Home Blog Page 143

Freshworks unveils UAE data centre to focus on clients in Middle East and Africa

TCN Bureau
-
0
Freshworks unveils UAE data centre to focus on clients in Middle East and Africa

Nasdaq-listed Freshworks has launched its new data centre, powered by Amazon Web Services (AWS), in the UAE to serve its customers from 72 countries across the region.

Some of Freshworks’ largest customers in the region include: Aramex, Landmark Group and Magrabi.

 “The investment demonstrates our dedication to supporting the growth and digital transformation of businesses in the region. With our data centre, companies requiring regional data compliance within the UAE can depend on us for business software in customer service, IT, and sales and marketing,” Abe Smith, Chief of Global Field Operations at Freshworks , said.

Sandie Overtveld, Senior Vice President of Freshworks APAC and MEA, said that data residency has always been a topic of conversation with their customers in the region.

“Freshworks has played a crucial role in enhancing our customer experience management. We are excited about Freshworks’ new journey with the launch of their data centre in the UAE, and we are confident it will bring additional benefits to businesses like ours in the region,” Habib Afzal – Head of Omni Channel at Magrabi, said.

“We are excited to support Freshworks’ expansion in the MEA region. The recent launch of the AWS Middle East (UAE) Region aligns with Freshworks’ strategy to enhance service delivery in this market,” Praveen Sridhar, Head of Partner Business, AWS India and South Asia, said.

upGrad raises $35m debt funding to be a leader in edtech arena

Ana Mary Joseph
-
0
upGrad raises $35m debt funding to be a leader in edtech arena
  • Issues 25 lakh non-convertible debentures and 3.75 Lakh optionally convertible debentures to the investor. 

The announcement by upGrad of Rs287.5 crore (approximately $35 million) in debt funding from EvolutionX underscores its unwavering commitment to driving educational transformation.

As the first debt funding for the Mumbai-based company this year, the strategic move signifies upGrad’s ability to secure the necessary resources to fuel its ambitious growth plans.

The company’s regulatory filing reveals that the funds will be utilised for many purposes, including expansion, operational expenses, and general corporate initiatives, all designed to strengthen its position in the edtech arena.

The issuance of 2.88 million debentures at an issue price of Rs1,000 each highlights the confidence that EvolutionX Debt Capital India Fund I and EvolutionX Debt Capital Master Fund I have placed in upGrad’s potential.

The debt funding complements the company’s previous capital-raising endeavours, which include a $36.5 million right issue from Temasek, founder Ronnie Screwvala, and other investors last year.

With a total funding exceeding $672 million to date including $36.5 million via right issue from Teamsek, founder Ronnie Screwala, and others in March last year,  upGrad has positioned itself as a formidable players in the edtech ecosystem

The Temasek−backed company′s reported plans to raise an additional $100 million to facilitate the acquisition of online education firm Udacity further underscores its strategic vision and ambition to expand its reach and offerings.

The company’s growth trajectory is impressive, with a 72 per cent increase in operational revenue, reaching Rs1,194 crore in FY23, up from Rs692 crore in the previous fiscal year.

However, this rapid growth has also been accompanied by a significant loss rise, which surged by 82 per cent to Rs 1,114 crore in FY23. As the company navigates the challenges of scaling its operations, it will be crucial for upGrad to strike a balance between revenue growth and cost optimisation to ensure long-term sustainability.

Notably, upGrad’s foray into the offline higher education space in 2022 marked a strategic shift, as the company invested $30 million to establish ten global campuses across India, the US, and other regions. This diversification into the physical education domain underscores upGrad’s commitment to providing a comprehensive and integrated learning experience for its students.

Infosys gives more details about data compromised in Union Labor Life breach

Naushad K. Cherrayil
-
0
Infosys gives more details about data compromised in Union Labor Life breach
  • Information impacted varies by individual but includes sensitive personal details such as Social Security Numbers, dates of birth, medical records, biometric data, login credentials, financial account information, and various government-issued identification numbers.
  • The breadth of compromised data heightens the risks of identity theft, financial fraud, and other malicious activities targeting the affected individuals.

According to the breach notification letter submitted by Infosys McCamish Systems (IMS), a US subsidiary of India’s IT service provider Infosys, to the Maine Attorney General, the cybersecurity incident that occurred in late 2023 impacted more than six million people.

Initially, IMS provided limited details about the disruption, only stating that the breach resulted in the “non-availability” of some applications and systems.

As a provider of business services to Union Labor Life, Infosys McCamish was entrusted with certain confidential data about the insurance company’s customers. However, this trust was breached when unauthorised access to this information occurred between October 29, 2023 and November 2, 2023.

The investigation conducted by Infosys McCamish, with the assistance of cybersecurity experts, revealed the gravity of the situation. The encryption of portions of the company’s systems by ransomware had allowed perpetrators to gain access to Union Labor Life’s customer data, which was stored within Infosys McCamish’s IT network.

The incident has not only compromised the privacy and security of Union Labor Life’s customers but also raised questions about the adequacy of the safeguards in place to protect sensitive information.

