Showing posts with label cybersecurity. Show all posts
Showing posts with label cybersecurity. Show all posts

Axis Bank Launches Safety Centre on Mobile App to Fight Digital Frauds

No comments 0
Axis Bank Launches Safety Centre on Mobile App to Fight Digital Frauds

Axis Bank, one of the largest private sector banks in India, announced the launch of its new ‘Safety Centre’ on the Axis mobile banking app ‘open’. This security hub empowers customers with real-time, customer-controlled security features to safeguard their accounts against unauthorized or suspicious activities, without the need to call customer care or visit a branch.

The Safety Centre offers granular control over key digital banking functions, enabling customers to tailor security settings based on their usage and comfort. Key features include:
  • SMS Shield: An industry-first feature, it verifies the authenticity of SMS messages by checking the Sender ID against Axis Bank’s official IDs.
  • Turn off Internet Banking: Disable Internet Banking access completely if not required. 
  • Stop Funds Transfer: Instantly restrict all fund transfer capabilities across Mobile Banking and Internet Banking with a single toggle. 
  • Prevents Online Shopping using Net Banking: This feature also blocks transactions initiated through third-party apps (e.g. e-commerce platforms) that use Net Banking as a payment mode. 
  • Stop UPI Payments: Restrict UPI transactions via the Axis Mobile Apps
  • Prevent Addition of New Payees: Ensure funds can only be transferred to existing beneficiaries.
  • Set Limits for Fund Transfers & UPI: Define per-transaction limits for fund transfers and UPI payments; higher-value transactions will require an additional authentication.
The Safety Centre delivers instant activation of security settings, ensuring changes take effect immediately without any waiting time. It provides complete control to users, enabling them to proactively secure their accounts without external assistance. By offering selective blocking and real-time controls, the feature significantly reduces the risk of digital frauds. Additionally, it enhances operational efficiency by minimizing dependency on branches or call centres, allowing faster resolution and a seamless banking experience.

Speaking on the launch, Sameer Shetty, Group Executive - Digital Business, Transformation & Strategic Programs, Axis Bank, said, “Axis Bank has always prioritized customer safety as the cornerstone of its digital-first approach. The Safety Centre represents a decisive step in tackling the surge in digital frauds by giving customers real-time control over their banking security. We are continuously strengthening our safeguards through layered protection and advanced authentication features such as SMS Shield and In-App Mobile OTP, which ensure uninterrupted access while reducing dependency on external networks. These innovations combine robust security with a seamless experience, making digital banking intuitive and reliable. By embedding future-ready capabilities, we aim to deliver a secure ecosystem that evolves with the changing threat landscape and customer expectations.”

This launch builds on Axis Bank’s Safe Banking initiative, which includes industry-first innovations such as ‘Lock FD’, preventing premature closure of fixed deposits via digital channels, and ‘In-App Mobile OTP’, generating time-based OTPs within the app to reduce SMS OTP-related frauds.

As digital banking adoption accelerates, Axis Bank continues to lead the space with customer-centric innovations, ensuring secure, flexible, and future-ready banking experiences.

To know more, click here.

Massive Browser-Based RTO Scam Targets Indian Vehicle Owners; Over 36 Fake e-Challan Domains Discovered

No comments 0
Massive Browser-Based RTO Scam Targets Indian Vehicle Owners; Over 36 Fake e-Challan Domains Discovered

  • Sophisticated Phishing Campaign Uses Localized Infrastructure Including Reliance Jio Numbers and State Bank Account Links; Shared Infrastructure Also Targets BFSI and Logistics Sectors
Cyble Research and Intelligence Labs (CRIL) has uncovered a large-scale browser-based phishing campaign targeting Indian vehicle owners through fake e-Challan portals. The sophisticated operation, which represents an evolution from previous malware-driven attacks, leverages over 36 fraudulent domains and exploits trust in Regional Transport Office (RTO) services to harvest banking credentials.

The investigation, which aligns with recent warnings from mainstream media including Hindustan Times, reveals an active and ongoing campaign using localized infrastructure to enhance credibility and maximize victim impact.

