Tag: india
-
TDL 002 – Defending the DNS: How Quad9 Protects the Internet with John Todd
Tags: access, apple, attack, business, china, ciso, communications, control, country, crime, cyber, cybersecurity, data, defense, dns, email, encryption, firewall, google, ibm, india, infrastructure, intelligence, Internet, jobs, law, malicious, malware, network, phishing, privacy, service, strategy, technology, threat, tool, zero-trustSummary The Defender’s Log episode features John Todd from Quad9, discussing their mission to protect the internet through secure DNS. Quad9, a non-profit launched in 2017 with founding partners Global Cyber Alliance, Packet Clearing House, and IBM, provides a free, global recursive DNS resolver that blocks malicious domains. Todd emphasizes that Quad9’s success is a…
-
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of…
-
SEBI Clarifies Scope of CSCRF, Recognizes RBI Oversight
The Securities and Exchange Board of India (SEBI) issued a clarification on Thursday regarding the scope and applicability of its Cybersecurity and Cyber Resilience Framework (CSCRF). According to the markets regulator, the framework applies strictly to systems used exclusively for SEBI-regulated activities, alleviating concerns around overlapping responsibilities with other regulatory bodies. First seen on thecyberexpress.com…
-
Transparent Tribe Deploys Malicious Files Against India Govt
Pakistan-Linked Threat Actor Targets Indian Linux Operation System. Pakistan-linked hackers are targeting an Indian Linux-based operating system by tricking government employees into clicking malicious files that look like PDFs. When opened, the files install spyware, giving attackers long-term access to sensitive government systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/transparent-tribe-deploys-malicious-files-against-india-govt-a-29305
-
APT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut Files
Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardware-based attacks on AI systems. Unlike traditional backdoor methods that require poisoning training data or manipulating the training process, ONEFLIP operates during…
-
OneFlip Attack Backdoors AI Systems by Flipping a Single Bit in Neural Networks
CYFIRMA researchers have uncovered a campaign they have codenamed “OneFlip”, an operation that demonstrates how a single-bit modification inside a seemingly benign file can be enough to re-pivot a neural-network-driven security workflow and open a backdoor on the underlying host. Transparent Tribe (APT36) is leveraging the trick against India’s Government networks that rely on the…
-
OneFlip Attack Backdoors AI Systems by Flipping a Single Bit in Neural Networks
CYFIRMA researchers have uncovered a campaign they have codenamed “OneFlip”, an operation that demonstrates how a single-bit modification inside a seemingly benign file can be enough to re-pivot a neural-network-driven security workflow and open a backdoor on the underlying host. Transparent Tribe (APT36) is leveraging the trick against India’s Government networks that rely on the…
-
OneFlip Attack Backdoors AI Systems by Flipping a Single Bit in Neural Networks
CYFIRMA researchers have uncovered a campaign they have codenamed “OneFlip”, an operation that demonstrates how a single-bit modification inside a seemingly benign file can be enough to re-pivot a neural-network-driven security workflow and open a backdoor on the underlying host. Transparent Tribe (APT36) is leveraging the trick against India’s Government networks that rely on the…
-
Behind the Coinbase breach: Bribery emerges as enterprise threat
Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
-
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities.”Initial access is achieved through spear-phishing emails,” CYFIRMA said. “Linux BOSS environments are targeted via weaponized .desktop First seen on thehackernews.com…
-
Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign
APT36 uses Linux .desktop files in new attacks on Indian gov & defense, aiming for data theft and persistent espionage access. Transparent Tribe (aka APT36, Operation C-Major, and Mythic Leopard), a Pakistan-linked threat actor, is using Linux .desktop files to load malware in new attacks against government and defense entities in India. The APT group…
-
Linux Under Attack: APT36 Launches New Cyber-Espionage Campaign on Indian Govt
The post Linux Under Attack: APT36 Launches New Cyber-Espionage Campaign on Indian Govt appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/linux-under-attack-apt36-launches-new-cyber-espionage-campaign-on-indian-govt/
-
Featured Chrome extension FreeVPN.One caught capturing and transmitting user data
Tags: access, api, browser, ceo, chrome, corporate, credentials, data, data-breach, endpoint, finance, governance, healthcare, india, malicious, mobile, monitoring, privacy, risk, technology, threat, tool, vpn, vulnerability, vulnerability-managementUnmanaged extensions expose enterprises: Such incidents highlight how unmanaged browser extensions can act as covert data exfiltration channels, exposing sensitive corporate information. Enterprises usually deploy licensed, corporate-grade VPNs that are safe and accompanied by monitoring and access controls. But employees often install free VPN extensions for personal use.”This poses as a major threat to industries…
-
What is the cost of a data breach?
