Network security

Lawmakers demand probe into Trump team’s Signal breach

​Top officials from the Trump administration inadvertently included a journalist in an encrypted Signal chat while discussing military plans, leading to concerns over a potential security breach.

The incident has prompted Democratic lawmakers to call for a congressional investigation into the mishandling of classified information. Although US law criminalises the misuse of such data, it remains uncertain if legal provisions were violated in this case. ​

Signal is a widely trusted encrypted messaging app known for strong privacy protections. The service, instead of storing user messages on its servers, keeps data solely on users’ devices, with an option to automatically delete conversations.

Unlike other platforms, Signal does not track user data, use ads, or affiliate with marketers. Its encryption is independent of any government, and cybersecurity experts consider it highly secure. However, if a device itself is compromised, messages within the app can still be accessed by hackers. ​

The app was co-founded by Moxie Marlinspike in 2012 and later supported by WhatsApp co-founder Brian Acton, who left WhatsApp over concerns regarding data privacy.

Signal is run by the non-profit Signal Foundation and has grown in popularity, especially among privacy advocates, journalists, and government agencies.

The European Commission and the US Senate have also endorsed its use. However, experts question whether it is appropriate for discussions involving national security matters, given the risk of mobile device vulnerabilities. ​

Signal saw a significant surge in users in 2021 after WhatsApp introduced a controversial privacy policy update.

Despite its reputation for security, the recent incident with Trump administration officials highlights concerns about the suitability of even the most encrypted platforms for handling sensitive government information.

For more information on these topics, visit diplomacy.edu.

Ransomware spreads through online conversion tools

The FBI’s Denver Field Office has issued a national warning over a rising cyber threat involving fake file converter websites. These sites, posing as free tools for tasks like converting documents or media formats, are secretly distributing ransomware and malware while appearing to perform legitimate functions.

According to the FBI, users are lured by services that convert files such as ‘.doc’ to ‘.pdf’ or combine image files, but the downloaded output often contains hidden malware.

A recent case revealed that a site impersonating Convertio delivered RedLine Stealer, a dangerous strain that harvests sensitive data from browsers, crypto wallets, and applications like Telegram and Discord.

Security experts have identified multiple malicious domains involved, with active incidents reported in the US, Denver area, just weeks ago.

The FBI urges the public to avoid unknown converter sites, keep antivirus software updated, and use built-in conversion features within trusted apps.

For more information on these topics, visit diplomacy.edu.

Ukrzaliznytsia shifts to offline ticket sales after IT system failure

Ukraine’s state-owned railway company, Ukrzaliznytsia, has been hit by a large-scale cyberattack, affecting its online systems.

While train services remain operational without delays, the company has been working to restore its IT infrastructure. Passengers were advised to buy tickets offline on Monday as backups were recovered.

The cyberattack, described by Ukrzaliznytsia as ‘systemic, non-trivial and multi-level,’ was first reported on Sunday.

The railway has become a critical part of Ukraine’s transport network since the Russian invasion in 2022, with airspace closed and trains serving as the primary mode of domestic and international travel. Last year, it transported 20 million passengers and 148 million tonnes of freight.

Efforts to fully restore online systems are ongoing as authorities investigate the incident.

Cyberattacks targeting Ukraine’s infrastructure have increased since the start of the war, with railways playing a crucial role in both civilian and military logistics. Officials have not yet attributed responsibility for the attack.

For more information on these topics, visit diplomacy.edu.

Meta agrees to halt targeted ads in landmark UK privacy case

Meta, the owner of Facebook and Instagram, has agreed to stop targeting a UK citizen with personalised adverts as part of a settlement in a landmark privacy case.

The case, which avoided a high court trial, was brought by human rights campaigner Tanya O’Carroll in 2022, who claimed Meta had violated UK data laws by processing her personal data for targeted advertising without her consent.

O’Carroll’s case received support from the UK’s data watchdog, the Information Commissioner’s Office (ICO), which stated that users have the right to opt out of targeted ads.

The settlement has been hailed as a victory for O’Carroll, with potential implications for millions of social media users in the UK. Meta, however, disagreed with the claims. Instead of this, the company was considering introducing a subscription model in the UK for users who want an advert-free version of its platforms.

The ICO’s stance in favour of privacy rights could prompt similar lawsuits in the future, as users are increasingly demanding control over how their data is used online.

O’Carroll argued that the case demonstrated the growing desire for more control over surveillance advertising and said that the ICO’s support could encourage more people to object to targeted ads.

Meta, which generates most of its revenue from advertising, emphasised that it took its privacy obligations seriously and was exploring the option of a paid, ad-free service for UK users.

For more information on these topics, visit diplomacy.edu.

Hackers use fake Semrush ads to steal Google accounts

Cybercriminals are using fake adverts for popular SEO platform Semrush to trick users into giving up access to their Google accounts, researchers have warned.

The malvertising campaign features ads that link to a bogus Semrush login page, which only allows users to sign in via Google, a tactic designed to steal high-value credentials.

According to Malwarebytes, Semrush accounts are often linked to critical Google services such as Analytics and Search Console.

These tools store confidential business insights, which threat actors could exploit for strategic and financial gain. The scammers may also access names, phone numbers, business details, and partial card information through compromised Semrush accounts.

By impersonating Semrush support, attackers could deceive users into revealing full card details under the pretence of payment or billing updates. However, this may open the door to wider fraud, such as redirecting funds from vendors or business partners.

