Security News

A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans that allow the adversary to gain complete control over the compromised endpoints. The attacks work by taking advantage of political and government-themed lure domains that host the malware payloads, with the infection chains leveraging weaponized RTF documents and PowerShell scripts that distribute malware to victims.

Taiwanese PC maker Acer has not only admitted servers it operates in India and and Taiwan were compromised but that only those systems in India contained customer data. The miscreants who claimed to be behind the network breaches boasted they stole gigabytes of information from the servers, and suggested other Acer operations around the world are also vulnerable to information theft.

Taiwanese computer giant Acer has confirmed that its after-sales service systems in India were recently breached in what the company called "An isolated attack." "Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India," an Acer Corporate Communications spokesperson told BleepingComputer.

Blackberry's Research and Intelligence Team has uncovered three phishing schemes targeting Indian nationals, and says a Chinese state-sponsored malware gang is the culprit. Blackberry identified the responsible party as APT41 - a prolific Chinese state-sponsored cyberthreat group that has carried out what Fireye called "Espionage activity in parallel with financially motivated operations" since at least 2012.

India and Japan have each flexed their cyber-defence muscles in ways that China can't miss. India's flex came from vice-president M. Venkaiah Naidu, who on Monday visited a military museum and remarked that India's security forces should "Prepare themselves to dominate not only in a conventional war but also establish their superiority in the new and emerging areas of conflict such as information and cyber warfare along with the increasing use of robotics and drones in the battlefield".

Koo, India's homegrown Twitter clone, recently patched a serious security vulnerability that could have been exploited to execute arbitrary JavaScript code against hundreds of thousands of its users, spreading the attack across the platform. The vulnerability involves a stored cross-site scripting flaw in Koo's web application that allows malicious scripts to be embedded directly into the affected web application.

Mantra Data Centers, an independent data center platform and wholesale colocation provider has announced significant investment plans across India. MDC will design, build and operate Data Center...

Cisco's Talos security unit says it has detected an increased rate of attacks on targets on the Indian subcontinent and named an advanced persistent threat actor named SideCopy as the source. SideCopy's infrastructure, Talos opined, "Indicates a special interest in victims in Pakistan and India," as the malware used only initiates actions if it detects infections in those two countries.

The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. On May 21, India's flag carrier airline, Air India, disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years in the wake of a supply chain attack directed at its Passenger Service System provider SITA earlier this February.

Domino's India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum. In April 2021, a threat actor created a new topic on a hacking forum where they claimed to be selling 13 TB of stolen data, including details for 18 crores orders and 1 million credit cards, from Domino's India.