Security News

Air gaps have been 'shattered’, says new Indian policy on power sector security
2021-10-08 04:58

India has announced a new security policy for its power sector and specified a grade of isolation it says exceeds that offered by air gaps. "The much hyped air gap myth between information technology and operational technology systems now stands shattered," the policy states, before going on to offer a slightly odd definition of an air gap.

SideCopy Hackers Target Indian Government Officials With New Malware
2021-07-11 21:39

A cyber-espionage group has been observed increasingly targeting Indian government personnel as part of a broad campaign to infect victims with as many as four new custom remote access trojans, signaling a "Boost in their development operations." First documented in September 2020 by Indian cybersecurity firm Quick Heal, SideCopy has a history of mimicking infections chains implemented by the Sidewinder APT to deliver its own set of malware - in an attempt to mislead attribution and evade detection - while constantly retooling payloads that includes additional exploits in its weaponry after a reconnaissance of the victim's data and environment.

Pakistan-linked hackers targeted Indian power company with ReverseRat
2021-06-23 23:26

A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research. Some of the victims include a foreign government organization, a power transmission organization, and a power generation and transmission organization.

WhatsApp Sues Indian Government Over New Internet Regulations
2021-05-30 20:42

WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the "First originator" of messages shared on the platform, thus effectively breaking encryption protections. "Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people's right to privacy," a WhatsApp spokesperson told The Hacker News via email.

Indian government says 5G doesn’t cause COVID-19. Also points out India has no 5G networks
2021-05-11 02:58

As COVID-19 continues to ravage India, the nation's government has told it populace that 5G signals have nothing to do with the spread of the virus - if only because no 5G networks operate in India. After pointing out that the very notion is a nonsense, the department points out that India approved 5G trials on May 4th and they won't start for months.

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users' Data
2021-04-12 09:04

Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. Reacting to the development, the company however said it had recently upgraded its security systems following reports of "Unauthorized access into our database" while stressing that users' funds and securities remained protected.

Indian defense chief admits China’s cyber-weapons would ‘disrupt large number of systems’ whenever Beijing presses the button
2021-04-08 04:14

The highest-ranked officer in India's armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation's defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor. General Bipin Rawat, a four-star general and since 2020 the first to hold a new role of chief of defense staff, offered that assessment yesterday in a talk hosted by Indian think tank the Vivekananda International Foundation.

Leading Indian fintech platform MobiKwik denies data breach
2021-03-30 15:20

Indian digital financial services platform Mobikwik denies claims that almost 8 TB of data put up for sale was allegedly stolen from its servers. The threat actor who put the allegedly stolen data up for sale also created a search portal to allow anyone to check if their data is included in the stolen data.

Researchers hacked Indian govt sites via exposed git and env files
2021-03-12 16:46

Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. Last month, researchers from the Sakura Samurai hacking group had partially disclosed that they had breached cyber systems of Indian government after finding a large number of critical vulnerabilities.

New Sarbloh ransomware supports Indian farmers' protest
2021-03-08 21:20

A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. Last year the Indian government passed a new set of laws called the 'Indian agriculture acts of 2020', also known as the Farm Bills, which the government says is necessary to modernize its agricultural industry.