india biggest cyberattacks

 

  • Ukraine targeted in cyberattack
    A targeted operation against Ukraine in late 2023 exploited a Microsoft Office flaw to deliver Cobalt Strike on compromised systems. The attack chain used a PowerPoint slideshow file as the starting point.


  • BenefitsCal program breached
    Hackers gained access to personal information of BenefitsCal participants from March 1, 2023 to February 13, 2024. BenefitsCal is a portal where California residents can manage benefits related to food assistance, cash aid, general assistance, affordable health insurance, and more.


  • Okta observes attacks
    Okta recently observed attacks that route requests through anonymizing services like TOR and residential proxies such as NSOCKS, Luminati, and DataImpulse. 
    Cyware
    Latest Cybersecurity News And Articles - Cyware
    The attacks recently observed by Okta route requests through anonymizing services like TOR and residential proxies such as NSOCKS, Luminati, and DataImpulse. The experts noticed that millions of requests have been routed through these services. Help Net Security. Trends, Reports, Analysis April 29, 2024. Most People Still Rely on Memory or Pen and Paper for Password Management. A Bitwarden survey showed that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit to using personal information in their credentials publicly accessible on social media (60%) platforms and online forums (30%). Bleeping Computer.
    thehackernews.com
    The Hacker News | #1 Trusted Cybersecurity News Site
    Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw. Apr 27, 2024 Cyber Attack / Malware. Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file ("signal-2023-12-20-160512.ppsx") as the starting point, with the filename implying that it may have been shared via the Signal instant messaging app.
    Cybercrime Magazine
    Today's Top Cybersecurity News Stories - Cybercrime Magazine
    Officials at the California Statewide Automated Welfare System filed breach notification documents with state regulators earlier this month, warning participants in the BenefitsCal program about an intruder. A spokesperson explained that BenefitsCal is a portal where California residents can manage benefits related to food assistance, cash aid, general assistance, affordable health insurance and more. From Mar. 1, 2023 to Feb. 13, 2024, hackers gained access to names, dates of birth, Social Security numbers, phone numbers, EBT and Medi-Cal numbers and more information. Full Story. Source: The Record. 04/27/2024.
Other recent cyber attacks include: Slack GitHub Account Hack, Data Of 228 Million Deezer Users Stolen, Twitter Leaks Data On 200 Million Users, Malware Targets 30+ WordPress Plugins, and Kubernetes Clusters Hacked. 

