Security this week, June 1, 2020

Have a look at the recent events in security which occurred in the past week: 

Cybercriminal put Truecaller records of 4.75 Cr Indians on sale for INR 75,000

Truecaller records of 4.75 crore us for sale

Online Intelligence firm Cyble identifies a seller selling 47.5 Mn Indians’ Truecaller records for USD 1,000. The data includes phone numbers, gender, city, Facebook id, mobile network, etc. Cyble believes that this leak might have a potential impact on broader users in India such as spams, identity thefts, scams, etc. Although, Truecaller reports no security breach of its databases. Even the user information is secure, and they are constantly monitoring any kind of suspicious activity. 

Customers’ data of 3 crypto wallets, 1 investment platform hacked

Databases of 80,000 users of cyrpto wallets compromised

A hacker who was behind the attack on Ethereum is selling data of crypto-wallets like Trezor, Ledger, and Keepkey. The hacker compromised three large databases of almost 80,000 customers. This data includes their email id, name, contact number, address, and other data.  

The security of data of customers using these crypto-wallets on Shopify is in danger. Although, Shopify denies these claims and found no evidence on its systems. The hacker put database advertisements of 18 virtual currency exchanges and forums along with email lists of two crypto tax platforms. 

New android flaw affecting over 1 billion phones let attackers hijack apps

80% android users’ security vulnerable to new malware

Strandhogg 2.0, the new vulnerability affecting all android devices except those working on the latest version, Android Q/10 used only by 20% of the total Android-powered devices. Keeping this in mind, billions of people are leaving their smartphones vulnerable to attackers. This malware does not need permission to work on the device and it can be used without root access. Once installed, it gains access to private SMS messages, photos, login credentials, phone conversations, and spy through a phone’s camera and microphone. 

Kerala records the highest number of security attacks during the lockdown

Kerala tops others in terms of security breaches during lockdown followed by Punjab and Tamil Nadu

Various cybersecurity attacks within India were analyzed during the time of pandemic, and it reveals that threat actors aimed the states with covid-19 themed attacks to exploit their trust. K7 Computing’s Cyber ThreatReport found that Kerala recorded the highest number of security breaches during the lockdown. Punjab and Tamil Nadu follow Kerala in this respect. A majority of these were phishing attacks that would fool even the well-educated sections. 

Use AI with fairness and responsibility: National Tech Officer, Microsoft India

National Technology Officer, Microsoft India suggests responsible use of AI

Rohini Srivastha, National Technology Officer, Microsoft India suggests organizations and developers should look out for practices to make sure responsible use of AI since the technology has “broad ramifications”. AI is enabling multiple solutions in the times of the covid-19 pandemic. She further states developers should keep security checks while designing the product rather than setting it up after completion of the product. 

Your browser doesn’t support HTML5 audio


Digital Transformation

Demystifying DX - Stories, lessons, and applications.