"This campaign demonstrates a pivot from the previously observed Android malware use to browser-based fraud, which significantly lowers the technical barriers and expands the pool of potential victims," said Daksh Nakra, Senior Manager of Research and Intelligence at Cyble. "The use of Indian mobile numbers registered with popular telecom operators and linked to State Bank of India accounts shows how attackers deliberately exploit trust in familiar institutions to increase success rates."

Campaign Overview and Attack Flow

Multi-Stage Phishing Operation

  • Victims receive SMS messages claiming overdue traffic fines.
  • Urgency created through threats of license suspension, court summons, and legal proceedings.
  • Messages contain shortened URLs mimicking legitimate e-Challan domains.
  • Victims are led to cloned government portals.

Key Technical Findings:

Dynamic Challan Fabrication

  • Portal generates realistic-looking violation records regardless of input.
  • Displays modest fine amounts (typically INR 590) with near-term expiration dates.
  • No backend verification occurs—purely psychological manipulation.
  • Replicates official MoRTH branding and NIC insignia.

Card Data Harvesting

  • Payment pages restrict options to credit/debit cards only.
  • Avoids traceable UPI and net banking transactions.
  • Collects full card details including CVV and expiry dates.
  • Claims processing through Indian banks.
  • Accepts repeated submissions, transmitting all data to attacker backend.

Localized Infrastructure for Enhanced Credibility

  • SMS sent from Indian mobile number registered with Reliance Jio Infocomm Limited.
  • Phone number linked to State Bank of India account.
  • Combination of local telecom carrier and public-sector bank association increases perceived legitimacy.

Shared Fraud Infrastructure Uncovered

  • Over 36 phishing domains impersonating e-Challan services.
  • Additional targets: HSBC-themed payment lures (BFSI sector).
  • Logistics company impersonation: DTDC, Delhivery.
  • Consistent UI patterns and payment-harvesting logic across campaigns.

Secondary Infrastructure

  • Multiple domains mimicking Parivahan services.
  • Automatically generated phishing domains suggesting rotation techniques.
  • Designed to evade takedowns and blocklists.
  • Same operational flow as primary campaign.

Anti-Detection Measures:

  • Content originally authored in Spanish, translated via browser prompts.
  • Indicates reuse of phishing templates across regions.
  • Browser-based warnings (Microsoft Defender) ignored due to urgency cues.
  • Domain generation techniques for infrastructure resilience.

Multi-Sector Risk:

  • Government service users (e-Challan, Parivahan).
  • Banking customers (HSBC-themed lures).
  • E-commerce users (DTDC, Delhivery impersonation).

Critical Recommendations

  • Never click links in unsolicited SMS claiming traffic violations.
  • Always verify fines directly through official government portals (parivahan.gov.in).
  • Scrutinize domains carefully—look for spelling variations and unusual TLDs.
  • Be suspicious of payment pages accepting only credit/debit cards.
  • Report suspicious messages to cybercrime authorities immediately.
Complete technical analysis, indicators of compromise (IoCs), MITRE ATT&CK mappings, and detection guidance are available in the full blog post here.

IoCs have been published to Cyble's GitHub repository for immediate integration into security platforms and threat intelligence feeds.

About Cyble

Cyble is a global AI-powered threat intelligence company providing organizations with real-time visibility into cyber threats through advanced research, dark web monitoring, attack surface management, and comprehensive security solutions. Cyble's platform delivers actionable intelligence enabling security teams to detect, respond to, and prevent cyberattacks before they cause significant damage.

For more information, visit www.cyble.com.

NTT DATA Unveils 6 New Autonomous Cyber Defense Centers Worldwide Including Bengaluru, Hyderabad, Noida & Mumbai

No comments 0
NTT DATA Unveils 6 New Autonomous Cyber Defense Centers Worldwide Including Bengaluru, Hyderabad, Noida & Mumbai
  • Four next-generation autonomous Cyber Defense Centers are now operational in India, with two additional centers planned in the UK in 2025 and the USA in 2026
  • Built with Agentic AI for SecOps, GenAI-driven threat orchestration and advanced automation that delivers up to 60% faster investigations and 90% fewer alerts
  • Adds capacity for 800+ security analysts to protect global clients 24x7 through unified, AI-driven detection and response
NTT DATA, a global leader in AI, digital business and technology services, today announced the launch of four next-generation autonomous Cyber Defense Centers powered by AI technologies in Bengaluru, Hyderabad, Noida and Mumbai, with two additional centers set to open in Birmingham (UK) in Dec 2025 and Dallas (USA) by Jan 2026.

