- Upgrade your defenses, not your anxiety. Let’s Talk! Contact Us
Latest News
Rising Phishing Threats Target India's BFSI Sector
Cybercriminals are continually refining their tactics to evade detection and maximize their haul of sensitive information. Recent trends indicate a shift away from employing brand logos or impersonating phishing websites to more discreet and direct approaches, particularly in the lucrative realm of India’s Banking, Financial Services, and Insurance (BFSI) sector.Recently, the Bolster Research team conducted a study that uncovered a series of phishing pages. These pages masqueraded as legitimate UPI (Unified Payments Interface) Gateway and recharge service providers while also enticing potential victims with opportunities as retailers and dealerships. However, beneath the facade of legitimate services lurked a nefarious operation aimed at illicitly acquiring personal information, including email addresses, phone numbers, PAN (Permanent Account Number), and Aadhaar Card numbers.Such stolen data opens the door to a wide range of fraudulent activities, including identity theft and financial fraud.Like this news article? Share it with others!Internet
More details
BunnyLoader, latest malware-as-a-service, targets browsers & cryptocurrency
Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more," Zscaler ThreatLabz researchers said. Among its other capabilities include running remote commands on the infected machine, a keylogger to capture keystrokes, and a clipper functionality to monitor the victim's clipboard and replace content matching cryptocurrency wallet addresses with actor-controlled addresses. A C/C++-based loader offered for $250 for a lifetime license, the malware is said to have been under continuous development since its debut on September 4, 2023, with new features and enhancements that incorporate anti-sandbox and antivirus evasion techniques."BunnyLoader is a new MaaS threat that is continuously evolving their tactics and adding new features to carry out successful campaigns against their targets," the researchers said. The findings follow the discovery of another Windows-based loader called MidgeDropper that is likely distributed via phishing emails to deliver an unnamed second-stage payload from a remote server. The development also comes amid the debut of two new information stealer malware strains named Agniane Stealer and The-Murk-Stealer that supports the theft of a wide range of information from breached endpoints.Like this news article? Share it with others!Internet
More details
Bengaluru to get ‘Cybersphere Centre for Excellence’ soon
The Karnataka government is taking proactive steps to address the growing concern of cybercrimes. They are planning to collaborate with technology companies to establish the ‘Bengaluru Cybersphere Centre for Excellence.’During the ‘Techfusion Sunrise Summit-2023,’ an event organized by the Karnataka government and attended by representatives from the IT industry, Home Minister G Parameshwara shared this initiative. He stated that the Bengaluru Cybersphere Center would be a joint effort between the home department and information and communication technology (ICT) and biotechnology companies. The centre’s primary objectives are to promote knowledge sharing, encourage innovation, and facilitate skill development in the field of cybersecurity. This collaborative initiative reflects the government’s commitment to addressing the evolving challenges of cybercrimes and harnessing the expertise of the tech industry to enhance cybersecurity measures in the state.The ‘Bengaluru Cybersphere Centre for Excellence’ is poised to be a significant catalyst in bolstering cybersecurity and law enforcement efforts in Karnataka. Home Minister G Parameshwara has outlined a comprehensive set of objectives for the center, which collectively aim to create a robust ecosystem for addressing cybercrimes and ensuring public safety. Furthermore, the center’s strategic objectives include devising innovative approaches to combat cybercrimes effectively, harnessing technological capabilities for monitoring social media, actively engaging with the community to raise awareness and promote cybersecurity consciousness, and facilitating skill development programs to empower individuals with the necessary expertise.Like this news article? Share it with others!Source: Internet
More details
UAE plans cybersecurity vision for next 50 years
In the UAE, senior officials are developing a cyber security vision that is intended to strengthen action against digital crime for the next 50 years. The initiative will provide the country with a high level of resilience, boosting its ability to address “growing digital challenges.”“As the UAE looks forward to its centennial in 2071, we had an opportunity to pause, examine how the world might evolve, and how we can use technology to optimize outcomes for humanity,” said Dr. Mohammed Al Kuwaiti, head of the UAE Cybersecurity Council, the Emirates’ online security task force.The nation’s Cybersecurity Council was established by the Cabinet in the fall of 2020, as cyber threats and attacks surged around the world. A surge in phishing scams and increased interest in virtual reality, augmented reality, data and AI have also contributed to the emphasis on cyber security.“Robots will seamlessly integrate into our lives, from personal care to military systems, while artificial intelligence will be able to predict and shape the future,” an official report noted. Experts say that by 2071, humans’ quality of life will increasingly be determined by a safe and secure hybrid physical and digital world.The UAE plans to tailor its cyber security legislation accordingly.Like this news article? Share it with others!Source: Internet
More details
Maharashtra to implement cyber security project at Rs 837 crore.
The Maharashtra cabinet on Wednesday decided to implement a cyber security project worth Rs 837 crore in the state to take immediate measures against the increasing instances of cybercrime in the state. The state home department has planned a project with state-of-the-art technology, skilled manpower and resources to curb cybercrime and make the state a “cyber safe” state. The project will be implemented in the State by the Special Inspector General of Police (Cyber) and put together various latest tools and technologies under one roof. It will include a Command and Control Centre, Technology Assisted Investigation, Center of Excellence, Cloud Based Data Centre, and Security Operation Centre. The project will facilitate a state-of-the-art citizen-centric platform coordinating complainants and technology. All cyber police stations in all police commissioner and superintendent offices across the state will be linked with this platform. Citizens could file complaints against cybercrime through a call centre, mobile app, or portal. The State government assured that the project will help promptly investigate complaints related to cyber-crimes.Internet
More details
Delhi Police adopts blockchain tech to record chain of custody of evidence.