CYBER ATTACK

Govt teams up with SBI Cards, telcos to combat OTP frauds
The Centre is trying a solution that will allow banks to track the registered address as well as geolocation of a customer and where an OTP is getting delivered. In case of any discrepancy between the two locations, the customer can be alerted of a possible phishing attack.
Chinese gangs in Cambodia behind rising cyber-crimes worldwide
Owing to its prolonged political unrest, hundreds of small and medium-sized criminal gangs have found a safe haven in Cambodia. Most of these have either been operated from China or been run by Chinese citizens residing in Cambodia, according to one of persons quoted above.
Skill gap in workforce, AI advancements make cyber attacks more threatening in India
India is witnessing an unpredented surge in cyber attacks. There is also a big skills gap in the cyber security workforce, and advancements in AI are making the problem more acute. While AI is a threat, it is also an opportunity. Synergy between AI and human expertise may be the key to safeguarding the country’s expanding digital ecosystems.
This Vulture can empty your bank account, cyber security firm sounds alarm bells
Security researchers have uncovered a sophisticated version of the Vultur banking trojan, disguised as a security app, targeting Android users through a hybrid attack involving smishing and phone calls. This new variant boasts advanced remote control capabilities and an improved evasion mechanism, making it more dangerous than previous versions.
Baba Vanga's 5 predictions that came true; Bulgarian mystique also shared a timeline for end of world
Vanga has remained a celebrated figure in pop culture and is said to have predicted events such as Princess Diana's death, World War II, the Chernobyl tragedy, and many other incidents. Born blind, she rose to fame in the '70s and '80s due to her uncanny ability to predict the future. Before her death in 1996, she also predicted the end of the world!
CERT-In warns of critical vulnerability in Apple devices; Here's how you can reduce the risk
CERT-In has issued a high-risk warning regarding a critical vulnerability in various Apple products, including iPhones, MacBooks, iPads, and Vision Pro headsets. The vulnerability could allow attackers to execute arbitrary code remotely, posing a significant threat to users' security. It is crucial for users to take immediate action by updating their devices and following CERT-In's precautionary measures to mitigate the risk.
  • Review board to issue report detailing Microsoft's lapses in China hack: report
    The intrusion, which ransacked the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals around the world, was "preventable" and "should never have occurred", the Washington Post said, citing the report.
    Cyber board says Chinese hack of US officials was 'preventable'
    The board said in its report that it identified a series of decisions taken by Microsoft that had decreased enterprise security, risk management and trust from the customers to protect their data and operations.
    Enabled by AI, phishing becomes quite simple
    Phishing attacks, a prevalent cyber threat in India, are on the rise, growing 464% YoY in 2023. These attacks, often using social engineering, target human interaction and rely on psychological manipulation. Despite increased cybersecurity spending, there's a need for greater awareness and education. Most attacks aim to steal sensitive information like credit card numbers and passwords. The RBI has issued new guidelines to enhance IT governance and risk management in response to the rising number of data breaches in Indian banks.
    SEC ramps up hack probe with focus on tech, telecom companies
    The regulator has asked for internal communications of affected companies about the cyber attack's impact, probing for gaps in corporate security and for other cyber incidents, the report said, citing people familiar with the matter who did not identify the companies.
    UK's Lord Cameron sanctions China for cyber attacks; Chinese deny claims, play victim card
    Britain says China hacked electoral watchdog, targeted lawmaker emails
    In response to the attempted hack in 2021 of emails belonging to British politicians "prominent in calling out the malign activity of China", Britain imposed sanctions on two people and one company linked to state-backed Chinese hacking group APT31, the Foreign Office said in a statement.
    Britain due to set out Chinese cyber security threat
    Deputy Prime Minister Oliver Dowden is due to make a statement on the issue to parliament on Monday, a government official said, declining to confirm whether he will also announce reprisals including sanctions.
    IAG warns Air Europa's customers of personal data leak, WSJ reports
    IAG said in an email to Spanish airline Air Europa's customer base that the data breach exposed details such as identity cards or passport information, names, birthdays, phone numbers and nationalities of customers, according to the report. There was no evidence of fraudulent use of the data, it added.
    Cyber attack, data breach among top risks for businesses in India: Survey
    The biennial survey said that India's dependency on technology is likely to increase with the widespread adoption of digital infrastructure like the Unified Payments Interface, Aadhaar, and Open Network for Digital Commerce. "With increasing digitisation, cybercrimes continue to become rampant with costs and complexities associated with such breaches forcing organisations to look at risk mitigation and transfer mechanisms to better manage cyber risks," the survey noted.
    How can Indian SMEs combat ransomware attacks?
    The average ransom soared to $1.54 million in 2023, nearly doubling from the previous year. Cybersecurity experts stress the urgent need for proactive defense strategies, including raising awareness, investing in robust infrastructure, implementing strong access controls, and developing incident response plans.
    Baba Vanga's 2024 predictions come true: From cancer vaccine to global economic crisis
    In 2024, several of Baba Vanga's predictions appear to be coming true, including the development of a cancer vaccine by Russia and the onset of a global economic crisis affecting nations like Japan and the UK. Beyond these, her foresight also extends to increased terrorism, natural disasters, cyber attacks, and even an assassination attempt on Vladimir Putin.
    Bank of America names Infosys US unit for over 57,000 users data leak
    Top American lender Bank of America has named Infosys McCamish Systems (IMS), the US subsidiary of Indian software services giant Infosys, as the source of a data leak owing to a ransomware attack suffered by over 57,000 of its users in November.
    Beware! Hackers use electric toothbrushes in massive cyber attack, results in huge financial loss
    Hackers exploited millions of electric toothbrushes to launch a cyber attack on a Swiss company, causing significant financial damage. The compromised toothbrushes were transformed into a botnet, targeting the company's website with a distributed denial of service (DDoS) assault. Cybersecurity experts emphasize the need for vigilance in securing internet-connected devices, highlighting the growing threat posed by smart devices in escalating cybercrime. This incident underscores the importance of proactive measures to mitigate evolving cybersecurity risks.
    HDFC Mobile Banking App: New security protocols may protect customers of the bank against any impending cyber attacks
    HDFC Bank mobile app: HDFC Bank has updated their security protocols in their mobile banking app. These security protocols will protect customers of the bank against any impending cyber attacks. However for implementing these security features customers of the bank would need to have their bank registered number inside the phone among other things.
    Australian spies blame Russian for major cyberattack
    Australia has identified the Russian mastermind behind a crippling cyber attack, unmasking the 33-year-old hacker for the first time on Tuesday and linking him to an international crime syndicate. - 'Hack the hackers' - Australia beefed up its cyber security laws in the wake of the Medibank attack, pledging that the country's intelligence agencies would proactively "hack the hackers".
    Insurers negotiate with hackers as cyber claims rise
    Insurers are tying up with agencies that act as intermediators to interact with hackers, or “threat actors”. These agencies help in negotiating with the hackers when they don’t release the key after stealing data. At least 5-10 cases involving large sums of money had been settled through such negotiations in a little over a year, experts told ET.
    Good news! British Library is gradually resuming online services following a cyber attack
    The main catalogue, a vital resource for researchers worldwide, includes information on printed and rare books, journals, maps, and music scores. Chief Executive Sir Roly Keating acknowledged the challenges users faced in accessing these resources online and described the return of the main catalogue as the "single most visible impact" of the cyber attack.
    Over 55% companies in APAC hit by cyber attack in last 12 months: Dell
    This is the highest percentage of companies impacted in more than five years, according to Dell’s Global Data Protection Index (GDPI) Cyber Resiliency Multicloud Edition.
    Microsoft-backed Rubrik is eyeing acquisitions to expand its India biz
    Having a large presence in India gives us an unfair advantage, not only (on) the scale of talent, but also the ability to acquire and absorb companies here in India, Bipul Sinha, chairman, cofounder and CEO of Rubrik, told ET.
    Taiwan prepares for cyber D-Day in China invasion scenarios
    Taiwan faces a multifaceted threat from China, not only in terms of military invasion but also in cyber warfare. The island's cybersecurity experts warn of potential cyberattacks targeting critical infrastructure, including telecommunications, energy, and finance sectors. There has been a significant increase in cyber threats in the lead-up to the presidential election. While some attacks are attributed to state-sponsored Chinese groups, others have targeted Taiwan's semiconductor industry, a crucial part of the global supply chain.
    G20 website targeted at least 16 lakh times last year: Cyber Agency
    India's official G20 website was attacked at least 16 lakh times last year, with ₹10,319 crore stolen between April 2021 and December 2023. The attacks targeted victims through online investment fraud, illegal lending apps, sextortion, and OTP forwards. Most crimes originated from China, Cambodia, and Myanmar and involved non-state actors.
    Over Rs 10,300 crore siphoned off by cyber criminals since 2021: report
    Over 4.52 lakh cyber crime cases were reported on the National Cybercrime Reporting Portal (NCRP) in 2021, which rose by 113.7% in 2022, with 9.66 lakh cases being reported on the portal.
    Cybersecurity sector was not immune from job losses in 2023
    As tech layoffs are set to continue unabated in 2024, the cybersecurity industry was not immune from job losses and more than 110 cybersecurity companies fired thousands of employees in 2023.