These purpose-built Cyber Defense Centers reinforce NTT DATA’s strategic focus on modernizing cybersecurity for the AI era. They represent a shift from traditional centralized security operations to a distributed, AI-driven, hyper-automated model that learns from past incidents and human expertise to automate, triage and prioritize alerts, accelerate investigations and incident response, contain threats faster and support regional data privacy and cybersecurity regulations.

According to Omdia, autonomous Security Operations Centers (SOCs) will become the industry standard within two years, positioning NTT DATA as a leading example of how the industry is evolving toward autonomous cyber resilience.

Next-generation technology meets global and local expertise

The next-generation Cyber Defense Centers combine human security experts and AI agents to defend against evolving cyber threats. AI agents autonomously triage, analyze and hunt potential incidents, reducing investigation time by up to 60%, enabling teams to contain threats earlier in the kill chain. By automating high-volume, repetitive tasks, these capabilities free security analysts to focus on higher-value work such as digital forensics, containment and recovery.


Each center is purpose-built with cutting-edge technology. Key features include:
  • Autonomous agent-based cyberdefense and AI-driven threat orchestration to accelerate detection and response cycles.
  • Real-time global threat intelligence and localized threat hunting tailored to each region’s unique threat landscape.
  • A comprehensive portfolio of offerings, including Managed Detection & Response (MDR), Incident Response, Threat Intelligence, Compliance & Regulatory Advisory and Cloud & OT Security Services.
  • Proactive identification of new and emerging threats, along with a clear view of cyber risks and recommendations for reducing them.
  • Significant risk reduction & operational efficiency improvements, including up to 90% alert reduction and 60% faster mean time to detect and respond
  • Powered by industry-leading technology platforms that leverage NTT DATA’s strategic partnerships.
Our clients’ innovation and growth are driven by rapid adoption of cloud and AI technologies that must be secured at speed and scale,” said Charlie Li, Head of Cloud and Security Services, NTT DATA, Inc. Our expanding footprint of next-generation Cyber Defense Centers enables us to meet the rising demand for AI-powered cybersecurity services, defend against AI-enabled threats and help our clients advance their edge-to-cloud digital transformation journeys.”

Global network with local expertise

The four Cyber Defense Centers in Bengaluru, Hyderabad, Noida and Mumbai, expand NTT DATA’s global cybersecurity footprint across five continents, supported by more than 40 delivery centers and SOCs in over 50 countries.

Together, these centers enhance coverage for more than 1,200 global clients by combining regional expertise with agentic AI, advanced automation and next-generation technologies.

The centers provide 24x7 unified threat monitoring, detection, response and incident management and are fully integrated with NTT DATA’s SecOps global network, delivering AI-driven insights and threat intelligence through a single dashboard for identification, detection, protection and recovery.

Additional Cyber Defense Centers will launch in Birmingham (UK, Dec 2025) and Dallas (USA, Jan 2026) further strengthening regional capabilities across NTT DATA’s global network.

These “glocal” Cyber Defense Centers operate in collaboration with regional Computer Emergency Response Teams (CERTs), National Cyber Security Centres (NCSCs) and government agencies to help clients meet local data privacy and AI-regulation requirements.

Sheetal Mehta, Head of Cybersecurity, NTT DATA, Inc

Today’s threat environment demands intelligent, adaptive defenses that combine global insight with local expertise to help organizations continuously reduce risks and build resilience,” said Sheetal Mehta, Head of Cybersecurity, NTT DATA, Inc.With the addition of these AI-powered Cyber Defense Centers, we are advancing our vision of a globally interconnected cyberdefense network that combines cutting-edge technology, strategic partnerships and world-class talent.”

