Tag: GOVT. | Page 5

Govt warns of new mobile banking virus prowling in Indian cyberspace. Check security advisory here

September 15, 2022/in Computer Security

The Indian federal cyber security agency said in its latest advisory that a new mobile banking ‘Trojan’ virus, SOVA, which can stealthily encrypt an Android phone for ransom and is hard to uninstall is targeting Indian customers. The virus has upgraded to its fifth version after it was first detected in the Indian cyberspace in July, the Indian Computer Emergency Response Team or CERT-In, the federal technology arm said, which combats cyber attacks and guards the Internet space against phishing and hacking assaults and similar online attacks.

As per the advisory, “it has been reported to CERT-In that Indian banking customers are being targeted by a new type of mobile banking malware campaign using SOVA Android Trojan. The first version of this malware appeared for sale in underground markets in September 2021 with the ability to harvest user names and passwords via key logging, stealing cookies and adding false overlays to a range of apps.”

Further notifying that SOVA was earlier focusing on countries like the US, Russia and Spain, but in July 2022 it added several other countries, including India, to its list of targets. Notably, the latest version of this malware hides itself within fake Android applications that show up with the logo of a few famous legitimate apps like Chrome, Amazon, NFT (non-fungible token linked to crypto currency) platform to deceive users into installing them, according to news agency PTI report.

“This malware captures the credentials when users log into their net banking apps and…

Source…

Windows Users Get a Security Warning from Govt

August 26, 2022/in Computer Security

Windows

Using a Windows-based desktop? The Indian government has issued a high-security alert for you, so you should be aware of it. The Ministry of Electronics and Information Technology, through the Indian Computer Emergency Response Team (CERT-In), has released a warning for all Windows users warning that Windows may have a serious vulnerability. Users are urged to upgrade their hardware right now. A security issue that could impair Windows Defender, the application that shields Windows against viruses, spyware, and other threats, has been brought to the attention of the organisation.

What is the Warning For Window Users

The current situation, according to experts from CERT-In and Microsoft, is one of the most serious security emergencies in recent memory. The fact that hackers could be able to access a computer without being noticed by security measures is further highlighted due to the high level of vulnerability. As a result, it has been reported that a weakness in the Windows Defender’s Credential Guard component allows a locally authenticated attacker to bypass security precautions and get elevated access to the targeted system. The issue that causes the default falls under the heading of a zero-day vulnerability. This suggests that it is only found while it is being used. It has access to the entire domain because it can spoof and seem to be an authorised user. For businesses and organisations that use domains to manage each machine or account connected to the system as a whole, this could have very negative effects.

This vulnerability was purportedly found in the year 2021, based on an examination done by certain security experts throughout the world. There are around 1.5 billion active Windows users at the moment. The recent vulnerability is thought to affect roughly 43 distinct Microsoft versions, according to experts. According to CERT-warning, Windows Defender Credential Guard has been discovered to have privilege escalation and security bypass flaws that could allow a locally authenticated attacker to get around security measures and obtain elevated rights on the targeted machine.