Tag Archive for: Modi

Why Apple risks facing India’s scrutiny after ‘hacking’ allegations against Modi government

/in


(Getty)

(Getty)

India’s lawmakers could pull up Apple representatives after several politicians from the country’s opposition said they received alerts on their iPhones warning them of “state-sponsored” hacking.

Ministers of the Narendra Modi-led government on Tuesday said they will investigate the allegations and “get to the bottom of these notifications” after screenshots of the alert sent by the American tech giant went viral on social media.

While opposition politicians have accused the ruling Bharatiya Janata Party (BJP) administration of spying on rivals and critics ahead of national elections in 2024, it could be Apple that soon faces the scrutiny of the Indian government.

A parliamentary committee on information technology is considering summoning representatives of Apple India over the alerts sent to public figures, an unnamed official of the committee was quoted as saying by news agency ANI on Wednesday.

The committee’s secretariat expressed “deep concern” over the alerts and is treating the matter with the “utmost seriousness”, the official said.

A minister from the Modi government also said Apple should explain what the notification means, especially their claims about the security of their devices.

“After today’s ‘threat notifications’ being received by many people, including MPs, and those in geopolitics, we expect Apple to clarify the following… if its devices are secure, why these ‘threat notifications’ are sent to people in over 150 countries,” said Rajeev Chandrasekhar, the minister of state for electronics and information technology, on X/Twitter.

The BJP’s lawmakers have also rubbished allegations of hacking made by opposition politicians.

“Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID,” said a screenshot of the alert shared by opposition members.

“If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone.

“While it’s possible this is a false alarm, please take this warning seriously,” it said.

The alerts were sent by…

Source…

Modi govt’s warning for Zoom users shouldn’t be ignored at any cost

/in


The Narendra Modi government has issued a high-risk warning to video conferencing platform Zoom users of attackers getting entry to their system and carrying out mischievous operations.

The Indian Computer Emergency Response Team (CERT-IN) has issued the advisory with a high severity rating on Thursday against multiple vulnerabilities reported in the Zoom products.

CERT-IN alerted in the vulnerability note, “Multiple vulnerabilities have been identified in Zoom products.” It added the flaws “could be exploited by an authenticated attacker to bypass security restriction, execute arbitrary code or cause denial of service conditions on the targeted system.”

CERT-IN is a statutory body with powers from the Information Technology (Amendment) Act of 2008. This nodal agency under the Ministry of Electronics and Information Technology monitors computer security incidents, records susceptibilities, and advocates powerful IT security practices throughout the country. It reveals bugs and cybersecurity threats, including hacking and phishing attacks.

Which versions are affected and why?

CERT-IN has stated that the vulnerabilities are found on Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 and Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0.

As per the report, these vulnerabilities exist because of improper access control, debugging port misconfiguration flaw.

How would it influence the system ?

Using these vulnerabilities, the agency warns, an authenticated user could exploit these vulnerabilities to use the debugging port to connect to and control the Zoom Apps running in the Zoom client. The attacker could also prevent participants from receiving audio and video and causing meeting disruptions.

What is the solution?

Users should upgrade to the latest version, as mentioned in Zooms Security advisory.

Zoom’s response

The virtual meeting platform issued an official statement on the report. ““As detailed on our Zoom Security Bulletin page, we have already resolved these security issues. As always, we recommend users keep up to date with the latest version of Zoom to take advantage of Zoom’s latest features and…

Source…

What the Modi Twitter Breach Tells Us About Hackers

/in



Last weekend some smart alecks managed to breach the defenses of one of the most ubiquitous media platforms, access the mouthpiece of the leader of one of the world’s most populous countries, and grab …

Source…

2022 Cybersecurity Predictions Saket Modi, CEO and Co-Founde…

/in


(MENAFN– Mid-East.Info)

  • The First Phygital Catastrophe is Coming: A central mission-critical application will go down and create a ripple impact across businesses and for consumers around the world. For example, a hack on a major central system like an internet gateway, public cloud provider or a healthcare system like Epic will impact millions of people and we will see the physical ramifications in our everyday lives. Healthcare could be upended, businesses unable to provide digital services, flights cancelled, food and supplies not delivered and more.
  • The Consumerization of Cyberattacks Will Rise for Easier Wins: The attack perimeter is becoming more personal, and the consumerization of attacks will rapidly increase. For example, the last iOS update alone had 11 zero-day attacks. Hackers will amplify attacks on mobile apps and people. This issue will proliferate because as zero-day attacks are rising, consumer cyber awareness and the steps people need to take to protect themselves have not increased in tandem.
  • Cybersecurity and Data Science Fields Will Unite: Cybersecurity and data science have been disconnected fields that served two distinct purposes, but they will come together to help organizations better understand and proactively protect against increasing threats. The fields will collide and continue to grow together out of necessity, as application creation and enterprise data continue to explode and dramatically expand the attack surface.
  • Cyber Insurance Will be Mandated: In the next 12 months, the quantum of cyber insurance needed to protect against ransomware and other attacks will be mandated, at least in some geographic regions and industries. In a similar manner to requiring everyone to have auto liability insurance, high at-risk industries will be mandated to have a minimum level of cyber insurance. For example, companies may be required to have insurance to cover at least two percent of their annual turnover. In the next five years, almost all industries and geographic regions will mandate cyber insurance.
  • A Healthcare Cyber Regulator Will be Established: Healthcare continues to be the most targeted and…

Source…