Page 3 - Hacking
Breaches by Iran-affiliated hackers spanned multiple states: US officials
A small western Pennsylvania water authority was just one of multiple organisations breached in the US by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, US and Israeli authorities say. The victims span multiple US states, the FBI, the Environmental Protection Agency, the Cybersecurity and Infrastructure Security Agency, known as CISA, as well as Israel's National Cyber Directorate said in an advisory emailed to The Associated Press late Friday. They did not say how many organisations were hacked or otherwise describe them. Matthew Mottes, the chairman of the Municipal Water Authority of Aliquippa, which discovered it had been hacked on November 25, said on Thursday that federal officials had told him the same group also breached four other utilities and an aquarium. Cybersecurity experts say that while there is no evidence of Iranian involvement in the October 7 attack into Israel by Hamas that triggered the war in Gaza they ..
Ransomware gang Lockbit posts what it says is Boeing data on website
Lockbit has proven prolific in the ransomware space in recent months. Just this week, it is suspected to have attacked Industrial & Commercial Bank of China Ltd
 "Ransomware gang Lockbit posts what it says is Boeing data on website")
Centre asks Apple for proof of 'state-sponsored attack' amid hacking row
Apple threat notification: This comes after the Centre said that the Indian Computer Emergency Response Team (CERT-In) has initiated an investigation into the incident
 "Centre asks Apple for proof of 'state-sponsored attack' amid hacking row")
Notice sent to Apple, CERT-In has started probe: IT Secy on hacking issue
CERT-In has started its probe in the Apple threat notification issue raised by opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday. He hoped that Apple would cooperate with the investigation by CERT-In on the issue. "CERT-In has started its probe... they (Apple) will cooperate in this probe," Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration. Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur. Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative. Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of "state-sponsored attackers trying to remotely compromise" their iPhones and alleged hacking by the government, a charge IT Minister Ashwini Vaishnaw rejected but assured a thorough probe. Those who received such
 "Notice sent to Apple, CERT-In has started probe: IT Secy on hacking issue")
Oppn MP urges parliamentary panel to take up hacking of iPhones
BJP Lok Sabha member argued that only the government, and not a parliamentary panel, had the jurisdiction to probe the issue
 "Oppn MP urges parliamentary panel to take up hacking of iPhones")
Does govt have no other work: BJP rubbishes Oppn claim of hacking phones
Multiple political leaders have alleged that their Apple devices have been the victim of alleged hacking. The leaders shared the screenshot of the warning received on their Apple devices
 "Does govt have no other work: BJP rubbishes Oppn claim of hacking phones")
Rs 16,180 cr siphoned off after hacking of payment gateway company account
A group of persons allegedly hacked into a payment gateway service provider company's account and siphoned off funds worth over Rs 16,180 crore from different bank accounts over a period of time, the Thane police said. The fraud was taking place since long and came to light following a complaint lodged with Srinagar police station in Maharashtra's Thane city of hacking of the payment gateway account of the company here in April 2023 and Rs 25 crore being siphoned off, an official from Naupada police station said. When the police conducted a probe into it, a mega fraud worth over Rs 16,180 crore came to light, the official said quoting the FIR. Following a complaint by a Thane crime branch official, the Naupada police here on Friday registered the FIR against Sanjay Singh, Amol Andale @ Aman, Kedar @ Sameer Dighe, Jitendra Pandey and another unidentified person under Indian Penal Code sections 420 (cheating), 409 (criminal breach of trust), 467, 468 (forgery), 120B (criminal ...
 "Rs 16,180 cr siphoned off after hacking of payment gateway company account")
Cyberattack at MGM Resorts expected to cost casino giant $100 million
The cybersecurity attack at MGM Resorts last month is expected to cost the casino giant more than USD 100 million, the Las Vegas-based company said in a Thursday regulatory filing. The attack, which was detected on September 10, led to MGM shutting down some casino and hotel computer systems at properties across the U.S. in efforts to protect data. MGM said reservations and casino floors in Las Vegas and other states were affected as customers shared stories on social media about not being able to make credit card transactions, obtain money from cash machines or enter hotel rooms. The company announced the end to its 10-day computer shutdown on September 20. While we experienced disruptions at some of our properties, operations at our affected properties have returned to normal, and the vast majority of our systems have been restored, MGM CEO Bill Hornbuckle said in a Thursday letter to customers. We also believe that this attack is contained. Hornbuckle added that no customer ban
 "Cyberattack at MGM Resorts expected to cost casino giant $100 million")
Noida school's website hacked by group identifying as 'Bangladeshi'
The website of a prominent private school in Noida was purportedly hacked on Thursday by an unknown group identifying itself as "Muslim hackers from Bangladesh". "When liberty is at risk, expect us," read a line from a message visible on the homepage of the website. The matter came to light late in the night, with the police saying they were yet to receive any complaint in this regard. "We are Bangladeshi Muslim hacker's never try to mess our cyberspace. We oppose oppression where we are, we represent freedom, we are simple evolimion of the technological system when liberty is at risk ...expect us... (sic)," read the message on the school's website. The website showed the national flag of Bangladesh. The hackers signed off message with "Joy Bangla" and "Bangladesh" written after it followed by multiple code names. The hack comes close on the heels of a cyber security firm's report that a hacktivist group known as "Mysterious Team Bangladesh" has carried out several distributed ...
