Security researchers say they've traced a spate of backdoor attacks during 2021 against pro-democracy activists in Hong Kong to a Chinese cyberespionage group that has recently retooled its arsenal. The group is tracked by the Symantec Threat Hunter Team as Daggerfly.
Indonesian authorities have restored the data of 30 of the close to 300 government ministries and services that a hacker encrypted in June during a ransomware attack on a major government-owned data center. The hacker released a decryption key, but restoration efforts have been slow.
The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The group exploits known software vulnerabilities to compromise networks.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
A growing number of legitimate banking customers in India are allowing their accounts to be used for money laundering. The governor of the Reserve Bank of India recently urged bankers to intensify their efforts to detect and shut down money mule accounts.
The AhnLab Security intelligence Center said Andariel Group targeted the update server of a South Korean ERP solution to take control of the victim company's systems and also exploited vulnerabilities in version 8.5 of Windows IIS web servers to infect and steal data from South Korean organizations.
Researchers on Zscaler's ThreatLabz team said the North Korean government-backed espionage group Kimsuky has used a malicious Google Chrome extension since March to exfiltrate sensitive information from South Korean academic institutions conducting research on North Korean affairs.
Following a ransomware attack on a major government data center last month, Indonesian President Joko Widodo has called for an audit. While the investigation is a welcome step, the country needs more than mere audits to improve its cybersecurity posture.
A Chinese cyberespionage group has been using ransomware as a distraction while conducting extensive and persistent espionage activities over the past three years. SentinelOne said the group it tracks as ChamelGang is targeting critical infrastructure organizations in East Asia and India.
Indonesia's digital transformation journey to centralize thousands of public services has hit a snag. A ransomware attack on a major data center has paralyzed hundreds of government agencies and raised questions about the government's ability to protect citizens' data security and privacy.
A Chinese state-sponsored group, tracked as RedJuliett, is using open-source VPN client SoftEther to target the infrastructure of about 75 organizations in government, academic and technology sectors in multiple countries. Most of the attacks appear to target Taiwan.
As AI continues to evolve, companies must adapt their data governance strategies to keep pace with new regulations and technologies, according to a panel of experts - Tanin Chakraborty of Biocon Biologics, Priya Muku Gora of Axtria and Krishna Srivastava of Tsaaro.
The Indian defense ministry announced a Joint Doctrine for Cyberspace Operations to enable the three military services to respond together to hostile actions in cyberspace. The plan for better coordination follows rising incidents of cyberespionage and ransomware attacks against defense groups.
Vietnam's national cybersecurity agency blamed China-based cyberespionage group Mustang Panda for two phishing campaigns in which hackers used tax compliance and education-related lures to target government, nonprofit and educational organizations to steal information from infected systems.
The Australian National Audit Office said the nation's financial crimes watchdog AUSTRAC and social security payments provider Services Australia have "partly effective" capabilities to investigate, monitor and respond to cybersecurity incidents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.