Benefits for clients

Next-generation AI-powered cyberdefense: As adversaries adopt AI and autonomous tactics, AI-enabled platforms help clients confidently address threats, navigate change confidently and build long-term digital trust.
Enhanced regional coverage with global intelligence: Global enterprises receive world-class unified detection and response services with local and global capabilities, bringing global threat intelligence closer to business operations and ensuring compliance with regional data privacy and regulatory requirements.
Expanded talent pool: Increased capacity of global and local cybersecurity professionals delivered through these new centers allows NTT DATA to scale human expertise alongside intelligent automation.
Secure digital transformation and growth: Clients can accelerate edge-to-cloud transformation while continuously protecting their expanding digital ecosystems.

More information can be found here Agentic AI for SecOps | NTT DATA.

About NTT DATA

NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 70 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D. Visit us at nttdata.com

AI and Cloud Security Emerge as the Top Cybersecurity Investment Priority for Companies in a Shifting Risk Landscape: PwC

No comments 0
AI and Cloud Security Emerge as the Top Cybersecurity Investment Priority for Companies in a Shifting Risk Landscape: PwC
  • Nearly 87% of organisations say their cyber budget will increase over the next 12 months, as businesses continue to contend with a widening array of cyber risks. 
  • Investment in artificial intelligence was the top budget priority (46%) over the next 12 months, followed by cloud security (33%), cyber managed services (28%), and data protection (26%)
  • Nearly 25% of Indian enterprises report losses exceeding $1 million from their most severe cyber breach in the past three years.
  • Cyber skills deficits weigh: a lack of knowledge in the application of AI for cyber defence (60%) and lack of relevant skills (50%) were the top two challenges over the last 12 months in implementing AI for cyber defence
AI tops the agenda for cybersecurity leaders when it comes to cyber budget allocations, addressing cyber talent shortages, and bolstering cyber defence capabilities over the next 12 months, according to PwC’s 2026 Global Digital Trust Insights survey.

The 2026 Global Digital Trust Insights is a survey of 3,887 business and technology executives conducted in the period from May to July 2025. The India edition of the global survey report focuses on the responses of the executives of 138 Indian businesses.

Less than or roughly half of organisations say they are “very capable” to address areas including Unpatched software updates (57%), weak authentication and access controls (55%), Lack of visibility into end points (55%), supply chain vulnerabilities (52%), with vulnerable connected products/devices (49%), insufficient network architecture (48%) and legacy systems (45%) among the weakest spots among the areas surveyed.

Sundareshwar Krishamurthy, Partner and India Cyber Leader, PwC India, said “India’s cybersecurity posture is evolving rapidly, driven by executive alignment and a growing recognition that cyber is central to business strategy. With 72% of organisations prioritising cyber risk at the board level, the shift from reactive defence to intelligence-led resilience is well underway. AI, cloud security, and managed services are now core to India’s cyber investment agenda. However, resilience demands foresight. Organisations remain underprepared to tackle third-party breaches and quantum threats, two of the most pressing risks in today’s digital ecosystem. The persistent talent gap further complicates execution, especially in areas like AI-enabled defence and quantum cryptography. Looking ahead, the organisations that will lead are those embedding cybersecurity into core decision-making, aligning budgets to emerging risks, and building teams capable of anticipating not just reacting to threats. Resilience will come from foresight, not hindsight.”

AI emerges as top-of-mind for cyber security leaders and budgets

Cyber budgets are still rising, though at a more deliberate pace. This year, 87% of leaders of Indian organisations expect their cyber budgets to grow in the coming year and nearly one-third of them plan to boost spending by more than 10%—a slight dip from last year’s 93%, yet a strong signal of sustained investment. This highlights the continuing importance organisations are placing in bolstering their cyber security capabilities as the risk landscape continues to evolve. Notably, just over one-third (38%) of these said their budgets would likely increase 6-10%.

Looking within cyber budget priorities, investment in AI (46%) was the top priority over the next 12 months, ahead of cloud security (33%), and cyber managed services (28%), as AI’s rapid advance continues to transform the digital landscape.

When looking at the AI security capabilities organisations are prioritising over the next 12 months, more than half (60%) of security leaders are prioritising AI threat hunting capabilities, with nearly 47% prioritising other capabilities such as agentic AI.

More organisations are now quantifying cyber risk

As organisations contend with a rising array of cyber risks – they are also increasingly putting a number behind it. Half now report using cyber risk quantification to measure financial impact to a significant or large extent.

