cio.economictimes.indiatimes.com
Open in
urlscan Pro
2a02:26f0:6c00:1a2::3126
Public Scan
Submitted URL: https://cio.economictimes.indiatimes.com/news/digital-security/microsoft-exchange-under-attack-as-lockfile-ransomware-targets-servers/855...
Effective URL: https://cio.economictimes.indiatimes.com/news/digital-security/microsoft-exchange-under-attack-as-lockfile-ransomware-targets-servers/855...
Submission: On August 24 via api from US
Effective URL: https://cio.economictimes.indiatimes.com/news/digital-security/microsoft-exchange-under-attack-as-lockfile-ransomware-targets-servers/855...
Submission: On August 24 via api from US
Form analysis 4 forms found in the DOM
<form>
<ul class="tabs clearfix">
<li><a class="active" href="#" data-target="cookietabAnalytics">Analytics</a></li>
<li><a class="" href="#" data-target="cookietabNecessary">Necessary</a></li>
<li><a class="hideit" href="#" data-target="cookietabNewsletter">Newsletter</a></li>
</ul>
<div data-box="cookietabAnalytics" class="scroll-content ">
<table cellpadding="0" cellspacing="0">
<thead>
<tr>
<th></th>
<th>Name</th>
<th>Provider</th>
<th>Expiry</th>
<th>Type</th>
<th>Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td><input name="config.ga" id="id-config-ga" type="hidden" value="0"><input name="config.ga" type="checkbox" value="1"></td>
<td><label for="id-config-ga">Google Analytics</label></td>
<td><label for="id-config-ga">Google</label></td>
<td><label for="id-config-ga">1 Year</label></td>
<td><label for="id-config-ga">HTTPS</label></td>
<td><label for="id-config-ga">To track visitors to the site, their origin & behaviour.</label></td>
</tr>
<tr>
<td><input name="config.ibeat" id="id-config-ibeat" type="hidden" value="0"><input name="config.ibeat" type="checkbox" value="1"></td>
<td><label for="id-config-ibeat">iBeat Analytics</label></td>
<td><label for="id-config-ibeat">Ibeat</label></td>
<td><label for="id-config-ibeat">1 Year</label></td>
<td><label for="id-config-ibeat">HTTPS</label></td>
<td><label for="id-config-ibeat">To track article's statistics</label></td>
</tr>
<tr>
<td><input name="config.growthrx" id="id-config-growthrx" type="hidden" value="0"><input name="config.growthrx" type="checkbox" value="1"></td>
<td><label for="id-config-growthrx">GrowthRx Analytics</label></td>
<td><label for="id-config-growthrx">GrowthRx</label></td>
<td><label for="id-config-growthrx">1 Year</label></td>
<td><label for="id-config-growthrx">HTTPS</label></td>
<td><label for="id-config-growthrx">To track visitors to the site and their behaviour</label></td>
</tr>
</tbody>
</table>
</div>
<div data-box="cookietabNecessary" class="scroll-content hide">
<table cellpadding="0" cellspacing="0">
<thead>
<tr>
<th></th>
<th>Name</th>
<th>Provider</th>
<th>Expiry</th>
<th>Type</th>
<th>Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td><input name="config.optout" id="id-config-optout" type="hidden" value="1"><input name="config.optout" type="checkbox" value="1" checked="" disabled=""></td>
<td><label for="id-config-optout">optout</label></td>
<td><label for="id-config-optout">Times Internet</label></td>
<td><label for="id-config-optout">1 Year</label></td>
<td><label for="id-config-optout">HTTPS</label></td>
<td><label for="id-config-optout">Stores the user's cookie consent state for the current domain</label></td>
</tr>
<tr>
<td><input name="config.PHPSESSID" id="id-config-PHPSESSID" type="hidden" value="1"><input name="config.PHPSESSID" type="checkbox" value="1" checked="" disabled=""></td>
<td><label for="id-config-PHPSESSID">PHPSESSID</label></td>
<td><label for="id-config-PHPSESSID">Times Internet</label></td>
<td><label for="id-config-PHPSESSID">1 day</label></td>
<td><label for="id-config-PHPSESSID">HTTPS</label></td>
<td><label for="id-config-PHPSESSID">Stores user's preferences</label></td>
</tr>
<tr>
<td><input name="config.accessCode" id="id-config-accessCode" type="hidden" value="1"><input name="config.accessCode" type="checkbox" value="1" checked="" disabled=""></td>
<td><label for="id-config-accessCode">accessCode</label></td>
<td><label for="id-config-accessCode">Times Internet</label></td>
<td><label for="id-config-accessCode">2.5 Hours</label></td>
<td><label for="id-config-accessCode">HTTPS</label></td>
<td><label for="id-config-accessCode">To serve content relevant to a region</label></td>
</tr>
<tr>
<td><input name="config.pfuuid" id="id-config-pfuuid" type="hidden" value="1"><input name="config.pfuuid" type="checkbox" value="1" checked="" disabled=""></td>
<td><label for="id-config-pfuuid">pfuuid</label></td>
<td><label for="id-config-pfuuid">Times Internet</label></td>
<td><label for="id-config-pfuuid">1 Year</label></td>
<td><label for="id-config-pfuuid">HTTPS</label></td>
<td><label for="id-config-pfuuid">Uniquely identify each user</label></td>
</tr>
<tr>
<td><input name="config.fpid" id="id-config-fpid" type="hidden" value="1"><input name="config.fpid" type="checkbox" value="1" checked="" disabled=""></td>
<td><label for="id-config-fpid">fpid</label></td>
<td><label for="id-config-fpid">Times Internet</label></td>
<td><label for="id-config-fpid">1 Year</label></td>
<td><label for="id-config-fpid">HTTPS</label></td>
<td><label for="id-config-fpid">Browser Fingerprinting to uniquely identify client browsers</label></td>
