Tag: india
-
Indian Railways Website Crashed Again, Disrupting Tatkal Ticket Booking Across India
by
in SecurityNewsRail travelers across India faced disruption as the Indian Railway Catering and Tourism Corporation (IRCTC) website and mobile app went down, causing chaos during the crucial Tatkal ticket booking window. This IRCTC outage, which marks the second major disruption in December alone, left thousands of passengers frustrated, unable to book tickets during the peak hours.…
-
McDonald’s Delivery App Bug Let Customers Orders For Just $0.01
by
in SecurityNewsMcDonald’s India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald’s food for delivery, dine-in, and takeout. The app is popular, with over 10 million downloads on Google Play and #16 in Food & Drink on the Apple App Store and offers various options to choose from…
-
India’s Rapido exposed user and driver data through leaky website feedback form
by
in SecurityNewsRapido restricted access to the exposed portal soon after TechCrunch contacted the company. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/indias-rapido-exposed-user-and-driver-data-through-leaky-website-feedback-form/
-
Bugs in a major McDonald’s India delivery system exposed sensitive customer data
by
in SecurityNewsMcDonald’s India exposed the personal information of customers and drivers due to security flaws impacting its APIs. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/bugs-in-a-major-mcdonalds-india-delivery-system-exposed-sensitive-customer-data/
-
India Sees Surge in API Attacks, Especially in Banking, Utilities
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/india-surge-api-attacks-banking-utilities
-
Espionage Campaign Targets Turkish Defense Industry
by
in SecurityNewsAPT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
-
Espionage Campaign Targets Turkish Defense Industry
by
in SecurityNewsAPT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
-
Bits Bytes: A Recap of AISS 2024
by
in SecurityNewsAs a passionate cybersecurity enthusiast & a professional with ColorTokens, participating in the recently concluded 19th Annual Information Security Summit (AISS) 2024, organized by NASSCOM-DSCI, was an invaluable opportunity to immerse myself in the latest trends, innovations, and discussions shaping our industry. AISS 2024 lived up to its reputation as India’s premier platform for cybersecurity……
-
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials
by
in SecurityNewsResearchers have discovered a new Android banking trojan targeting Indian users, and this malware disguises itself as essential utility services to trick users into providing sensitive information. The malware has already compromised 419 devices, intercepted 4,918 SMS messages, and stolen 623 banking credentials. As this active campaign continues, the number of affected devices and stolen…
-
Meta’s Q3 2024 Adversarial Threat Report: Global Disinformation Networks Disrupted
by
in SecurityNewsMeta has released its Third Quarter Adversarial Threat Report for 2024, detailing the disruption of five covert influence operations across the globe, including networks originating in India, Iran, Lebanon, and... First seen on securityonline.info Jump to article: securityonline.info/metas-q3-2024-adversarial-threat-report-global-disinformation-networks-disrupted/
-
Cyberattacks on Indian Government Jump 138% in Four Years
by
in SecurityNewsIndia has witnessed a dramatic rise in cyberattacks targeting government bodies, marking a 138% increase in the number of such incidents from 2019 to 2023. The government’s response to this large increase of cyberattacks, as outlined in a recent report submitted to the Rajya Sabha. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/surge-in-cyberattacks-on-indian-government/
-
8 biggest cybersecurity threats manufacturers face
by
in SecurityNews
Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windowsThe manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
-
Russian state hackers hijacked rival servers to spy on targets in India, Afghanistan
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/russian-turla-secret-blizzard-hackers-hijack-rival-servers-targeting-south-asia
-
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records
by
in SecurityNewsWotnot, An Indian AI startup that helps businesses build custom chatbots, has leaked almost 350,000 sensitive files after the data was left unsecured on the web. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/ai-chatbot-startup-wotnot-leaks-346-000-files-including-passports-and-medical-records
-
Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities
The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022.The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding First…
-
Russian-linked Turla caught using Pakistani APT infrastructure for espionage
by
in SecurityNewsBoth Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/turla-infiltrates-pakistani-apt-networks-microsoft-lumen/
-
Spy v Spy: Russian APT Turla Caught Stealing from Pakistani APT
Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets. The post Spy v Spy: Russian APT Turla Caught Stealing from Pakistani APT appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/spy-v-spy-russian-apt-turla-caught-stealing-from-pakistani-apt/
-
CERT-In Alerts Multiple Vulnerabilities in Drupal Expose Systems
by
in SecurityNewsThe Indian Computer Emergency Response Team (CERT-In) issued a Vulnerability Note CIVN-2024-0353 highlighting several critical vulnerabilities within the widely used content management system (CMS), Drupal. The Drupal vulnerabilities, spanning versions from 7 to 11, have been First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-in-alerts-drupal-vulnerabilities/
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
by
in SecurityNewsAPT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
-
Why identity security is your best companion for uncharted compliance challenges
by
in SecurityNews
Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trustIn today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…
-
Indian online ID verification firm Signzy confirms security incident
by
in SecurityNewsThe Indian identity verification service, used by millions of customners, has confirmed a cybersecurity incident. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/02/indian-online-id-verification-firm-signzy-confirms-security-incident/
-
Canada spy agency says India is using cyber tech to track separatists abroad
by
in SecurityNewsCSE report says India is also stepping up cyber-attacks against Canada government networksA Canadian spy agency has warned that India is using cyber t… First seen on theguardian.com Jump to article: www.theguardian.com/world/2024/oct/30/canada-india-sikh-cyber-technology
-
Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT
by
in SecurityNewsntroduction APT36, also known as Transparent Tribe, is a Pakistan-basedthreat actor notorious for persistently targeting Indian government organizatio… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/the-evolution-of-transparent-tribes-new-malware/
-
Disgomoji Malware: A New Threat Targeting the Indian Government
by
in SecurityNewssgomoji Malware: A New Threat Targeting the Indian Government]]>www.thefinalhop.com/untitled/666d… First seen on thefinalhop.com Jump to article: www.thefinalhop.com/untitled/
-
PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/pii-belonging-to-indian-citizens-including-their-aadhaar-ids-offered-for-sale-on-the-dark-web
-
Privacy Vendor Market Moves From Point to Platform Solutions
by
in SecurityNewsPwC’s Anirban Sengupta Details Privacy Landscape, Growing Awareness in India Market. The privacy vendor market in India is evolving rapidly, as many vendors move from offering point solutions to embracing more integrated, platform solutions that can handle a broader range of privacy requirements, said Anirban Sengupta, partner, risk consulting practice with PwC. First seen on…
-
The CSO guide to top security conferences
by
in SecurityNews
Tags: access, cio, cloud, compliance, conference, cyber, cybersecurity, email, germany, guide, identity, india, intelligence, international, jobs, law, resilience, risk, risk-management, threat, tool, training, updateThere is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts. Fortunately, plenty of great conferences are coming up in the months ahead.…
-
India’s new cyber rules for telecoms come with big privacy risks, experts say
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/india-telecom-act-cyber-regulations-privacy-concerns
-
Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations
by
in SecurityNewsEarth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India, Taiwan, and Japan, leveraging spear-phishing and exploiting vulnerabilities in public-facing applications like SSL-VPN and file storage services. The group has deployed various backdoors, including Cobalt Strike, LODEINFO, and the newly discovered NOOPDOOR, to maintain persistent access to compromised networks, which…