With Semrush serving over 117,000 customers, including a significant share of Fortune 500 firms, the attack underscores the growing risks of malvertising on platforms like Google.

Security experts are urging businesses to tighten account access controls and remain cautious when engaging with search ads, even from seemingly reputable brands.

For more information on these topics, visit diplomacy.edu.

How scammers are using fake Google Maps listings to target customers

Google has removed 10,000 fake business listings from Google Maps and filed a lawsuit against a scam network accused of creating and selling fraudulent profiles.

The legal action was prompted by a complaint from a Texas locksmith who discovered someone had impersonated their business on the platform. That led Google to uncover a broader scheme involving fake listings for profit.

The company warns that scammers are using increasingly advanced methods to trick users. These fake listings may appear legitimate, leading customers to contact or visit them.

Victims are sometimes overcharged for services or misled into paying upfront for services that are never delivered. Scammers also use fake reviews and manipulated Q&As to make the listings seem trustworthy.

In 2023 alone, Google blocked or removed 12 million fake business profiles, an increase of one million from the previous year.

The company has also been cracking down on businesses using fake engagement tactics, including artificial reviews, to inflate their reputations falsely.

Internationally, Google has begun implementing stricter rules in response to growing regulatory pressure, including in the UK, where it restricts deceptive businesses engaged in review manipulation.

For more information on these topics, visit diplomacy.edu.

New Airbyte connectors support AI and data privacy

San Francisco-based data startup Airbyte has unveiled a new set of enterprise tools aimed at helping companies move and manage data more securely, especially as AI becomes more central to operations. The updates, announced Thursday, include new connectors for apps such as NetSuite, SAP, and ServiceNow, as well as support for extracting unstructured data from platforms like Google Drive and SharePoint.

A key highlight of the release is compatibility with Apache Iceberg, an open-source format that enables businesses to centralise data into a single, AI-compatible “lakehouse.” This allows companies to better control how and where their data flows while preserving the flexibility needed for high-performance analytics and machine learning.

Airbyte co-founder and CEO Michel Tricot stressed the importance of data sovereignty in an AI-driven era. He noted that while AI tools can be powerful, giving away sensitive internal data, like employee compensation or strategic business metrics, to external services is a risk many companies are no longer willing to take. Airbyte’s approach ensures that only the enterprise sees and manages its data pipelines.

Founded in 2020, Airbyte now serves over 7,000 enterprise clients, including names like Invesco and Calendly, and has secured more than $181 million in funding. As businesses continue to prioritise secure, scalable infrastructure for AI, Airbyte’s offerings are positioning it as a go-to partner for data portability without compromise.

For more information on these topics, visit diplomacy.edu.

Downdetector shows sharp decline in Instagram outage reports

Reports of an Instagram outage in the US fell sharply on Thursday evening, indicating that service had been largely restored. According to outage tracking website Downdetector, incidents dropped from a peak of 19,431 to just 429 by 8:34 p.m. ET.

The cause of the disruption remains unclear, and Instagram owner Meta has not yet responded to requests for comment.

Downdetector compiles outage data from user reports, meaning the actual number of affected users may vary.

Many users in the United States had initially reported problems accessing the platform, but the rapid decline in complaints suggests that most issues have been resolved.

Instagram has experienced occasional service disruptions in the past, with similar outages affecting users worldwide.

For more information on these topics, visit diplomacy.edu.

ChatGPT wrongly accuses man of murder

A Norwegian man has lodged a complaint against OpenAI after ChatGPT falsely claimed he had murdered his two sons and was serving a 21-year prison sentence.

Arve Hjalmar Holmen, who has never been accused of any crime, says the chatbot’s response was deeply damaging, leading him to seek action from the Norwegian Data Protection Authority.

Digital rights group Noyb, representing Holmen, argues the incident violates European data protection laws regarding the accuracy of personal data.

The error highlights a growing concern over AI ‘hallucinations,’ where chatbots generate false information and present it as fact.

Holmen received the incorrect response when searching for his own name, with ChatGPT fabricating a detailed and defamatory account of a crime that never occurred. Although the chatbot carries a disclaimer about potential inaccuracies,

Noyb insists this is not enough, arguing that spreading false information cannot be justified by a simple warning label.

AI-generated hallucinations have plagued multiple platforms, including Apple and Google, with some errors being bizarre but others causing real harm.

Experts remain uncertain about the underlying causes of these inaccuracies in large language models, making them a key focus of ongoing research.

While OpenAI has since updated ChatGPT’s model to incorporate current news sources, the case raises questions about accountability and the transparency of AI-generated content.

For more information on these topics, visit diplomacy.edu.

Baidu dismisses claims of leaked user information

Chinese tech giant Baidu has denied claims of an internal data breach after the teenage daughter of a senior executive was accused of sharing users’ personal information online.

The controversy erupted when internet users alleged that the daughter of Baidu vice president Xie Guangjun had posted private details, including phone numbers, following an online dispute.

Baidu insisted that neither employees nor executives have access to user data and claimed the information came from illegally obtained ‘doxing databases’ on foreign platforms.

The company has filed a police report regarding false claims, including allegations that Xie had given his daughter access to Baidu’s databases.

Xie apologised, stating that the data had been sourced from overseas social networking sites.

The case comes amid ongoing crackdown in China on data privacy breaches, with stricter laws in place to prevent unauthorised sharing of personal details.

The controversy has impacted investor confidence, with Baidu’s shares falling more than 4% in Hong Kong trading.

For more information on these topics, visit diplomacy.edu.