</tr>
</tbody>
</table>
</div>
<div data-box="cookietabNewsletter" class="scroll-content hide">
<table cellpadding="0" cellspacing="0">
<thead>
<tr>
<th></th>
<th>Name</th>
<th></th>
<th></th>
<th></th>
<th>Purpose</th>
</tr>
</thead>
<tbody>
<tr>
<td></td>
<td><label for="id-config-newsletter">Daily Newsletter</label></td>
<td><label for="id-config-newsletter"></label></td>
<td><label for="id-config-newsletter"></label></td>
<td><label for="id-config-newsletter"></label></td>
<td><label for="id-config-newsletter">Receive daily list of important news</label></td>
</tr>
<tr>
<td><input name="config.promonewsletter" id="id-config-promonewsletter" type="hidden" value="0"><input name="config.promonewsletter" type="checkbox" value="1"></td>
<td><label for="id-config-promonewsletter">Promo Mailers</label></td>
<td><label for="id-config-promonewsletter"></label></td>
<td><label for="id-config-promonewsletter"></label></td>
<td><label for="id-config-promonewsletter"></label></td>
<td><label for="id-config-promonewsletter">Receive information about events, industry, etc.</label></td>
</tr>
</tbody>
</table>
</div>
<footer>
<label><input type="hidden" name="useragreement" value="0"><input type="checkbox" name="useragreement" value="1"> I've read & accepted the
<a style="color:red" href="https://cio.economictimes.indiatimes.com/terms_conditions.php" target="_blank">terms and conditions</a></label>
<input type="button" id="submitconsent" value="OK">
<span class="err_txt hide"></span>
</footer>
</form>GET https://cio.economictimes.indiatimes.com/search
<form method="get" id="search_form" action="https://cio.economictimes.indiatimes.com/search">
<input name="q" aria-label="Query" type="text" class="txt" autocomplete="off" placeholder="Search" value="">
</form>POST
<form method="post" action="" class="clearfix" onsubmit="return (typeof save_techgig_updates_subsription!='undefined')?save_techgig_updates_subsription('top'):EtB2b.subscription.save_techgig_updates_subsription('top');">
<input id="subscribe_email_top" aria-label="Email" type="text" class="textbox" value="" placeholder="Your Email">
<input class="textbox hide" id="full_name_top" name="full_name" value="" placeholder="Your Name">
<input class="textbox hide" id="subscribe_company_top" name="subscriber_company" value="" placeholder="Your Company">
<input class="textbox hide" id="subscribe_desig_top" name="subscriber_designation" value="" placeholder="Your Designation">
<input class="textbox hide" id="subscribe_mobile_top" name="subscriber_mobile" value="" placeholder="Your Mobile">
<input type="hidden" name="pip_category_id_top" id="pip_category_id_top" value="">
<input type="hidden" name="pip_category_top" id="pip_category_top" value="">
<input type="hidden" name="newsletter_id_top" id="newsletter_id_top" value="7">
<p class=" hide"> How did you hear about us? <select id="subscription_source" name="subscription_source">
<option value="PRINT">PRINT</option>
<option value="CUSTOM">WEB</option>
<option value="REFER">FRIENDS</option>
</select>
</p>
<input type="submit" id="subscriber_btn_top" class="btn submit" value="Join Now">
</form>POST
<form method="post" action="" class="clearfix" onsubmit="return (typeof save_techgig_updates_subsription!='undefined')?save_techgig_updates_subsription('bottom'):EtB2b.subscription.save_techgig_updates_subsription('bottom');">
<input id="subscribe_email_bottom" aria-label="Email" type="text" class="textbox" value="" placeholder="Your Email">
<input type="hidden" name="pip_category_id_bottom" id="pip_category_id_bottom" value="0">
<input type="hidden" name="pip_category_top" id="pip_category_bottom" value="">
<input type="hidden" name="newsletter_id_bottom" id="newsletter_id_bottom" value="7">
<input type="submit" id="subscriber_btn_bottom" class="btn submit" value="Join Now">
</form>Text Content
We have updated our terms and conditions and privacy policy
Click "Continue" to accept and continue with ET CIO
ACCEPT THE UPDATED PRIVACY & COOKIE POLICY
Dear user,
ET CIO privacy and cookie policy has been updated to align with the new data
regulations in European Union. Please review and accept these changes below to
continue using the website.
You can see our privacy policy & our cookie policy. We use cookies to ensure the
best experience for you on our website.
If you choose to ignore this message, we'll assume that you are happy to receive
all cookies on ET CIO.
* Analytics
* Necessary
* Newsletter
NameProviderExpiryTypePurpose Google AnalyticsGoogle1 YearHTTPSTo track visitors
to the site, their origin & behaviour.iBeat AnalyticsIbeat1 YearHTTPSTo track
article's statisticsGrowthRx AnalyticsGrowthRx1 YearHTTPSTo track visitors to
the site and their behaviour
NameProviderExpiryTypePurpose optoutTimes Internet1 YearHTTPSStores the user's
cookie consent state for the current domainPHPSESSIDTimes Internet1
dayHTTPSStores user's preferencesaccessCodeTimes Internet2.5 HoursHTTPSTo serve
content relevant to a regionpfuuidTimes Internet1 YearHTTPSUniquely identify
each userfpidTimes Internet1 YearHTTPSBrowser Fingerprinting to uniquely
identify client browsers
NamePurpose Daily NewsletterReceive daily list of important newsPromo
MailersReceive information about events, industry, etc.
