Tag: india
-
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Tags: attack, credentials, cyber, email, government, group, india, infrastructure, phishing, service, spear-phishing, threatPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials and enable long-term espionage. The attack begins with email messages that convincingly mimic official notifications…
-
Cryptohack Roundup: Bitcoin Jesus to Settle $50M Tax Charges
Also: Trader Loses $21M on Hyperliquid, Fund for Tornado Cash Dev Defense. This week, Bitcoin Jesus paid $50M to settle tax charges, a trader lost $21M on Hyperliquid, Ethereum Foundation and Keyring launched fund for Tornado Cash developers, India probing Binance traders, hackers’ $32.5M record dump and New York City launched first mayoral blockchain office.…
-
Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data
A misconfigured server belonging to Indian company NetcoreCloud exposed 40 billion records and 13.4TB of data, revealing sensitive… First seen on hackread.com Jump to article: hackread.com/misconfigured-netcorecloud-server-40-billion-records/
-
58% of CISOs are boosting AI security budgets
Tags: ai, ciso, conference, control, cybersecurity, data, defense, identity, incident response, india, intelligence, risk, soc, strategy, technology, threat, tool, vulnerabilityFoundryThe takeaway: AI in cybersecurity has reached an inflection point. Whether it’s accelerating incident response, tightening identity management, or simplifying complex threat analysis, enterprises are betting big that AI-enabled tools will be essential for staying secure in an era of AI-enabled attacks.Hear more at the CSO Conference & Awards, October 2022 at the Grand Hyatt…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors”, WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites”, to distribute malicious Android droppers. Once installed, these droppers employ multi-stage workflows, deliberate ZIP header manipulation, and heavy string obfuscation to evade antivirus detection and reverse”engineering. The threat actors utilize native libraries (.so) to dynamically resolve API…
-
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors”, WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites”, to distribute malicious Android droppers. Once installed, these droppers employ multi-stage workflows, deliberate ZIP header manipulation, and heavy string obfuscation to evade antivirus detection and reverse”engineering. The threat actors utilize native libraries (.so) to dynamically resolve API…
-
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, serviceMy colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
-
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, serviceMy colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
-
India’s Expanding Digital Frontier and the Battle Against Cyber Frauds
With over 86% of Indian households now connected to the internet, India has made impressive strides under the Digital India initiative. However, the same connectivity that drives innovation and access has also opened the floodgates for increasing cybersecurity incidents in India. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/curbing-cyber-frauds-in-india/
-
The Cyber Express Joins c0c0n 2025 as the Official Media Partner for the 17th Edition
The Cyber Express is proud to announce that it is the official media partner for c0c0n 2025, India’s longest-running cybersecurity and hacking conference. Now in its 17th edition, c0c0n will return to Kochi from October 711, 2025, with an expanded agenda that promises to bring together some of the sharpest minds in cybersecurity”, from government…
-
The Cyber Express Joins c0c0n 2025 as the Official Media Partner for the 17th Edition
The Cyber Express is proud to announce that it is the official media partner for c0c0n 2025, India’s longest-running cybersecurity and hacking conference. Now in its 17th edition, c0c0n will return to Kochi from October 711, 2025, with an expanded agenda that promises to bring together some of the sharpest minds in cybersecurity”, from government…
-
Security bug in India’s income tax portal exposed taxpayers’ sensitive data
TechCrunch verified that the security bug in the Indian Income Tax Department’s e-Filing portal exposed taxpayers’ data to other users. The security researchers who found the flaw say the data leak is now fixed. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/07/security-bug-in-indias-income-tax-portal-exposed-taxpayers-sensitive-data/
-
Security bug in India’s income tax portal exposed taxpayers’ sensitive data
TechCrunch verified that the security bug in the Indian Income Tax Department’s e-Filing portal exposed taxpayers’ data to other users. The security researchers who found the flaw say the data leak is now fixed. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/07/security-bug-in-indias-income-tax-portal-exposed-taxpayers-sensitive-data/
-
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Tags: attack, china, credentials, cybercrime, cybersecurity, fraud, group, india, infection, Internet, microsoft, service, theftCybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand First seen…
-
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Tags: attack, china, credentials, cybercrime, cybersecurity, fraud, group, india, infection, Internet, microsoft, service, theftCybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand First seen…
-
IIS Servers Compromised by Chinese Hackers for SEO Manipulation
Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct search engine optimization (SEO) fraud and steal high-value data. Identified in April 2025, this group targets reputable IIS servers in India, Thailand, Vietnam, Canada, and Brazil, focusing on organizations such as…
-
IIS Servers Compromised by Chinese Hackers for SEO Manipulation
Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct search engine optimization (SEO) fraud and steal high-value data. Identified in April 2025, this group targets reputable IIS servers in India, Thailand, Vietnam, Canada, and Brazil, focusing on organizations such as…
-
Jaguar Land Rover cyber-attack: what’s the latest news?
How is the government helping the carmaker? Will jobs be protected? And when will production restart?<ul><li><a href=”https://www.theguardian.com/business/live/2025/sep/29/moral-hazard-fears-jlr-jaguar-land-rover-government-loan-gsk-ceo-astrazeneca-listing-dollar-shutdown-business-live-news”>Business live latest updates</li></ul>Jaguar Land Rover’s factories have been shut for almost a month after <a href=”https://www.theguardian.com/business/2025/sep/02/jaguar-land-rover-cyber-incident-manufacturing-retail”>a cyber-attack that forced it to turn off computer systems in the UK, Slovakia, India and Brazil.The UK government has stepped in with…
-
UK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeks
The Indian-owned carmaking giant will be bailed out after a cyberattack stalled car production and its downstream supply chain. Critics argue that the bailout sends the wrong message to hackers and crime groups. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/29/uk-government-bails-out-jaguar-land-rover-with-1-5b-loan-after-hack-disrupts-vehicle-production-for-weeks/
-
Thousands of Indian bank transfer records found spilling online after security lapse
Security researchers found the exposed Indian bank transfer records, and the data was eventually secured. Indian fintech company NuPay took responsibility for the “configuration” error. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/26/thousands-of-indian-bank-transfer-records-found-online/
-
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632058/Over-half-of-India-based-companies-suffer-security-breaches
-
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632058/Over-half-of-India-based-companies-suffer-security-breaches
-
Over half of India-based companies suffer security breaches
Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632058/Over-half-of-India-based-companies-suffer-security-breaches
-
Thousands of Indian bank transfer records found online
Security researchers found the exposed Indian bank transfer records and the data was eventually secured, but nobody wants to take responsibility for the security lapse. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/25/thousands-of-indian-bank-transfer-records-found-online/