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, detection, finance, fraud, healthcare, ibm, identity, incident response, india, infrastructure, insurance, intelligence, jobs, law, metric, privacy, programming, ransom, ransomware, regulation, risk, security-incident, service, skills, software, supply-chain, technology, theft, threat, tool, vulnerabilityCanada ($4.84 million) and the UK ($4.14million) remain in the top 10 hardest hit, with ASEAN or Association of Southeast Asian Nations ($3.67 million), Australia ($2.55 million), and India ($2.51 million) among the top 15. Breaches by industry: Healthcare remains the industry hit with the highest costs per breach by far, at $7.42 million despite…
-
New Android Attack Targets Indian Users with Free Electricity Subsidy to Install Malware
A newly identified Android phishing campaign is aggressively targeting Indian users by masquerading as the legitimate PM Surya Ghar: Muft Bijli Yojana, a government initiative approved in February 2024 that offers subsidies for solar rooftop installations, covering up to 60% of costs for systems under 2kW and 40% for those up to 3kW. Attackers leverage…
-
Operation Chakra V: Call Center Scammers and your PII
Here we have another cautionary tale about off-shoring customer service when faced with the reality of Call Center Scams that commit fraud via Tech Support Scams and Government Impersonation. In this case, FirstIdea, an Indian company is charged with committing fraud against at least 100 victims from Australia and the UK. FirstIdea.us, according to their…
-
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian government platforms, such as mail.mgovcloud.in and virtualeoffice.cloud, to deceive users into surrendering credentials. The campaign…
-
New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data
McAfee’s Mobile Research Team has identified a sophisticated Android malware campaign primarily aimed at Hindi-speaking users in India, masquerading as legitimate financial applications from institutions like SBI Card, Axis Bank, and IndusInd Bank. This operation distributes malicious APKs through dynamically created phishing websites that mimic official banking portals, leveraging real assets such as images and…
-
India’s Markets Regulator Wants to Ease Rules on Related-Party Deals. Here’s What That Means
India’s capital markets regulator, SEBI (the Securities and Exchange Board of India), has proposed a set of changes to its oversight of related-party transactions (RPTs), the often-sensitive financial dealings between companies and their affiliates. The changes would significantly raise the thresholds for which transactions must be disclosed or approved by shareholders, particularly for large corporations….…
-
Microsoft briefly turned off Indian company’s cloud, perhaps due to EU sanctions on Russia
Oh, the irony of Europe demonstrating the importance of the sovereign cloud it craves First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/nayara_energy_microsoft_india/
-
APT36 Escalates Cyber-Espionage on India: Poseidon Backdoor Targets Railways, Oil Government
The post APT36 Escalates Cyber-Espionage on India: Poseidon Backdoor Targets Railways, Oil Government appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt36-escalates-cyber-espionage-on-india-poseidon-backdoor-targets-railways-oil-government/
-
APT36 Hackers Target Indian Railways, Oil, and Government Systems Using Malicious PDF Files
Tags: cyber, government, group, hacker, india, infection, infrastructure, malicious, military, threatThe Pakistan-linked threat group APT36, also known as Transparent Tribe, has broadened its cyber operations beyond traditional military targets to encompass Indian railways, oil and gas infrastructure, and the Ministry of External Affairs. Security researchers have uncovered two sophisticated desktop-based infection chains leveraging .desktop files disguised as PDF documents, which execute malicious scripts to deploy…
-
Bangalore Techie Arrested for Alleged Role in $44 Million Cryptocurrency Theft
A Bangalore-based technology professional has been arrested in connection with a massive cryptocurrency theft worth approximately ₹379 crore ($44 million) from the popular Indian crypto exchange CoinDCX, according to law enforcement officials. The arrest represents one of the most significant cryptocurrency fraud cases in India’s rapidly evolving digital asset landscape. The suspect, whose identity has…
-
India’s Financial Capital Mumbai Suffers $135 Million Loss in Cyber Frauds
suffered staggering financial losses amounting to Rs 1,127 crore (approximately $135 million) between January 2024 and March 2025. According to data released by the Mumbai Police, First seen on thecyberexpress.com Jump to article: thecyberexpress.com/mumbai-loses-usd-135-million-to-cyber-frauds/
-
Threat Actors Claim Breach of Airpay Payment Gateway
Cybercriminals have reportedly claimed a successful breach of Airpay, an Indian payment gateway service, raising serious concerns about the security of financial data and customer information. The allegations surfaced on underground forums where threat actors are allegedly offering access to sensitive data for sale, though the full extent and validity of the claimed breach remains…
-
Researchers Expose Massive Online Fake Currency Operation in India
Cybersecurity researchers at CloudSEK’s STRIKE team used facial recognition and GPS data to expose a massive, over $2… First seen on hackread.com Jump to article: hackread.com/researchers-online-fake-currency-operation-in-india/
-
xonPlus Launches Real-Time Breach Alerting Platform for Enterprise Credential Exposure
Chennai, India, 25th July 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/xonplus-launches-real-time-breach-alerting-platform-for-enterprise-credential-exposure/
-
xonPlus Launches Real-Time Breach Alerting Platform for Enterprise Credential Exposure
Chennai, India, 25th July 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/xonplus-launches-real-time-breach-alerting-platform-for-enterprise-credential-exposure/