I've read & accepted the terms and conditions
NEWS SITES
* Retail News
* Auto News
* Health News
* Telecom News
* Energy News
* Real Estate News
* Technology News
* CFO News
* IT Security News
* BFSI News
* Government News
* Brand Equity
* Hospitality News
* Travel News
* HR News
* Legal News
* Infra News
* B2B News
Upcoming Event: CFO Meet & discussion on Revised Companies Act
Request / Delete Data Privacy setting
* Follow us:
*
*
*
*
* News
* Internet of things
* Security
* Next-Gen Technologies
* Cloud Computing
* Business Analytics
* Strategy & Management
* Big Data
* Mobility
* Services & Apps
* Consumer Tech
* Data Center
* Case Studies
* Corporate
* Social Media
* Policy
* Internet
Here’s how Pune’s PCMC is saving 31,000 million litres of water using data
and analytics9 hrs ago
Here’s how Kellogg is becoming a data-driven business1 day ago
* War for talent has gone to a different level: Axtria's Jaswinder Chadha
* A look at Bharti Axa Life’s machine learning journey
* Here’s how retailers have been utilizing analytics and AI to be
omnipresent
* Here’s how Apollo Tyres is creating more visibility in supply chain
* AI became a part of our lives long before we knew it
* How does digital transformation eliminate the top challenges of food
industry?
* Do what your heart says: Rajesh Shah
* Over 80% of data scientists struggle with real-world datasets despite
training: Survey
* The rise of the autonomous data science teams
* Industries
* Healthcare
* Automotive
* Manufacturing
* Financial Services
* Retail
* IT/ITES
* Banking
* Tech-Talk
* Data Center
*
* CIO Life
* Engage
* Webinars
* CXO-Roundtable Series
* Podcasts
* Online Roundtable
* ETCISO.in
* Events
* DATA STRATEGY SUMMIT 2021
* THE ECONOMIC TIMES SPECTRUM 2021
Era of Iterative Innovation
* ETCIO ANNUAL CONCLAVE 2020
* ETCIO FUTURE NEXT CONCLAVE
* ETCIO CLOUD & DATACENTER SUMMIT 2021
* ETCIO BFSI DIGITAL CONCLAVE
* Brand Solutions
* THE POWER OF 10 VIRTUAL SUMMIT
Experience the next-gen of IBM Power Series
* BUILDING THE CUSTOMER EXPERIENCE OF THE FUTURE
* ETCIO IDENTITECH 2021
Building Trust In A Digital World
* ACCELERATE YOUR BUSINESS THROUGH HYBRID CLOUD
* UNIFIED CLOUD EXPERIENCE FOR GROWTH AND INNOVATION
Tata Communications
* UNLOCK NEXT-LEVEL EMPLOYEE AND CUSTOMER EXPERIENCES WITH AI AND AUTOMATION
* REVOLUTIONIZING CUSTOMER EXPERIENCE WITH CLOUD-BASED DIGITALIZATION
* BOOSTING YOUR ENTERPRISE SECOPS
* ELEVATE YOUR OFFICE 365 SECURITY AND BACKUP
Barracuda
* LEADING THE WAY WITH AI-DRIVEN ENTERPRISE
* REDEFINING ACCESS MANAGEMENT AND SECURITY
* DIGITAL SUMMIT: EMPOWERING EVERYONE THROUGH DATA
* POWEREDGE INNOVATION LAUNCH 2021
* GEARING UP RESILIENT WORKSPACES OF THE NEW NORMAL
* RESHAPE TOMORROW VIRTUAL SUMMIT 2021
Join young, dynamic & super-successful CEOs & C-su..
* ASIA PACIFIC PREDICTIONS 2021 GUIDE
Forrester
* REDISCOVER PRODUCTIVITY, POWERED BY INNOVATION
* DTX AWARDS
Cisco
* DIGITAL SOLUTIONS FOR SMBS
AWS
* MODERN DATA CENTER
Delta
* SHAPING THE FUTURE OF COMMUNICATIONS
* LEAD IN THE NEW NORMAL
DXC Technology
* BUILDING A RESILIENT WORKPLACE
IBM
* Security
* Cloud Computing
* Big Data
* Internet of things
* Business Analytics
* Mobility
* Research
* Building Trust
* Data Center
* More
* Next Gen Tech
* Consumer Tech
x
* IT News
* Latest IT News
* Security
MICROSOFT EXCHANGE UNDER ATTACK AS LOCKFILE RANSOMWARE TARGETS SERVERS
Security researchers claim to have discovered a new ransomware family called
LockFile that seems to the same that was used earlier to attack Microsoft
Exchange servers in the US and Asia. According to Symantec, previously unseen
ransomware has hit at least 10 companies in the ongoing campaign. These targets
are across industries.
* TIMESOFINDIA.COM
* August 24, 2021, 13:44 IST
*
*
*
*
*
*
*
*
Security researchers claim to have discovered a new ransomware family called
LockFile that seems to the same that was used earlier to attack Microsoft
Exchange servers in the US and Asia. According to Symantec, previously unseen
ransomware has hit at least 10 companies in the ongoing campaign. These targets
are across industries.
