Tag: india

Indian APT Group DONOT Misuses App for Intelligence Gathering

Jan 20, 2025 5:22 PM

Tags: android, apt, group, india, intelligence

Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/indian-apt-group-donot-app/
India Readies Overhauled National Data Privacy Rules

Jan 9, 2025 4:18 PM

Tags: country, data, framework, india, privacy

The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data, and recognizes a right to personal privacy. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/india-overhauled-national-data-privacy-rules
Top Cybersecurity Conferences Events in India 2025

Jan 9, 2025 11:18 AM

Tags: conference, cyber, cybersecurity, india, technology, threat

The Indian cybersecurity ecosystem is experiencing significant growth, making it one of the fastest-growing and most important technology spaces globally. As cyber threats increase in scale and sophistication, it’s essential… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/top-cybersecurity-conferences-events-in-india-2025/
Indian government websites are still redirecting users to scam sites

Jan 8, 2025 6:17 AM

Tags: government, india, scam

Some Indian government websites are still redirecting to links planted by scammers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/07/indian-government-websites-are-still-redirecting-users-to-scam-sites/
India’s Draft Digital Personal Data Protection Rules

Jan 7, 2025 8:17 AM

Tags: cyber, data, framework, india, privacy

India has unveiled its draft Digital Personal Data Protection Rules, designed to operationalize the Digital Personal Data Protection Act, 2023 (DPDP Act). As the nation strides forward in the digital age, these rules are pivotal in creating a framework that balances the protection of individual privacy with the need for innovation in a burgeoning digital…
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

Jan 6, 2025 5:18 PM

Tags: cybersecurity, data, government, india

The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation.”Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent,” India’s Press Information Bureau (PIB) said in a statement released Sunday.”Citizens are empowered with rights to demand data erasure, First…
Cloudflare’s VPN app among half-dozen pulled from Indian app stores

Jan 3, 2025 7:19 AM

Tags: apple, google, government, india, vpn

More than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch has learned. The Indian Ministry of Home Affairs issued removal orders for the apps, according to a document reviewed by TechCrunch and a disclosure made by Google to…
Indian Railways Website Crashed Again, Disrupting Tatkal Ticket Booking Across India

Dec 26, 2024 2:44 PM

Tags: india, mobile

Rail travelers across India faced disruption as the Indian Railway Catering and Tourism Corporation (IRCTC) website and mobile app went down, causing chaos during the crucial Tatkal ticket booking window. This IRCTC outage, which marks the second major disruption in December alone, left thousands of passengers frustrated, unable to book tickets during the peak hours.…
McDonald’s Delivery App Bug Let Customers Orders For Just $0.01

Dec 26, 2024 10:43 AM

Tags: apple, cyber, google, india

McDonald’s India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald’s food for delivery, dine-in, and takeout. The app is popular, with over 10 million downloads on Google Play and #16 in Food & Drink on the Apple App Store and offers various options to choose from…
The 2024 cyberwar playbook: Tricks used by nation-state actors

Dec 25, 2024 7:43 AM

Tags: access, ai, apt, at&t, attack, authentication, backdoor, blizzard, botnet, breach, china, cisa, cloud, control, credentials, cve, cvss, cyber, cybersecurity, data, ddos, defense, detection, email, espionage, exploit, flaw, fortinet, google, government, group, hacker, hacking, healthcare, india, infrastructure, iran, ivanti, linux, login, malicious, malware, mfa, microsoft, mobile, network, offense, office, open-source, password, phishing, powershell, remote-code-execution, router, russia, service, social-engineering, software, spear-phishing, spy, strategy, supply-chain, tactics, theft, threat, tool, unauthorized, update, vpn, vulnerability, warfare, windows, worm, zero-day

In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless, they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.”There was definitely a continued and noted uptick in nation-state activity in…
India’s Rapido exposed user and driver data through leaky website feedback form

Dec 20, 2024 5:43 AM

Tags: access, data, data-breach, india

Rapido restricted access to the exposed portal soon after TechCrunch contacted the company. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/indias-rapido-exposed-user-and-driver-data-through-leaky-website-feedback-form/
Bugs in a major McDonald’s India delivery system exposed sensitive customer data

Dec 19, 2024 1:42 PM

Tags: data, data-breach, flaw, india

McDonald’s India exposed the personal information of customers and drivers due to security flaws impacting its APIs. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/bugs-in-a-major-mcdonalds-india-delivery-system-exposed-sensitive-customer-data/
India Sees Surge in API Attacks, Especially in Banking, Utilities

Dec 19, 2024 7:42 AM

Tags: api, attack, banking, ddos, india

The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/india-surge-api-attacks-banking-utilities
Espionage Campaign Targets Turkish Defense Industry

Dec 18, 2024 12:42 AM

Tags: access, apt, attack, china, data, defense, espionage, group, india, malware, threat

APT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT. A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh. First seen on govinfosecurity.com Jump…
Bits Bytes: A Recap of AISS 2024

