critical business data uses active encryption protocols. This essentially makes data inaccessible to anyone not authorized to view it. While this in itself won’t necessarily stop cybercriminals from accessing stolen data, it can help to protect the information from being sold to unauthorized parties. Leveraging data encryption may also already be a requirement for your business depending on the regulatory bodies that govern your industry.

Another thing to consider is that while AI-enabled security solutions are becoming more widely used, there are certain compliance standards that need to be followed when implementing them. Understanding any implications associated with leveraging data-driven technologies will help ensure you’re able to get maximum benefit out of using them without inadvertently breaching data privacy rights. 

Keep Your Business Better Protected

Protecting your business from ransomware attacks requires a proactive approach to risk management and prevention. By following the strategies discussed, you’ll be able to lower your susceptibility to an attack while having the right protocols in place if and when you need them.