The LockFile ransomware was first observed on the network of a US financial
organisation on July 20, 2021, with its latest activity seen as recently as
August 20.
How the new attack works
As per Symantec, there are signs that the attackers gain access to victims'
networks via Microsoft Exchange Servers, and then use the incompletely patched
PetitPotam vulnerability to gain access to the domain controller, and then
spread across the network. It is so far not clear how the attackers gain initial
access to the Microsoft Exchange Servers. As per US Cybersecurity and
Infrastructure Security Agency (CISA), "Malicious cyber actors are actively
exploiting the following ProxyShell vulnerabilities: CVE-2021-34473,
CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities
could execute arbitrary code on a vulnerable machine. CISA strongly urges
organisations to identify vulnerable systems on their networks and immediately
apply Microsoft's Security Update from May 2021—which remediates all three
ProxyShell vulnerabilities—to protect against these attacks."
The attackers behind this ransomware are said to use a ransom note with a
similar design to that used by the LockBit ransomware gang and reference the
Conti gang in the email address they use, contact@contipauper.com.
As per the report, typically around 20 to 30 minutes prior to deploying
ransomware, the attackers install a set of tools onto the compromised Exchange
Server. These include:
* An exploit for the CVE-2021-36942 vulnerability (aka PetitPotam). The code
appears to be copied from https://github.com/zcgonvh/EfsPotato. This is in a
file called “efspotato.exe”.
* Two files: active_desktop_render.dll and active_desktop_launcher.exe
The encrypted shellcode, however, very likely activates the efspotato.exe file
that exploits PetitPotam vulnerability. It was patched in Microsoft’s August
Patch Tuesday release, but it subsequently emerged that the fix released
reportedly did not fully patch the vulnerability.
The companies attacked include those in the manufacturing, financial services,
engineering, legal, business services, and travel and tourism sectors.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
vulnerabilities
symantec
proxyshell
petitpotam
microsoft exchange
lockfile
cyber attack
Recommended by Colombia
SPONSORED STORIES
SUBSCRIBE TO OUR NEWSLETTER
75000+ Industry Leaders read it everyday
How did you hear about us? PRINT WEB FRIENDS
I have read Privacy Policy and Terms & Conditions and agree to receive
newsletters and other communications on this email ID.
Most Read
* This Week
* This Month
* HERE’S HOW APOLLO TYRES IS CREATING MORE VISIBILITY IN SUPPLY CHAIN
Apollo Tyres is integrating demand planning and sales forecasting from all
distribution points globally using a single IT solution to all factories for
better supply chain visibility.
* WIPRO'S FORMER COO BHANUMURTHY BALLAPURAM JOINS GOOGLE CLOUD
* ADOBE ELEVATES ABHIGYAN MODI AS SENIOR VICE PRESIDENT
* HOW TECHNOLOGY IS TRANSFORMING LIFE INSURANCE BUSINESS
* KUNAL MEHTA JOINS TCS AS PROGRAM DIRECTOR
Mehta joins TCS from FabIndia where he served as Group CTO.
* EQUITAS SMALL FINANCE BANK KICKS OFF DIGITAL STRATEGY 2.0
* YES BANK APPOINTS MAHESH RAMAMOORTHY AS CIO
* HERE’S HOW APOLLO TYRES IS CREATING MORE VISIBILITY IN SUPPLY CHAIN
MOST READ IN SECURITY
* This Week
* This Month
* JAPAN’S LIQUID GLOBAL HACKED; CRYPTO WORTH $97 MILLION STOLEN
* INDIAN BUSINESSES SUFFER MORE CYBER ATTACKS WITH REMOTE WORKING
* STRIKING THE RIGHT BALANCE BETWEEN USER FRIENDLINESS AND DIGITAL SECURITY
* T-MOBILE CONFIRMS OVER 47 MN CUSTOMERS AFFECTED IN DATA BREACH
* JAPAN’S LIQUID GLOBAL HACKED; CRYPTO WORTH $97 MILLION STOLEN
* 73% OF INDIAN FIRMS EXPECT CUSTOMER DATA BREACH IN NEXT 1 YEAR
* CHINESE FIRM DJI'S DRONES STILL A NATIONAL SECURITY THREAT: US
* HACKERS THREATEN TO LEAK DATA OF INTEL, AMD IN GIGABYTE ATTACK
CIO TV
* RGCIRC LEVERAGING DIGITAL PLATFORMS FOR CLINICAL PRODUCTIVITY
* 16:44
MAX HEALTHCARE UNVEILS GUIDE TO THE FUTURE OF DIGITAL HEALTH
* 19:59
IS AI BECOMING THE NEW BOSS?
* 01:07:37
BATTLING THE CLOUD COMPLEXITY CHALLENGES
View More
COOK, NADELLA, JASSY TO MEET BIDEN OVER CYBERSECURITY: REPORT
Top tech honchos like Apple CEO Tim Cook, Microsoft CEO and Chairman Satya
Nadella and Amazon CEO Andy Jassy are set to meet US President Joe Biden on
August 25 to make him familiar with how they are addressing the growing cyber
threats in the wake of recent data breaches.
* IANS
Click Here to Read This Story
*
*
*
*
*
*
*
*
Washington, Top tech honchos like Apple CEO Tim Cook, Microsoft CEO and Chairman
Satya Nadella and Amazon CEO Andy Jassy are set to meet US President Joe Biden
on August 25 to make him familiar with how they are addressing the growing cyber
threats in the wake of recent data breaches.