  • Slack GitHub Account Hack.
  • Data Of 228 Million Deezer Users Stolen.
  • Twitter Leaks Data On 200 Million Users.
  • Malware Targets 30+ WordPress Plugins.
  • Kubernetes Clusters Hacked.
  • Top 10 Cyber Attacks In 2022.
  • Top 10 Vulnerabilities In 2022.
  • View Recent Attacks.

Cryptomining malware, phishing, trojans, ransomware and more

Free report unveils the most sophisticated, devastating, and frequent cyber attacks

Featuring exclusive statistics, comprehensive data, and easy to digest threat analysis, the Cybersecurity Threat Trends Report can help you prepare for the cyber attacks of today, tomorrow, and beyond.

This report explores how cyber criminals:

  • Executed highly coordinated, multi-step attacks
  • Leaned on four types of cyber attacks above all others
  • Used old technologies to launch new ransomware attacks
  • Used fake CDC and vaccine sign-up sites to gain access to data

In the last year, cyber criminals delivered a wave of cyber attacks that were not just highly coordinated, but far more frequent and advanced than ever before seen.

Simple endpoint attacks became complex, multi-stage operations. Ransomware attacks hit small businesses and huge corporations alike. Cryptomining malware attacks gave cyber criminals an easy foothold into company networks. It was a year of massive data leaks, expensive ransomware payouts, and a vast, new, complicated threat landscape. And it was a year that saw cyber criminals up their threat game in a big way.

Using Cisco Umbrella, the industry leader in threat detection,1 we captured and analyzed billions of queries to identify the biggest cyber threats to businesses now.

Download this report for the fascinating details.





Comments

Post a Comment

Popular Posts