Dec 17, 2024 8:43 PM

Tags: cybersecurity, india, organized

As a passionate cybersecurity enthusiast & a professional with ColorTokens, participating in the recently concluded 19th Annual Information Security Summit (AISS) 2024, organized by NASSCOM-DSCI, was an invaluable opportunity to immerse myself in the latest trends, innovations, and discussions shaping our industry. AISS 2024 lived up to its reputation as India’s premier platform for cybersecurity……
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials

Dec 14, 2024 3:05 PM

Tags: android, banking, breach, credentials, cyber, finance, india, login, malware, service

Researchers have discovered a new Android banking trojan targeting Indian users, and this malware disguises itself as essential utility services to trick users into providing sensitive information. The malware has already compromised 419 devices, intercepted 4,918 SMS messages, and stolen 623 banking credentials. As this active campaign continues, the number of affected devices and stolen…
Meta’s Q3 2024 Adversarial Threat Report: Global Disinformation Networks Disrupted

Dec 10, 2024 5:07 AM

Tags: disinformation, india, iran, network, threat

Meta has released its Third Quarter Adversarial Threat Report for 2024, detailing the disruption of five covert influence operations across the globe, including networks originating in India, Iran, Lebanon, and... First seen on securityonline.info Jump to article: securityonline.info/metas-q3-2024-adversarial-threat-report-global-disinformation-networks-disrupted/
Cyberattacks on Indian Government Jump 138% in Four Years

Dec 9, 2024 10:07 AM

Tags: cyberattack, government, india

India has witnessed a dramatic rise in cyberattacks targeting government bodies, marking a 138% increase in the number of such incidents from 2019 to 2023. The government’s response to this large increase of cyberattacks, as outlined in a recent report submitted to the Rajya Sabha. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/surge-in-cyberattacks-on-indian-government/
8 biggest cybersecurity threats manufacturers face

Dec 6, 2024 8:48 AM

Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windows

The manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
Russian state hackers hijacked rival servers to spy on targets in India, Afghanistan

Dec 5, 2024 4:48 PM

Tags: hacker, india, russia, spy

First seen on therecord.media Jump to article: therecord.media/russian-turla-secret-blizzard-hackers-hijack-rival-servers-targeting-south-asia
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records

Dec 5, 2024 9:48 AM

Tags: ai, data, data-breach, india, leak, startup

Wotnot, An Indian AI startup that helps businesses build custom chatbots, has leaked almost 350,000 sensitive files after the data was left unsecured on the web. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/ai-chatbot-startup-wotnot-leaks-346-000-files-including-passports-and-medical-records
Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

Dec 4, 2024 7:48 PM

Tags: control, exploit, group, hacker, hacking, india, russia, threat

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022.The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding First…
Russian-linked Turla caught using Pakistani APT infrastructure for espionage

Dec 4, 2024 6:48 PM

Tags: apt, espionage, india, infrastructure, microsoft, russia

Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/turla-infiltrates-pakistani-apt-networks-microsoft-lumen/
Spy v Spy: Russian APT Turla Caught Stealing from Pakistani APT

Dec 4, 2024 6:48 PM

Tags: apt, hacker, india, russia, spy

Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets. The post Spy v Spy: Russian APT Turla Caught Stealing from Pakistani APT appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/spy-v-spy-russian-apt-turla-caught-stealing-from-pakistani-apt/
CERT-In Alerts Multiple Vulnerabilities in Drupal Expose Systems

Dec 3, 2024 10:48 AM

Tags: computer, india, vulnerability

The Indian Computer Emergency Response Team (CERT-In) issued a Vulnerability Note CIVN-2024-0353 highlighting several critical vulnerabilities within the widely used content management system (CMS), Drupal. The Drupal vulnerabilities, spanning versions from 7 to 11, have been First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-in-alerts-drupal-vulnerabilities/
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications

Dec 3, 2024 9:50 AM

Tags: android, attack, communications, cyber, espionage, exploit, google, government, group, india, linux, military, rat, service, tactics, windows

APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
Why identity security is your best companion for uncharted compliance challenges

Dec 3, 2024 5:48 AM

Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trust

In today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…
Indian online ID verification firm Signzy confirms security incident

Dec 2, 2024 7:48 PM

Tags: cybersecurity, identity, india, security-incident, service

The Indian identity verification service, used by millions of customners, has confirmed a cybersecurity incident. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/02/indian-online-id-verification-firm-signzy-confirms-security-incident/
Canada spy agency says India is using cyber tech to track separatists abroad

Dec 1, 2024 3:25 PM

Tags: attack, cyber, government, india, spy

CSE report says India is also stepping up cyber-attacks against Canada government networksA Canadian spy agency has warned that India is using cyber t… First seen on theguardian.com Jump to article: www.theguardian.com/world/2024/oct/30/canada-india-sikh-cyber-technology
Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT

Dec 1, 2024 3:19 AM

Tags: government, india, rat

ntroduction APT36, also known as Transparent Tribe, is a Pakistan-basedthreat actor notorious for persistently targeting Indian government organizatio… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/the-evolution-of-transparent-tribes-new-malware/