This comes as nearly a quarter (25%) of businesses say their most damaging data breach in the past three years cost their organisation at least US $1 million, with exposure highest among enterprises generating $5 billion or more in revenue (45%).

Skills gaps weigh on bolstering AI and cyber defence capabilities

Cyber security workforce shortages continue to impede progress as organisations operationalise AI, secure complex environments and prepare for the next generation of threats.

Over half (60%) of respondents said a lack of knowledge in the application of AI for cyber defence, or lack of relevant skills (50%), were the biggest internal challenges to implementing AI for cyber defence over the last 12 months.

But while talent shortages weigh – business is responding by prioritising areas such as AI and machine learning tools (61%), cyber tool consolidation (51%), security automation tools (49%), and upskilling or reskilling (49).

The cyber skills deficit challenge runs deeper beyond preparation for AI. More than half (55%) of leaders cite a lack of qualified personnel as a top challenge when securing operational technology (OT) and the industrial internet of things (IIoT) systems.

At the same time, as quantum technologies are advancing and represent one of the top-ranked threats organisations are least prepared to address (after third party breaches, 18%; followed by attacks ransomware (13%), cloud-related threats (12%), on connected products (8%)), nearly 40% haven’t considered or started implementing any quantum-resistant security measures due to a lack of understanding about post-quantum risks, limited internal resources and competing demands.

About PwC’s 2026 Global Digital Trust Insights survey

The 2026 Global Digital Trust Insights is a survey of 3,887 business and technology executives conducted in the period from May to July 2025. The India edition of the global survey report focuses on the responses of the executives of 138 Indian businesses. 33% of the respondents are executives in large Indian companies with $1 billion or more in revenue; 34% are in companies with $10 billion or more in revenues. 64% of the respondents from India who participated in our survey are tech executives and 36%, business executives.

PwC Research, PwC’s global Centre of Excellence for market research and insight, conducted this survey.

About PwC

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help build, accelerate and sustain momentum.

Hexaware Acquires CyberSolve to Strengthen Global Identity Security and AI-Driven Cyber Resilience

No comments 0
Hexaware Technologies [NSE: HEXT], a global provider of IT solutions and services, today announced it has acquired CyberSolve, a global specialist in identity and access management (IAM) solutions. Together, the companies will help enterprises modernize identity foundations, automate controls with artificial intelligence (AI), and run secure operations across complex, hybrid technology estates.

Across boardrooms, chief information officers cite cybersecurity as a top priority, as trusted digital identity—and the governance, risk, and compliance frameworks around it—now underpin every transformation, from cloud adoption and application modernization to data protection and workforce productivity.

CyberSolve brings nearly a decade of focused work in large identity programs, with 230+ specialists, 20+ IAM tech alliances, and 650+ implementations across sectors including retail, healthcare, pharma, automotive, financial services, logistics, government, and technology. Its teams are known for fast, reliable app onboarding, smooth platform migrations, and audit-ready operations. Hexaware adds consulting depth, engineering excellence, and 24x7 cybersecurity and resilience operations, spanning GRC, cloud security, and DevSecOps—helping clients move from isolated fixes to an integrated identity capability that reduces risk and accelerates growth at global scale.

Cybersecurity has moved from an IT concern to a business imperative, and chief information officers tell us that getting identity right is at the top of the agenda,” said Siddharth Dhar, President & Global Head – Digital IT Operations & AI, Hexaware. “By bringing CyberSolve into Hexaware, we combine their craftsmanship in identity programs with our platform-led delivery and global operations. Clients will see faster value, stronger controls, and a clearer path to secure digital growth.”

Our mission has always been to inspire trust in every digital interaction,” said Mohit Vaish, CEO, CyberSolve. “Joining Hexaware allows us to scale that mission—expanding our reach, applying AI more deeply, and creating measurable security outcomes for enterprises worldwide.”

Atul Agrawal, Managing Partner, CyberSolve, said, “We’re truly delighted to join Hexaware. The combined strengths of our IAM expertise and Hexaware’s AI-first operations create tremendous potential to redefine how global enterprises approach digital identity and security.”