Data misuse

The swift response by Infosys McCamish, which included notifying law enforcement and launching a thorough investigation, is commendable.

However, the damage caused by the unauthorised access to Union Labor Life’s customer data cannot be overstated. The potential for identity theft, financial fraud, and other forms of misuse of this information poses a significant risk to the affected individuals.

Moreover, the reputational and legal implications of this incident for both Infosys McCamish and Union Labor Life are likely to be substantial.

However, in the months that followed, a more comprehensive picture emerged, shedding light on the extent and nature of the data compromise.

The Bank of America’s disclosure that the cyberattack had impacted 57,000 of its customers highlighted the interconnected risks within the financial services landscape. This underscored the significant impact that such breaches can have on various stakeholders, from individual consumers to large financial institutions.

Proactive step

In the latest update, IMS has provided more details about the type of data that was compromised during the incident.

The information impacted varies by individual but includes sensitive personal details such as Social Security Numbers, dates of birth, medical records, biometric data, login credentials, financial account information, and various government-issued identification numbers.

While IMS claims to be unaware of any instances where personal information has been fraudulently used, the company has taken the proactive step of offering impacted individuals complimentary credit monitoring for 24 months.

The measure, while commendable, does not negate the significant burden placed on those whose sensitive information has been exposed.

The fallout from this cybersecurity breach has already manifested in the form of multiple class action complaints filed against IMS in the US District Court for the Northern District of Georgia. These legal actions underscore the growing scrutiny and accountability that organizations face when they fail to adequately protect the personal data entrusted to them.

Moreover, the involvement of the notorious LockBit ransomware group, which has claimed responsibility for the IMS hack, adds another layer of complexity to the situation. LockBit’s history of successful ransom payouts and continued resilience, even in the face of law enforcement actions, suggests that the threat posed by such sophisticated cyber-criminal entities is far from being fully addressed.

Five disturbing security threats lurking in TikTok comments

Contributor
-
0
Five disturbing security threats lurking in TikTok comments
  • Employing strategic security practices and maintaining awareness of potentially malicious or harmful comments can greatly enhance user safety.
  • Educating yourself and staying informed about potential threats is crucial in safeguarding your online presence on platforms like TikTok.

In the digital age, social media platforms have become more than just avenues for recreational activities; they have evolved into hubs of substantial online interaction. Consequently, the security of these platforms has become a critical concern, particularly in the case of TikTok, a short-form video app owned by the Chinese company ByteDance.

The US government has recently passed legislation banning TikTok, citing concerns that the Chinese government could potentially access sensitive user data through the platform.

The concern has prompted several other countries, including India, the European Union, Australia, Belgium, Canada, France, New Zealand, the United Kingdom, and Afghanistan, to also impose bans on TikTok.

Thibeau Maerevoet.

The vulnerability of TikTok’s comments section is not merely a problem for individual privacy; it is a broader security concern that affects countless users globally.

The platform, which is populated by millions, is prone to specific security flaws that can compromise user data and privacy. This raises significant questions about the protection of sensitive information and the potential implications for national security.

As the world becomes increasingly interconnected through digital platforms, the need for robust security measures to safeguard user data and privacy has never been more pressing. The recent actions taken by various governments to ban TikTok underscore the importance of addressing these security concerns and ensuring that social media platforms operate in a manner that prioritises the protection of user information.

Below is an exploration of five common vulnerabilities found in TikTok comments?

1. Phishing Links

One of the most prevalent threats in Tiktok comments is the presence of phishing links. Unsuspecting users might click on these links, which can lead to unauthorised harvesting of personal information. Always verify the authenticity of any unsolicited link before clicking, even if it appears in seemingly benign comments.

Safety Tip: Users should hover over links to see the URL before clicking and avoid links that seem odd or out of context.

2. Spam Bots

Automated spam bots generate comments that often contain harmful links or misleading information. These bots are not only annoying but can also be utilized to spread malware or perform denial of service attacks.

What to Look Out For: Repetitive comments under different posts or variations of the same comment from different accounts often indicate bot activity.

3. Inappropriate Content

TikTok comments can sometimes become a breeding ground for inappropriate content, including hate speech and bullying. Such environments not only pose psychological threats but often escape moderation, affecting young and impressionable users.

How to Combat: Regularly updating privacy settings and reporting abuse whenever witnessed can help mitigate these risks.

4. Account Impersonation

Impersonation of popular TikTok personalities in comments is a tactic used to deceive followers. These counterfeit profiles post comments to mislead users, often directing them to phishing sites or scam operations.

Preventive Measure: Verify account authenticity and be skeptical of unusual posts or interactions from high-profile accounts.

5. Data Leakage

Sensitive information is sometimes inadvertently shared by users within comments. Whether discussing private matters or accidentally sharing personal details, such disclosures can lead to targeted phishing attacks or identity theft.

Best Practice: Think twice before sharing any information in comments that could be used maliciously.

Moving Forward

Vigilance is key in navigating the complex landscape of TikTok interactions. Employing strategic security practices and maintaining awareness of potentially malicious or harmful comments can greatly enhance user safety.

