Indian Digital Payments Company MobiKwik Sharply Denies Data Breach

Ziggy ransomware operators want to give money back, Extotionware is on the rise, Hacking group that targeted India's power grid dismantles infrastructure, 5G network flaws could allow attacks, more

Help Metacurity and gain access to our archives and exclusive content. Subscribe today!

Indian digital payments company MobiKwik is sharply denying what security researchers say is a massive data breach affecting 3.5 million users that occurred at the company.

Although MobiKwik has accused the security researchers of being “media crazed,” the researchers have responded with what they claim is their own data leaked on the dark web following the breach. (Ridhima Saxena / Bloomberg Quint)

Related: India TodayTechNadu,  SiliconANGLE, LiveMintTechNaduMobiKwik, The Hacker News, MediaNama: Digital Media in India, Reuters

The administrator of Ziggy ransomware, which shut down in February, now states that they will also give the money back.

Victims have been told to contact ziggyransomware@secmail.pro with the proof of their payment in bitcoin and the computer ID, and the money would be returned to the victim’s bitcoin wallet in about two weeks. (Ionut Ilascu / Bleeping Computer)

Related: IT ProSecurity Affairs, HOTforSecurity

Extortionware by criminal hackers is on the rise, as two recent cases illustrate. In one case, the miscreants threatened to reveal an IT director's secret porn collection. In the other, the same hackers seek to pressure a US utility into paying a ransom by posting an employee's username and password for a members-only porn website.

In yet another case, a new gang has published private emails and pictures and is calling directly for the mayor of a hacked municipality in the US to negotiate its ransom. In still another case, hackers threaten to make public evidence of insurance fraud at a Canadian agriculture company. (Joe Tidy / BBC News)

Related: Reddit - cybersecurity

Recorded Future’s Insikt Group says the Chinese hacking group known as RedEcho, which has been linked with efforts to target India’s power grid, has taken down its infrastructure following the public exposure of those efforts.

RedEcho has now parked web domains previously used to control ShadowPad malware inside the hacked Indian power grid. (Catalin Cimpanu / The Record)

Related: Security Affairs, Sebdraven

Piotr Krysiuk of Symantec's Threat Hunter team discovered two new vulnerabilities in Linux-based operating systems that could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory.

In practical terms, this means unprivileged users could leverage these weaknesses to gain access to secrets from other users sharing the same vulnerable machine. (Ravie Lakshmanan / The Hacker News)

Related: SC Magazine

Give a gift subscription

A team of security researchers disclosed a critical networking flaw in the popular netmask npm library that could give rise to various vulnerabilities, from anti-Server-Side Request Forgery (SSRF) bypasses to Remote File Inclusion (RFI).

netmask developer and director of engineering at Netflix, Olivier Poitrey, pushed out a series of fixes for the bug to GitHub. (Ax Sharma / Bleeping Computer)

Related: TechNadu

A new partnership between Panasonic and McAfee plans to establish a vehicle security operations center (SOC) to tackle cyberattacks' ongoing threat. 

The partnership's goal is to "commercialize vehicle security monitoring services," with a specific focus on early detection and response.  (Charlie Osborne / ZDNet)

Related: Business Wire Technology News

Uri Katz, a security researcher for operational technology security company Claroty, discovered as many as five vulnerabilities in Ovarro's TBox remote terminal units (RTUs) that could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service.

DHS’s Cybersecurity and Infrastructure Security Agency issued a notice last week regarding these flaws and urged critical infrastructure providers to implement patches issued by Ovarro. (Ravie Lakshmanan / The Hacker News)

Related: Reddit - cybersecurityCISA

Adaptive Mobile Security uncovered three security flaws in 5G network slicing that could allow a compromised node to crash network segments and extract user data, such as location information.

AdaptiveMobile Security is working in conjunction with the GSMA, operators, and standards bodies to address the issue and update architectures to prevent exploitation. (John Leyden / The Daily Swig)

Related: TechTargetReddit - cybersecurityThe Hacker News, Adaptive Mobile

Follow Us on Twitter

Researchers at Watchguard Technologies report that detections of fileless malware, which conduct attacks without installing malicious code, soared by nearly 900% year-on-year in 2020 as threat actors worked hard to stay hidden from traditional security controls.

Toolkits like PowerSploit and CobaltStrike were particularly popular in enabling attackers to inject malicious code into running processes. (Phil Muncaster / Infosecurity Magazine)

Related: RealWireWatchGuard

Photo by Noizy Bull on Unsplash