Tag: alert | Page 2

Malware Alert! Hackers Attacking Indian Android users

March 18, 2024/in Mobile Security

A new malware campaign has been identified targeting Android users in India.

This sophisticated attack distributes malicious APK packages to compromise personal and financial information. The malware, available as a Malware-as-a-Service (MaaS) offering, underscores the evolving threat landscape in the digital age.

Symantec, a global leader in cybersecurity, has stepped up to protect users from this emerging threat.

The Rise of Malicious APKs

The campaign has been meticulously designed to spread malware through APK packages disguised as legitimate applications.

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

:

The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

These applications, which appear to offer services such as customer support, online bookings, billing, or courier services, are vehicles for a range of malicious activities.

Once installed, the malware targets the theft of banking information, SMS messages, and other confidential data from victims’ devices.

This strategy of disguising malicious software as harmless applications is not new but remains highly influential.

The attackers exploit the trust users place in app downloads, particularly those offering valuable services.

Broadcom has recently released a report on a Malware-as-a-Service (MaaS) campaign specifically targeting Android users in India.

The attack represents a threat to the security of Android devices in the region and can potentially cause significant damage to individuals and organizations.

Symantec has identified the malware through its robust security systems, classifying it under two main categories:

Mobile-based Threats:

Android.Reputation.2
AppRisk: Generisk

Web-based Threats:

The campaign’s infrastructure, including observed domains and IPs, falls under security categories protected by…

Source…

India Braces Against Phishing, Ransomware Surge and Alert Fatigue, Urging Swift Adoption of AI, and Automation for Security Operations

March 12, 2024/in Internet Security

Fortinet^®, the global cybersecurity leader driving the convergence of networking and security, has revealed the outcomes of a new survey conducted by IDC on the state of Security Operations (SecOps) in the Asia-Pacific region. The survey, commissioned by Fortinet, provides valuable insights into the current SecOps landscape, emphasizing the role of Artificial Intelligence (AI) and automation. It explores various aspects, including prevalent security practices, attack frequency and impact, detection and response times, alert fatigue, the status, and impact of automation in SecOps workflows, and challenges related to skill development within the SecOps domain. Key findings from India include:

Current Security Challenges: Threats and Team Readiness

Most Common Cyber Threats: Phishing and Insider threats are the most predominant cyber threat in India, with Approximately 50% of organizations ranking them as their top concerns. The top five threats include phishing, insider threats, ransomware, unpatched vulnerabilities, and identity theft.

Ransomware Surge: Ransomware incidents have doubled across India, with 70% of organizations reporting at least a 2X increase in 2023, compared to 2022. Phishing and malware are the primary attack vectors. Other significant vectors include social engineering attacks, insider threats, and zero-day exploits.

Insider Threats and Remote Work: 88% of the respondents feel that Remote work has led to an increase in insider threat incidents. Insufficient training, lack of employee care, and inadequate communication contribute to this surge, emphasizing the need to address human factors in cybersecurity.

Resourcing IT Security Teams: Only 44% of businesses have dedicated IT resources for security teams. This augments the challenges faced by organizations in strengthening their security measures.

Impact of Emerging Technologies: Hybrid work, AI, and IT/OT system convergence pose significant challenges. Cloud technology adoption emerges as a primary challenge, impacting organizational vulnerability to cyber threats.

SecOps SOS: Struggles with Alert Fatigue and Threat Containment

Threat Containment and Preparedness: Approximately one out of three…

Source…

Hack Alert: Sharan Hegde’s YouTube Livestream Hacked for Bitcoin Prices – Security Risks in Cryptocurrency Trading

March 11, 2024/in Computer Security

Initially, well-known businessman Sharan Hegde’s YouTube account was hacked, allowing Bitcoin prices to be streamed live without his permission. The event raised questions about possible dangers related to trading cryptocurrencies and the security of internet platforms.

The Hacker:

A well-known personality in the cryptocurrency world, Sharan Hegde, discovered with alarm that his YouTube account had been hacked and that illegal broadcasts of Bitcoin prices were going live. In addition to damaging Hegde’s online reputation, the hack had a big impact on his viewers and followers who looked to him for trustworthy analysis and breaking news on the bitcoin sector.

After his YouTube account was hacked, Sharan Hegde’s reputation as a well-known influencer and entrepreneur in the Bitcoin field suffered. In addition to damaging his reputation, the unapproved broadcast of Bitcoin prices caused his fans to have bookings about the security setup on his websites. Known for his skill in cryptocurrency trading, Hegde was met with criticism from unhappy users who doubted his capacity to protect private data and uphold the integrity of his online identity.

Cybersecurity-Related Fears:

Cybersecurity and the tendency of internet platforms to unwanted attacks have come under fresh attention following the event involving the hacking of Sharan Hegde’s YouTube account. As cryptocurrencies gain more popularity, hackers are focusing more on people and businesses that deal with digital currency. The hack is a clear reminder of how important it is to have strong cybersecurity protections in place to guard against illegal access and data thefts.

Given the recent attack on Sharan Hegde’s YouTube account, cybersecurity must be given top priority for both individuals and companies involved in the Bitcoin industry. Protecting online platforms from potential threats calls for setting strong passwords, turning on two-factor authentication, and updating security software frequently. Furthermore, keeping an eye out for unusual activity and scams can help reduce the chance of hacking and unauthorised entry.