According to a Bloomberg report, Joe Biden plans to host a meeting on Wednesday
to discuss how companies are improving cybersecurity.
"The executives could discuss efforts undertaken by critical infrastructure
entities, including those in the banking, energy and water utility sectors, to
improve cybersecurity and collaborations with the government," the report said
on Tuesday.
Google, IBM, JPMorgan Chase, and the energy firm Southern Company have also been
invited.
The tech companies declined to comment on the report.
The cybersecurity meeting comes in the wake of several incidents like the
massive Solarwinds hack, the Kaseya ransomware attack and the Colonial Pipeline
shutdown resulting from a cyber-attack.
Alarmed at repeated cyber attacks on the country, Biden in May signed an
executive order, implementing new policies to improve national cybersecurity.
Admitting that the US is facing persistent and increasingly sophisticated
malicious cyber campaigns that threaten the public sector, the private sector,
and ultimately the American people's security and privacy, Biden said that the
government must improve its efforts to identify, deter, protect against, detect,
and respond to these actions and actors.
"Protecting our nation from malicious cyber actors requires the Federal
Government to partner with the private sector. The private sector must adapt to
the continuously changing threat environment, ensure its products are built and
operate securely, and partner with the Federal Government to foster a more
secure cyberspace," he wrote in the executive order.
The executive order was passed after the Colonial Pipeline Company, which is the
largest refined-products pipeline in the country, was forced to shut down due to
a cybersecurity attack on May 7.
Since February, the Biden administration has been working to remediate the
SolarWinds attack and change federal IT practices to protect against similar
attacks in the future.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
microsoft
incident response
ibm
google
cyber threats
cyber security
CYBER CHEATS TOOK RS 4 CRORE IN 13 MONTHS, RECKON COPS
The coronavirus pandemic has quickened the pace towards digital transactions —
and online frauds. The city can vouch for that. While there is no official
figure, police estimate residents lost Rs 4 crore to cyber crime cheats in more
than13 months from July 1, 2020, to August 15 this year.
* Pawan Tiwari
* TNN
Click Here to Read This Story
*
*
*
*
*
*
*
*
CHANDIGARH: The coronavirus pandemic has quickened the pace towards digital
transactions — and online frauds. The city can vouch for that. While there is no
official figure, police estimate residents lost Rs 4 crore to cyber crime cheats
in more than13 months from July 1, 2020, to August 15 this year.
Police dealt with roughly 8,000 complaints. As many as 3,408 of them came
between January and July 20 alone. Shoppers and buyers and sellers of
second-hand goods topped the list of the conned, that is 568, in the more than
six months. Most of these people tried to buy goods online or sell them on
classifieds website like OLX but ended up losing their some of their hard-earned
earnings.
Anxieties and fears were exploited too.
People who lost their jobs during these uncertain times believed fake job
letters sent online in desperation. A total of 116 of them were duped on the
pretext of a job or work visa. Another 84 were cheated in exchange of providing
a loan.
Data showed the cyber cell received 518 complaints of debit or credit card
cloning and money being withdrawn fraudulently from ATMs. A total of 371 people
were cheated after they read out their bank and OTP details to strangers posing
as bank and company executives. As many as 17 people lost money to fraudsters
selling LIC policies or handing over insurance claims. Police also received 446
complaints of hacking or creating fake IDs on social media in the more than six
months.
On the arrest side, 38 cyber criminals were caught in one year from July 2020.
Six of them were nabbed from Jamtara, Jharkhand, which is considered to be a
safe haven for cyber criminals in the country. Recently, the cyber cell had
arrested three Jamtara residents for allegedly duping a a Sector 23 woman of Rs
11.93 lakh by offering to help her receive notifications for withdrawing money
on her mobile phone. A few of the accused were from West Bengal, Mumbai and
Delhi.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
Crime
vulnerabilities
security hackers
cyber crime
Cyber cheats
CHANDIGARH news updates
CHANDIGARH news today
CHANDIGARH news
CHANDIGARH
JAPAN’S LIQUID GLOBAL HACKED; CRYPTO WORTH $97 MILLION STOLEN
The Japanese exchange did not explain how its security was dented.
* TIMESOFINDIA.COM
Click Here to Read This Story
*
*
*
*
*
*
*
*
NEW DELHI: A leading Japanese crypto exchange Liquid Global has been hacked and
$97 million worth of cryptocurrency has been stolen.
The incident was reported in a tweet by Liquid Global on Thursday. Now they are
moving digital assets to secure cold wallets from warm wallets.
A blockchain analytics company, Elliptic has estimated that over $97 million
worth of crypto in Ethereum, Bitcoin, XRP and stablecoins has been stolen.
Of this, $45 million is in Ethereum that is being converted into ether to
prevent the hacker from freezing the assets.
Cold wallets and hot/warm wallets are cryptocurrency wallets. Warm wallets are
connected to the internet and allow users to receive, send and store tokens and
are more vulnerable to thefts. Cold wallet works in offline mode.
Liquid Global has suspended deposits and withdrawals in the exchange pending
investigation into the incident.
The company has claimed in a blog post, that the hacker had targeted a
Multi-Party Computation wallet (MPC), which is used for warehousing, and
management of cryptographic assets used by a Singapore subsidiary QUOINE PTE.
MPC is an advanced cryptographic technique in which the private key controlling
funds is generated collectively by a set of parties, none of whom can see the
fragments calculated by others.
However, the Japanese exchange did not explain how its security was dented.