Shubham Khandelia, Managing Partner, CyberSolve, added, “This is an exciting milestone for our people and clients alike. Together, we can deliver broader capabilities, faster innovation, and stronger assurance, building on our shared commitment to trust and excellence.

Client organizations also welcomed the announcement. Chris Lugo, VP – CISO, Blue Cross Blue Shield Association, said, “CyberSolve has consistently helped bring clarity and momentum to complex initiatives. With Hexaware, they’ll have the scale and structure to deliver even greater impact. I’m excited to see what the two teams achieve together.

The combined team will focus on what leaders need most today, delivering accurate and effective identity security, dependable operations, and easier adoption of change across large enterprises, resulting in faster onboarding, smoother migrations, continuous compliance, and secure work from anywhere.

Operant AI Uncovers Stealth Exploit Targeting MCP Connected AI Assistants

No comments 0
Operant AI Uncovers Stealth Exploit Targeting MCP Connected AI Assistants
  1. A critical security flaw in MCP (Model Context Protocol) enables invisible data theft across all major AI and Agentic platforms
  2. New attack class exploits trusted AI agents to silently exfiltrate critical PII, including SSNs, medical records, and financial data. 
  3. The discovery of Shadow Escape comes amid Cybersecurity Awareness Month, underscoring the urgent need for AI-native defense mechanisms as enterprises accelerate adoption of agentic AI frameworks.
Operant AI, the world’s only Runtime AI Defense Platform, today disclosed the discovery of Shadow Escape, a powerful zero-click attack that exploits Model Context Protocol (MCP) and connected AI agents. The exploit enables data exfiltration via popular AI agents and assistants, including ChatGPT, Claude, Gemini, and other LLM-powered agents.

As enterprises rapidly adopt agentic AI through MCP servers and MCP-based integrations to connect large language models (LLMs) to internal tools, APIs, and databases, Shadow Escape demonstrates a new class of threats that operate entirely inside the firewall and within authorized identity boundaries, making them invisible to conventional cybersecurity monitoring.

The Shadow Escape attack demonstrates the absolute criticality of securing MCP and agentic identities. Operant AI's ability to detect and block these types of attacks in real-time and redact critical data before it crosses unknown and unwanted boundaries is pivotal to operationalizing MCP in any environment, especially in industries that have to follow the highest security standards, said Donna Dodson, the former Chief of Cybersecurity at NIST.

According to McKinsey’s 2025 Technology Trends Outlook, nearly 80% of enterprises are now using generative or agentic AI assistants for critical business functions—many of which depend on MCP for secure access management and workflow automation. Operant AI’s research estimates that trillions of private records may be at risk of exposure through such zero-click MCP-based data exfiltration chains.

Operant AI has formally reported this security issue to OpenAI and initiated the Common Vulnerabilities and Exposures (CVE) designation process. Critically, this is not a vulnerability specific to any individual LLM or Agent provider; it represents a fundamentally new attack path that affects any AI agent or AI application that utilizes MCP.

The Attack Chain

Unlike traditional prompt injection or data leaks, this attack doesn’t need user error, phishing, or malicious browser extensions. Instead, it leverages the trust already granted to AI agents and AI assistants through legitimate MCP connections.

The attack unfolds in three stages:
  1. Infiltration: Malicious instructions are embedded invisibly in documents uploaded to AI agents—documents that appear completely legitimate and pass standard security scans. 
  2. Discovery: AI agents proactively discover and surface sensitive data across connected databases without explicit user requests, leveraging MCP's powerful cross-system access capabilities. 
  3. Exfiltration: Hidden directives instruct the AI agent to transmit entire datasets to external endpoints, disguised as routine performance tracking or analytics uploads
The attack first enables the AI agent to access and display critical PII data to any human interacting with it, violating basic data governance standards, including HIPAA and PCI compliance. It then uses an invisible zero-click instruction to extract that PII, including Social Security numbers, medical record numbers, and other personally identifiable information (PII) to the dark web, all without IT or standard security measures blocking or detecting the breach. Using the Shadow Escape attack path, malicious entities are able to gain everything needed to perpetrate identity theft, Medicare fraud, financial fraud, and more, all without users or IT organizations realizing the exfiltration is happening.