The e-forensic application of the Delhi Forensic Science Laboratory (DFSL) and the Delhi Police will now use blockchain technology to create an unchangeable and transparent record of the chain of custody for evidence, making DFSL the first institution of its kind in the country to use this technology, lieutenant governor VK Saxena announced. The Delhi Police has already trained at least 1,500 personnel to operate this new technology, and more than 3,000 forensic samples are being processed and analysed using it, according to officers' familiar with the matter. Blockchain technology is a system of storing and transferring information in a chain of blocks, with each block containing data, such as, in this case, forensic records, case records, images or logs. All the information is encrypted with cryptography, which prevents fraud and hacking. The data is decentralised because it is not stored in one place but on many computers, making it harder to tamper with the information. Due to these reasons, blockchain technology is considered secure and transparent.The criminal justice system has several steps, the first of which is a crime being reported. The next step is police registering a case and visiting the crime scene. Then, the forensic team visits and collects evidence and samples from the scene and deposits them. The next step is assigning a QR code to the sample. After that, a messenger takes custody of the evidence and brings it to a lab. Next, a scientist takes charge of the evidence and prepares the forensic report. The report is then submitted to the police.Source:
More details
AIIMS cyber-attack led to new SOP on cyber data breaches.
Former cybersecurity chief Lt Gen Raesh Pant said the ransomware attack on AIIMS prompted the government to formulate a national cybersecurity response framework (NCRF). “It was realised that critical sectors need to have a uniform framework to respond to cybersecurity,” said Pant. “So, the NCRF was conceptualised. It will be put in the public domain for critical infrastructure, such as those in the power and health sectors to implement.”The framework outlines an architecture of a cyber defence system, the former NCRF chief said, and specifies trusted companies and supply chain mechanisms. According to Pant, the AIIMS attack exposed loopholes in the cyber defence systems and several lessons have been drawn from it to better prepare the critical information infrastructure and address vulnerabilities. “The manner in which the network was architected, was not done by professionals but by a team of doctors. There were too many loopholes in the network, and it was easy to get into the network,” he said. “A lot of lessons have come out from the incident from a government point of view, and these will, hopefully be implemented.”Pant also stressed on the need for inter-ministerial cooperation and setting up of a nodal ministry to address cybersecurity threats as the cybersecurity is continuously changing. “According to the business allocation rules, no ministry is solely dedicated to addressing such incidents. The concept of peace has changed today, there is no peace in cyber space,” he said, adding that the government’s cybersecurity strategy was in the advance stages. The cybersecurity strategy of the government, which has been in the works since 2020, proposes several mitigation measures to combat data breaches. The strategy was drawn up during Pant’s tenure as cybersecurity coordinator.Like this news article? Share it with others!Internet
More details
Over 1 lakh ChatGPT user accounts compromised; India most affected.
Over 1 lakh ChatGPT users could be at risk of fraud and cyberattacks. According to a Singapore-based cybersecurity firm, hackers have breached 1,01,134 devices with saved ChatGPT credentials. While the compromised ChatGPT accounts may not explicitly reveal bank information, other crucial user information, including email, passwords, and phone numbers could still be at risk, making them vulnerable to phishing attacks. The Cybersecurity firm has also discovered compromised credentials being sold on dark web marketplaces over the past year. The research shows that India tops the list of most compromised ChatGPT accounts. Research indicates hackers used "info-stealing malware" to steal users' credentials. The post highlights that info-stealing malware collects credentials saved in browsers, bank card details, crypto wallet information, cookies, browsing history, and other information from infected devices. A user may accidentally download the malware by clicking on fishy links or downloading malware-infected software.Users in the Asia-Pacific region is most affected by cyber-attack. The research notes that nearly 40.5 per cent of users in the Asia-Pacific region are affected by the breach, and 12,632 accounts in India are compromised. Pakistan is next in line with 9,217 compromised ChatGPT accounts. Globally, ChatGPT users in Brazil, Vietnam, and Egypt have been widely affected by the breach.Like this news article? Share it with others!Source: Internet
More details
AIIMS Delhi hit by fresh cyberattack for second time in a year.
All India Institute of Medical Sciences (AIIMS) New Delhi on Tuesday thwarted a malware attack on its servers, ensuring services remain fully secure and functional."A malware attack was detected at 2:50 pm by the cyber-security systems in AIIMS, New Delhi. The attempt was successfully thwarted, and the threat was neutralised by the deployed cyber-security systems.," tweets All India Institute of Medical Sciences, New Delhi. This is the second cyberattack against AIIMS Delhi within a year as the premier medical institute faced disruption in services due to a cyberattack in November 2022. The servers of the medical institute went out of order due to the attack and the AIIMS also suspended two analysts for the alleged breach of cyber security.Meanwhile, Union Minister in a tweet said, "E-Hospital.aiims.edu is an internal application not available for internet users. Someone may have tried accessing this portal and the alert was generated due to the security layer used by AIIMS. The same person may have taken a screenshot of the error msg and circulated it. There is no cyber incident or breach. Error msgs have also been rectified now."Like this news article? Share it with others!Source: Internet
More details
Providing effective, efficient, cutting edge, Next Gen Cyber Security and Forensics Services to various sectors of clientele across the globe.
© Copyright 2024 Proaxis Scitech Private Limited
Write a public review