Liquid Global assured that it is trying to trace funds and working with other
exchanges to freeze and recover funds. It also assured that it would do
everything in its power to mitigate the crisis and restore full services as soon
as possible.
This is the second major crypto heist reported in the world of Decentralised
Finance or DeFi. It comes a week later the biggest heist of $600 million
cryptocurrency from a protocol PolyNetwork, that lets users swap tokens across
different blockchains.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
vulnerabilities
security hackers
liquid global hack
ethereum
cyber attack
crypto stolen
crypto hacked
bitcoin
WHAT IS CHINA'S NEW DATA PRIVACY LAW ALL ABOUT?
n a bid to tighten control over how companies -- particularly tech giants --
collect and handle their users’ information, China passed the Personal
Information Protection Law (PIPL).
* TIMESOFINDIA.COM
Click Here to Read This Story
*
*
*
*
*
*
*
*
NEW DELHI: In a bid to tighten control over how companies -- particularly tech
giants -- collect and handle their users’ information, China passed the Personal
Information Protection Law (PIPL).
The law, which takes effect November 1, follows complaints that companies
misused or sold customers' data without their knowledge or permission, leading
to fraud or unfair practices such as charging higher prices to some users.
Law and behold
* While the exact contours of the new law are as yet unknown, since the final
draft has not been published, a previous version specified that companies will
need consent from their users to collect personal data, with the user having the
right to cancel that consent at any time.
* Additionally, companies can not refuse to provide their services to such users
who deny consent for collection of personal data — unless that data is required
for providing that product or service.
* The law also lays out guidelines for data protection when it is transferred
out of the country and makes it mandatory for companies to not only designate an
individual in charge of personal information but also conduct periodic audits
that the law is being complied with.
* Failure to meet any of the provisions will result in hefty fines.
Twin tango
* The PIPL, which takes off from Europe’s General Data Protection Regulation
(GDPR) that came into effect in 2018, together with the Data Security Law (DSL)
which will be implemented from September 1, is expected to force companies to
re-evaluate their data storage and processing practices. DSL tasks companies
with segregating data based on its economic value and relevance to China’s
national security.
* The laws arrive amidst tightening control by Chinese regulators over its
industry and how it uses users’ data, prompted by public complaints about user
privacy violations.
* Last month for instance, the country’s cyberspace regulator, Cyberspace
Administration of China (CAC), announced that it will open a probe in the
country’s ride-hailing app, Didi, which has been accused of violating users’
privacy. The company was forced to stop signing new users and its app removed
from Chinese app stores.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
Economy
privacy
new data privacy law
chinese companies
china users data
china data privacy law
china data privacy
T-MOBILE CONFIRMS OVER 47 MN CUSTOMERS AFFECTED IN DATA BREACH
US telecommunications giant T-Mobile has admitted that nearly 47.8 million
customers have been affected in a latest data breach.
Click Here to Read This Story
*
*
*
*
*
*
*
*
San Francisco, US telecommunications giant T-Mobile has admitted that nearly
47.8 million customers have been affected in a latest data breach.
T-Mobile, which has more than 100 million customers, said its preliminary
analysis found that approximately 7.8 million current T-Mobile postpaid customer
accounts' information appears to be contained in the stolen files, as well as
just over 40 million records of former or prospective customers who had
previously applied for credit with T-Mobile.
"Importantly, no phone numbers, account numbers, PINs, passwords, or financial
information were compromised in any of these files of customers or prospective
customers," the company said.
It, however, admitted that some of the data accessed did include customers'
first and last names, date of birth, SSN, and driver's license/ID information
for a subset of current and former postpay customers and prospective T-Mobile
customers.
"We have no indication that the data contained in the stolen files included any
customer financial information, credit card information, debit or other payment
information," it added.
Reports surfaced last week that hackers were selling the T-Mobile data for six
Bitcoins ($270,000) on the Dark Web.
The sellers told Motherboard that they have obtained data related to over 100
million people which came from T-Mobile servers and includes Social Security
numbers, names, addresses and driver license information
T-Mobile said that its was taking immediate steps to help protect all of the
individuals who may be at risk from this cyberattack.
T-Mobile has been the target of several data breaches in the last few years.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
T-mobile
social security
security hackers
motherboard
informationt-mobile
incident response
data breach
bitcoins
INDIAN BUSINESSES SUFFER MORE CYBER ATTACKS WITH REMOTE WORKING
While 38 per cent of respondents from India continue to be very concerned about
the security risks while working remotely, globally, this figure stands at 39
per cent, according to '2021 Thales Global Data Threat Report', a commissioned
study conducted by 451 Research, part of S&P Global Market Intelligence.
* IANS
Click Here to Read This Story
*
*
*
*
*
*
*
*
New Delhi: After a year into the pandemic-driven remote working, 40 per cent of
Indian businesses reported an increase in the cyber attack volume, severity
and/or scope of cyber attacks in the last 12 months in comparison to the global
figure of 47 per cent, a new report has showed.
While 38 per cent of respondents from India continue to be very concerned about
the security risks while working remotely, globally, this figure stands at 39
per cent, according to '2021 Thales Global Data Threat Report', a commissioned
study conducted by 451 Research, part of S&P Global Market Intelligence.
Despite being over a year into remote working and the possibility of a likely
shift to hybrid working models, security remains a key concern for the Indian
businesses, the report said, adding that managing security risks is undoubtedly
getting more challenging in the country.