Educating yourself and staying informed about potential threats is crucial in safeguarding your online presence on platforms like TikTok.

Next steps could include educating others about these vulnerabilities, staying updated on new security practices, and regularly reviewing personal security settings. What steps will you take to safeguard your TikTok interactions?

  • Thibeau Maerevoet is the CEO of ProxyScrape.

Demand for OT security products sees strong growth

Mohammed Fahad
-
0
Demand for OT security products sees strong growth
  • Growth areas are network security and segmentation technologies, alongside identity and access management and end-point protection.

As the industrial world undergoes a profound shift towards digitization and smart manufacturing practices, the threat to industrial operations from Operational Technology (OT) attacks looms large and pervasive.

According to a report by ABI Research, the OT cybersecurity market is projected to expand significantly, with an estimated growth from $12.75 billion in 2023 to around $21.6 billion by 2028, with an approximate annual growth rate (CAGR) of 9.2 per cent.

Among the key areas poised for growth are network security and segmentation technologies, alongside identity and access management and end-point protection.

Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research, said the escalating demand for robust defensive measures within every conceivable industrial sector as digitization and Industry 4.0 concepts gain momentum.

“With the proliferation of OT and Internet of Things (IoT) devices potentially outpacing Information Technology (IT) devices, the necessity to secure a multitude of sensors, routers, and PLCs in industrial settings is driving the rise of OT cybersecurity revenues within the broader cybersecurity market.”

Mounting geopolitical pressures

The evolution of network security technologies, infused with AI and behavioural traffic analysis capabilities to detect and counter OT-specific threats, is expected to witness significant growth as industries increasingly adopt digital practices.

Segmentation technologies are highlighted for their pivotal role in securing OT traffic by providing efficient partitioning and tailored security controls for isolated segments, thereby poised to generate substantial revenue within the OT cybersecurity market.

Despite prevailing macroeconomic challenges, Amiri said that OT cybersecurity market continues to thrive, buoyed by accelerated digitisation trends and mounting geopolitical pressures that fuel heightened spending and market revenues, particularly in sectors vulnerable to cyber threats like oil and gas, utilities, mining, and manufacturing.

“Amidst these dynamics, cybersecurity providers specialising in OT solutions are encouraged to focus their marketing efforts on sectors facing increased cybersecurity risks.”

Russian hacker group gains access to more Microsoft customer emails

Ana Mary Joseph
-
0
Russian hacker group gains access to more Microsoft customer emails
  • Hackers found to have stolen emails from senior leadership team members, cybersecurity experts, and legal department employees.
  • Further investigations by Microsoft reveal that its US government Azure clients are also being targeted by the hackers.

Microsoft’s announcement regarding the breach of its internal systems by a Kremlin-backed hacker group has raised concerns about the extent of the cyberattack.

The hacker group, known as Midnight Blizzard, accessed more customer emails than originally disclosed by Microsoft. The tech giant is now in the process of notifying additional customers whose emails were compromised by the Russian nation-state hackers.

In an effort to provide transparency to its customers, Microsoft will be sharing detailed information about the types of data that were accessed by the hackers. This includes information for customers who were previously notified of the breach, as well as new notifications for those whose emails were recently discovered to have been compromised.

The company’s spokesperson emphasised their commitment to keeping customers informed as the investigation into the breach continues.

Microsoft’s security practices raise concerns

The initial disclosure of the Midnight Blizzard breach was made in a filing with the US Securities and Exchange Commission on January 19th. The hackers were found to have stolen emails from senior leadership team members, cybersecurity experts, and legal department employees.

They had also attempted to use the stolen credentials to contact Microsoft customers, raising further concerns about the security of the company’s systems.

Despite Microsoft’s efforts to address the breach, the Russian government has not responded to the hacking allegations. It is believed that the hackers targeted cybersecurity researchers who were investigating the actions of the Russian hacking group.

Related posts:

Microsoft’s revelation that the hackers were still attempting to gain access to its systems months later has sparked alarm among security experts and customers, who are questioning the company’s security practices.

The breach has also caught the attention of the US Cybersecurity and Security Infrastructure Agency, which issued an emergency directive to federal agencies in April. Further investigations by Microsoft revealed that its US government Azure clients were also being targeted by the hackers. This development highlights the widespread impact of the breach and underscores the need for heightened security measures to protect against foreign threats.

The breach is particularly concerning given the increasing regulatory scrutiny of Microsoft’s software and systems. A separate Chinese hacking group that breached Microsoft last year was able to steal thousands of US government emails, further highlighting the vulnerabilities in the company’s security infrastructure.

Microsoft President Brad Smith recently testified at a Congressional hearing, where he emphasised the company’s efforts to improve its security practices in response to the breaches.

In light of these developments, it is clear that Microsoft faces significant challenges in safeguarding its systems against sophisticated cyber threats.

The company’s ongoing efforts to enhance its security measures are crucial in protecting customer data and mitigating the risks posed by malicious actors.

1...142143144...271Page 143 of 271