Vulnerabilities Expose Private Data in Indian Government Systems
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability
The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access.
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023
Trend™ Research has been tracking an active APT threat actor named Earth Lamia, targeting multiple industries in Brazil, India and Southeast Asia countries at least since 2023. The threat actor primarily exploits vulnerabilities in web applications to gain access to targeted organizations.
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat
Chinese threat actors have already used the vulnerable and pervasive Boa server to infiltrate the electrical grid in India, in spate of malicious incidents.
Microsoft on Tuesday disclosed the intrusion activity aimed at Indian power grid entities earlier this year likely involved the exploitation of security flaws in a now-discontinued web server called Boa
Ransomware detected in India is calling upon people to assist in feeding, clothing and making healthcare accessible to the poor.
The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-IN within six hours, even if those incidents are port or vulnerability scans of computer systems. [...]