"Many organisations experienced heightened security challenges over the last
year and with the increasing number of ransomware attacks, organisations are now
facing a double extortion threat," said Ashish Saraf, VP and Country Director -
India, Thales.
"Not only could they be locked out of their critical IT and OT systems but also
have their sensitive data released on the Internet," he added.
For respondents from India, malware (56 per cent) is the leading source of
security attacks followed by ransomware (53 per cent), and phishing and
credential stuffing (both 43 per cent).
Malicious insiders (40 per cent), external attacks (25 per cent) and human error
(25 per cent) have been spotted by respondents from India as the types of
attacks seen with the greatest threat.
"The traditional aspect of just relying on a sound backup and restore strategy
is no longer sufficient, organisations need to implement a comprehensive digital
security including controlling access to data, encryption of sensitive data
coupled with secure management and control of encryption keys," Saraf
emphasised.
Despite the increased risk remote working has posed to enterprises throughout
the pandemic, nearly half (48 per cent) of respondents from India report that
their security infrastructure was not prepared to handle the risks caused by
Covid-19.
In fact, only one in five (21 per cent) of organisations believe it was very
prepared.
"Forty eight per cent of respondents from India rank third-party vendor networks
as the biggest target for cyber attacks, followed by on-premises legacy
applications (44 per cent), cloud-based storage (40 per cent) and web
applications (38 per cent)," the report revealed.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
cyber attacks
remote working
Malware attacks
Internet
data security
cyber security
STRIKING THE RIGHT BALANCE BETWEEN USER FRIENDLINESS AND DIGITAL SECURITY
Accelerated digitization and improved data sharing technologies have greatly
enhanced our lives by powering smart cities, driving personalized Ad
recommendations, and more. However, too much of anything is bad -including too
much data-sharing and reliance on technology.
* ETCIO
Click Here to Read This Story
*
*
*
*
*
*
*
*
By Shankar Roddam
Accelerated digitization and improved data-sharing technologies have greatly
enhanced our lives by powering smart cities, driving personalized Ads, and more.
Everything from utilities to banking is just a tap away. However, too much of
anything is bad - including too much data-sharing and dependence on digital
technology. In our quest to take it easy and ride out the pandemic by relying
heavily on technology,
* Are we sharing more data than we should?
* Are new-age apps putting us at risk of being targeted by cybercriminals?
* How can enterprises strike a balance between trust and convenience to deliver
user expectations without compromising security?
The human fascination for doing things the easy way
Humans have always been fascinated with doing things the easy way. The digital
ecosystem has made most of the services we need on-demand and easily accessible.
It has also made us more demanding and impatient than ever before.
With greater competition and user expectations, enterprises are investing
heavily in personalization and user-friendliness. Companies are watching their
customers closely and collecting more data. Data helps in understanding the
patterns and habits of customers that lead to a good user experience.
Unfortunately, all this online activity is also attracting the attention of
cybercriminals. Their goal is to find new loopholes in the system for fraudulent
activities. To safeguard customers, enterprises must also focus on security and
data protection.
As we continue to blur the lines between our online and offline worlds,
enterprises will have to work harder to balance trust and convenience to deliver
great UX while protecting consumer data.
How to balance user experience and data security?
While consumers are willing to share specific data for convenience, over 91% of
them worry about the potential misuse of data. They have a good reason to be
worried. Fraudsters can misuse personal data like phone numbers and email id for
criminal activities such as identity thefts, hacking, SIM cloning, and account
takeovers. The scale of threat faced by today's digital customers goes far
beyond the occasional funny phishing emails from Nigerian Princes. The digital
dark web conceals deadly malware and cybercriminals capable of taking down
entire governments and economies. No one who is part of the digital environment
is safe from the threat of cybercrime. When it comes to customer data, you
cannot afford to miss security blind spots.
Additionally, enterprises also must manage the complexity of large volumes of
user data generated every day. By 2025, the world will store 200 zettabytes of
data.
How exactly then do you protect your online customers without compromising on
application usability?
If you over-focus on security, the additional steps can drive away your
impatient digital user even before they onboard the platform. Unnecessary
verification steps can reduce consumer trust and increase the cost of acquiring
new users. No business wants a high dropout rate and increased CAC. On the other
hand, if you skip the strong authentication and security measures, you leave
your application vulnerable to hackers.
The solution is all about balance. The key is to design software that addresses
security concerns with minimal interference to the user flow. Enterprises must
deal with user data transparently and ethically. Firstly, they should make it
clear to customers why certain data is collected and how it will be used. You
should avoid collecting any data without explicitly mentioning the purpose for
which it is being used. Secondly, companies should assess the user flow in
detail to identify security areas where authentication is required. The key is
to add verification steps only where it is required. Mechanisms like 2FA can be
implemented for an extra layer of security.
The common ground: Protecting data and making apps simpler
The first step to design a secure and user-friendly app is to arrive at the
right balance between security and convenience. Enterprises must incorporate
only those steps in the user flow which are necessary. Less is more, and more
can be too much for the impatient app user.
It is also critical to assess if there is a better way to get things done. One
of the merits of digital onboarding is the access to related technology and data
that can significantly improve the UX by removing the extra verification steps.
Telecom data, for instance, can be used for verifying the address and location
of users. Telecom data also allows alternative credit scoring to deliver
financial services such as loans to the underprivileged and drive financial
inclusion in remote areas.
All non-essential steps can also be removed by analyzing the sequence of events.