 "Noida school's website hacked by group identifying as 'Bangladeshi'")
Cyber attacks surge over 2-fold in India in first half of 2023: Report
India saw a huge surge in ransomware and IoT cyber attacks in the first half of 2023, as criminals shifted to stealthier means of malicious activities, according to a report by SonicWall. While major economies like the US and the UK witnessed a decline in ransomware attacks, India (up 133 per cent) and Germany (52 per cent) are among the countries that saw a huge surge in such attacks, the 2023 SonicWall Mid-Year Cyber Threat Report for the January-June period stated. At the global level, a variety of other attacks have trended up, including cryptojacking (399 per cent), IoT malware (37 per cent) and encrypted threats (22 per cent), the report said. At the global level, there was a decline of 41 per cent in ransomware attacks. Cybercriminals are diversifying and expanding their skill sets to attack critical infrastructure, making the threat landscape even more complex and forcing organizations to reconsider their security needs, the report mentioned. "While India saw a lesser rise
 "Cyber attacks surge over 2-fold in India in first half of 2023: Report")
36 govt websites faced hacking incidents in first six months of 2023
As many as 36 websites of ministries and departments under the central and various state governments faced hacking incidents in the first six months of 2023, Parliament was informed on Wednesday. Cyber security watchdog CERT-In tracked these incidents. According to data shared by Minister of State for Electronics and IT Rajeev Chandrasekhar in Lok Sabha, a total of 1,12,474 cyber security incidents have been tracked by CERT-In. "The government is continuously engaged in formulating policies and setting technical standards in the cyberspace to holistically ensure accessible internet and to mitigate threats & vulnerabilities in the cyberspace," Chandrasekhar said in a written reply. As per the data, 36 websites of ministries and departments under the central and various state governments faced hacking incidents. The minister also shared that over 4.29 lakh cyber security incidents pertaining to financial institutions occurred in the first half of 2023.
Scamsters led by Chinese handlers dupe 15000 Indians of Rs 700 crore
The cash was converted into cryptocurrency after being passed through various Indian bank accounts and, subsequently, routed to China through Dubai
 "Scamsters led by Chinese handlers dupe 15000 Indians of Rs 700 crore")
Companies play catch-up as cybersecurity attacks rise in digital India
A breach at Suzuki Motorcycle India forced the company to halt production in May, and India's largest drugmaker said in March a ransomware attack will have an impact on revenue
 "Companies play catch-up as cybersecurity attacks rise in digital India")
Threat actors don't have access to entire CoWIN portal, database: Report
After the Union health ministry dismissed reports of a data breach on the CoWIN platform, cyber security firm CloudSEK has said that threat actors do not have access to the entire portal nor the backend database. "Based on matching fields from Telegram data and previously reported incidents affecting health workers of a region, we assume the information was scraped through these compromised credentials," CloudSEK said in a report on Monday after an independent analysis. On March 13, a threat actor on a Russian cybercrime forum advertised for compromised access on the CoWIN portal of Tamil Nadu region, it said. After an analysis, CloudSEK said, it was discovered the breach was that of a health worker and not really of the infrastructure. The content displayed on the screenshot matches with the Telegram bot mentioned in the media as follows -- name of the individual, mobile number, identity proof, identification number and number of doses completed. "Furthermore, there are numerous .
British Airways, Boots staff's payroll data compromised by cyberattack
British Airways, owned by IAG, said it had notified affected employees and was providing them with support
 "British Airways, Boots staff's payroll data compromised by cyberattack")
47% of Indian CSPs now prioritise upgrading firewalls as hacking rises
The report found that 100 per cent of the Indian service providers expect to see traffic volumes rise in the next 2-3 years
Hackers selling macOS malware on Telegram which extracts personal info
Threat actors are selling a new malware called -- Atomic macOS Stealer (AMOS) on Telegram channel to target macOS platforms, which is capable of extracting autofill information, passwords and wallets
 "Hackers selling macOS malware on Telegram which extracts personal info")
Ethical hacking training institutes log into Digital India dreams
Rise in cyberattacks, shortage of cybersecurity experts is spawning an ecosystem
 "Ethical hacking training institutes log into Digital India dreams")
Twitter account of crypto exchange KuCoin hacked, over $22.6K stolen
Singapore-based cryptocurrency exchange KuCoin has said that its Twitter account was hacked, allowing threat actors to promote a fraudulent giveaway scam
 "Twitter account of crypto exchange KuCoin hacked, over $22.6K stolen")
TMS Ep411: Amul backlash, dating apps, bank stocks, Cognyte spyware
Why is Amul facing backlash in Karnataka? How are Indian dating apps penetrating tier 2 cities? Ahead of Q4 results, which bank stocks should you bet on? What is Cognyte spyware? All answers here
 "TMS Ep411: Amul backlash, dating apps, bank stocks, Cognyte spyware")
