サイバーヴィッシュ テクノロジーなどに関する最新の洞察とトレンド サイバーセキュリティ
サイバーセキュリティ

DSCI CEO: National security, building cybersecurity products on our agenda

‘Tremendous amount’ of data will be flowing into India, says DSCI The Data Security Council of India (DSCI), a group set up by IT services lobby group NASSCOM, has appointed Vinayak Godse as its chief executive officer (CEO) from October 1. Godse, in an interview with Sourabh Lele, spoke about cybersecurity for small businesses, the data protection bill, and data localisation. Godse was asked about the projects related to cybersecurity that the DSCI is working on. As a reply to the question, Godse replied that there are three key areas of work for the DSCI. One is cybersecurity, which includes the preparedness of the industry. Another is to contribute to […]

続きを読む
サイバーセキュリティ

No guns, no guards, no gates.’ NSA opens up to outsiders in fight for cybersecurity

The NSA ’s Cybersecurity Collaboration Center is designed to bring NSA cyber analysts closer to outside threat hunters. The beige corridors and heavily guarded security perimeter of Fort Meade have been traded by many of the National Security Agency’s most talented cyberthreat hunters for a surprisingly located new office — in an unsecured suburban office park in Maryland. By anchoring the center in a largely unclassified environment, NSA officials say they are trying to reduce bureaucratic barriers and make it easier for agency talent to work more closely with increasingly vital private sector security researchers. “No guns, no guards, no gates,” Morgan Adamski, the director of the CCC, told CyberScoop […]

続きを読む
サイバーセキュリティ

Critical RCE Flaw Reported in Spotify’s Backstage Software Catalog and Developer Platform

Music Platform Spotify couldn’t stop from being a prey in the hands of cyberattack. Spotify’s Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), that came to light last month. “An unauthenticated threat actor can execute arbitrary system commands on a Backstage application by exploiting a vm2 sandbox escape in the Scaffolder core plugin,” application security firm Oxeye said in a report shared with […]

続きを読む
サイバーセキュリティ

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan

Malicious apps finding its way into the Play Store Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. “Xenomorph is a trojan that steals credentials from banking applications on users’ devices,” Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis published Thursday. “It is also capable of intercepting users’ SMS messages and notifications, enabling it to steal one-time passwords and multi-factor authentication requests.” The cybersecurity firm said it also found an expense tracker app that exhibited similar behavior, but noted that it […]

続きを読む
サイバーセキュリティ

Is your Android screen lock safe? Cyber expert makes stunning claim

Beaware as anyone can bypass your Android screen lock. Is your Android phone’s screen lock really safe? A cybersecurity researcher’s claim on vulnerability affecting Google Pixel phones might cause concern among Android phone users.David Schutz, the cybersecurity expert, has claimed that the vulnerability can allow anyone to bypass the screen lock feature and unlock the smartphone. According Schutz, all the miscreant needs is a SIM card and the access to the device to unlock it. “I found a vulnerability that allowed me to unlock any @Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 […]

続きを読む
サイバーセキュリティ

Cybersecurity company Utimaco acquires PWS provider Celltick

Utimaco has announced the acquisition of global Public Warning Systems (PWS) provider Celltick. Utimaco claimed that it plans to launch its Public Warning Systems in India by forming alliances with telecom providers and state governments to send out alerts and safety messages to subscribers’ mobile phones in real time. The company is aiming to provide services for Indian governments and customers in the telecommunications and enterprise markets after the acquisition of Celltick’s expertise and Utimaco’s global network in these areas. The MAGEN (Mass Alert Geo Emergency Notification) System is a cell broadcast solution for PWS and is already deployed in multiple countries around the globe and its MAGEN CBC has […]

続きを読む
サイバーセキュリティ 未分類

Should cybersecurity be introduced as a subject to Class 9th and 10th students?

Here are some reasons to include cybersecurity in the syllabus for students of classes 9th and 10th. The internet has become the necessity of daily life in this era and the education sector is not falling behind in leveraging its benefits. Everyday is getting more digitalised than the previous day. With the increasing digitalisation, data is getting much valuable these days. Gone are the days when there would be news of thieves, dacoits etc. But newspapers nowadays are loaded with news of cyberattacks. Every department, sector, industry has got valuable data – the data which is very much precious to the cybercriminals. But the rise of cyber criminals compels every […]

続きを読む
サイバーセキュリティ

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

A new malicious campaign has compromised over 15,000 WordPress websites A new malicious campaign in an attempt to redirect visitors to bogus Q&A portals has compromised over 15000 WordPress websites.”These malicious redirects appear to be designed to increase the authority of the attacker’s sites for search engines,” Sucuri researcher Ben Martin said in a report published last week, calling it a “clever black hat SEO trick.” The threat actor operates a handful of fake low quality Q&A sites. The search engine poisoning technique is designed to promote the fake sites that share similar website-building templates. A notable aspect of the campaign is the ability of the hackers to modify over […]

続きを読む
サイバーセキュリティ

Is Egypt spying on COP27 delegates’ phones through their ‘Weaponised app’?

COP27 Could be a matter of concern as it has ‘highly intrusive’ access to locations, conversations and images. Cybersecurity concerns have been raised at the United Nations’ COP27 climate talks over an official smartphone app that reportedly has carte blanche to monitor locations, private conversations and photographs. About 35,000 people are expected to attend the two-week climate conference in Egypt, and the app i.e, COP27 has been downloaded more than 10,000 times on Google Play, including by officials from France, Germany and Canada. Egypt’s Ministry of Communications and Information Technology developed the app for the summit’s delegates.It is meant to assist attendees in smoothly navigating the conference, but “the government […]

続きを読む
サイバーセキュリティ

Nearly 70% of SMBs don’t think or aren’t sure they are ransomware target

SMBs remaining indifferent to cyberattacks Canada-based information management company OpenText released a global ransomware survey of small and medium businesses (SMBs). The survey has underscored a concerning lack of awareness among businesses with respect to ransomware attacks. According to the 1,332 security and IT professionals from small and medium-sized businesses (SMBs) surveyed, 67 per cent of respondents don’t think or aren’t sure they are a ransomware target even as 46 per cent said they have experienced a ransomware attack. Ransomware is essentially a malware that doesn’t allow the user to access files on their computer. It encrypts the files and demands a ransom payment for the decryption key. The survey […]

続きを読む