Credit apps, for example, require a credit score for processing a loan. By
assessing the credit score in the first step itself, the steps for document
verification for ineligible applicants can be eliminated. Another example of
data sharing is the upgraded WES application with an improved electronic
verification process that allows students to verify academic certificates online
without manually sharing transcripts to multiple different authorities for
verification.
Data can do good, especially during the pandemic
In conclusion, both user experience and security are essential. Consumers want
the convenience of technology to complete transactions and everyday activities
that can no longer carry out due to restrictions in public movement.
When applied ethically, data-sharing technology opens new avenues for
personalization and addresses complex use cases to make our better. To fully
exploit the potential, enterprises must address the risks and threats associated
with data sharing.
Organizations who have access to customer data must keep trust as their
centerpiece and ensure that the user data is protected and used only for
delivering the value that has been promised. To scale growth, customer-facing
apps must achieve that sweet balance between user-friendliness and digital
security.
The author is Chief Operating Officer, Subex
Follow and connect with us on Twitter, Facebook, Linkedin
Security
UX
Subex
shankar roddam
digital security
cyber security
cyber criminals
customer data
INDIAN TOPS GLOBAL CYBER ATTACKS ON EDUCATION SECTOR: REPORT
The education sector in India was attacked significantly more compared to other
industries in the month of July globally, experiencing 5,196 attacks per week on
average, a new report showed on Wednesday.
* IANS
Click Here to Read This Story
*
*
*
*
*
*
*
*
New Delhi, The education sector in India was attacked significantly more
compared to other industries in the month of July globally, experiencing 5,196
attacks per week on average, a new report showed on Wednesday.
By region, organisations in education sector in South Asia experienced the
highest volume of attacks. The most targeted countries were India, Italy,
Israel, Australia and Turkey, according to Check Point Research (CPR).
"In India, schools, universities and research centres make for attractive
targets to cyber criminals because they are often under resourced from a
security perspective. The short-notice, on-and-off shift to remote learning
exacerbates the security risk," said Sundar Balasubramanian, Managing Director,
Check Point, India and SAARC.
The UK region experienced a 142 per cent increase in weekly cyber attacks on its
education sector, while the East Asia region marked a 79 per cent increase.
"With so many students logging on from their home networks using their personal
devices, the current school season presents a range of new security threats that
many aren't prepared to address," he added.
In more than half of the countries studied by CPR, the education sector is the
most attacked sector, and in 94 per cent of them, the education sector is in the
top three most attacked sectors.
"Organisations in the Indian education sector should be proactive in their
protection strategies. It's important to constantly change and strengthen your
passwords and use technologies that prevent cyberattacks, such as ransomware,"
Balasubramanian added.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
vulnerabilities
sundar balasubramanian
Point
cyber attack
CPR
Check Point Research
Balasubramanian
T-MOBILE SAYS HACKERS STEAL ABOUT 7.8 MILLION POSTPAID CUSTOMERS' PERSONAL DATA
Data from about 850,000 prepaid customers and more than 40 million records of
former or prospective customers were also stolen, T-Mobile said.
* Reuters
Click Here to Read This Story
*
*
*
*
*
*
*
*
T-Mobile US Inc said on Wednesday an ongoing investigation into a cyberattack on
its systems revealed that some personal data of about 7.8 million of its current
postpaid customers were compromised.
The company was made aware of the attack late last week, it said in a statement,
after an online forum claimed that personal data of its users were leaked.
Data from about 850,000 prepaid customers and more than 40 million records of
former or prospective customrs were also stolen, T-Mobile said.
The breached data included customers' first and last names, date of birth,
social security numbers, and driver's license information, it said, but there
was no indication of their financial details being compromised.
The telecom operator had acknowledged the data breach on Monday and said that it
was confident the entry point used to access the data had been closed.
Follow and connect with us on Twitter, Facebook, Linkedin
Security
T-mobile
subhranshu sahu
security hackers
rashmi aich
derek francis
cyber attck
-t-mobile us inc
* Trends
* Internet of Things News
* AI News
* Cloud Computing News
* Tech Mahindra News
* Big Data News
* Snapdeal News
* Flipkart News
* TCS News
* Wipro News
* Paytm News
* Industry News
* Retail News
* Auto News
* Health News
* Telecom News
* Energy News
* Real Estate News
* Technology News
* CFO News
* IT Security News
* BFSI News
* Government News
* Marketing & Advertising News
* Hospitality News
* Travel News
* HR News
* Legal News
* Infra News
* B2B News
* Features
* Case Studies
* Strategy & Mgmt
* Tech-Talk
* CIO Wall
* Secret Diary of CIO
* Healthcare
* Automotive
* Manufacturing
* Financial Services
* Retail
* IT/ITES
* Banking
* CONTACT US
ADVERTISE WITH US
We have various options to advertise with us including Events, Advertorials,
Banners, Mailers, Webinars etc.
Please contact us to know more details.
* SIGN UP FOR
ETCIO NEWSLETTER
Get ETCIO's top stories every morning in your email inbox.
75000+ Industry Leaders read it everyday
I have read Privacy Policy and Terms & Conditions and agree to receive
newsletters and other communications on this email ID.
* FOLLOW US
@ETCIO
Follow @ETCIO for the latest news, insider access to events and more.
*
*
*
* About Us
* Contact Us
* Advertise with us
* Newsletter
* RSS Feeds
* Embed ETCIO.com Widgets on your Website
* Privacy Policy
* Terms & Conditions
* Guest-Post Guidelines
* Sitemap
Copyright © 2021 ETCIO.com. All Rights Reserved.