Shadow Escape Is Not Limited to One AI Provider or Platform

Shadow Escape affects any organization using MCP-enabled AI agents or MCP-connected AI assistants, including ChatGPT (OpenAI), Claude (Anthropic), Gemini (Google), Custom AI agents built on various LLM backends, Open-source alternatives like Llama-based assistants, and Industry-specific AI copilots across healthcare, finance, and customer service. The common thread isn't the specific AI Agent—it's the Model Context Protocol that grants these agents unprecedented access to organizational systems.

Beyond Traditional Security

"While MCP has become a foundational protocol enabling powerful AI integrations, our research reveals that standard MCP configurations create unprecedented attack surfaces that operate beyond the reach of traditional security controls," said Vrajesh Bhavsar, CEO and co-founder of Operant AI. "Shadow Escape demonstrates how AI agents can be weaponized through 0-click attacks that are invisible to both users and conventional security methods. The attack happens entirely within authenticated sessions, using legitimate credentials, making the blast radius potentially catastrophic given the scale and speed at which agents can operate."

Shadow Escape can impact many highly sensitive, privacy-regulated, and commonly used AI/Human interactions, including medical assistants using AI to access patient records, insurance databases, or treatment protocols or banking representatives using AI copilots connected to transaction systems, credit databases, or fraud detection monitoring systems.

Operant AI's Security Research team recommends organizations take immediate action to assess and secure their MCP deployments by conducting comprehensive audits of all AI agents and AI assistants with MCP access to organizational systems, databases, and APIs; implementing runtime AI defense guardrails capable of detecting and blocking zero-click data exfiltration attempts; establishing MCP trust zones with explicit allow-listing of authorized servers and real-time blocking of untrusted connections; deploying sensitive data flow monitoring with in-line auto-redaction capabilities for PII, PHI, and financial information; and reviewing and governing MCP tools access following least-privilege principles.

For more information about Shadow Escape and Operant AI's MCP and AI security solutions, visit: www.operant.ai/art-kubed/shadow-escape

About Operant AI

Operant AI, the world’s only Runtime AI Defense Platform, delivers comprehensive, real-time protection for AI applications, AI agents, and MCP. Operant AI’s AI Gatekeeper and MCP Gateway are specifically designed for the unique challenges of the modern AI-native world.

With its advanced cloud-native discovery, detection, and defense capabilities, Operant AI is able to actively detect and block the most critical modern attacks including prompt injection, data exfiltration, and MCP tool poisoning, while keeping AI applications running in private mode with in-line auto-redaction of sensitive data and contextual IAM for AI Agents. Operant AI empowers security teams to confidently deploy AI applications and agents at scale without sacrificing safety or compliance.

Operant AI is the only representative vendor listed by Gartner for all four core AI-security categories: AI TRiSM (Trust, Risk, and Security Management), API Protection, MCP Gateways, and AI Agents. Founded in 2021 by Vrajesh Bhavsar, Dr. Priyanka Tembey, and Ashley Roof—industry experts from Apple, VMware, and Google respectively, Operant AI is a San Francisco-based Series A company funded by Silicon Valley venture capital firm Felicis and Washington DC venture capital firm SineWave.

Wipro and CrowdStrike Expand Alliance to Launch AI-Powered CyberShield MDR

No comments 0

Organizations today face an overwhelming volume of alerts from siloed security tools that fail to stop adversaries. Fragmented security operations across endpoints, cloud workloads, identity, and data drive complexity, increase costs, and create operational blind spots. Wipro CyberShield MDR, powered by CrowdStrike Falcon® Next-Gen SIEM, addresses these challenges by enhancing threat visibility, simplifying operations, and strengthening resilience against evolving threats.

Falcon Next-Gen SIEM combines native Falcon platform and third-party data with real-time threat intelligence and AI-powered automation to supercharge threat detection and response across the enterprise. Leveraging Falcon Next-Gen SIEM and Wipro's global ecosystem – along with Wipro Ventures’ portfolio companies Simbian and Tuskira – CyberShield MDR delivers intelligent defense, proactive breach protection, continuous detection, and rapid response to keep organizations resilient and future-ready against AI-driven threats. Wipro’s cybersecurity experts will manage and host the services from eight Cyber Defense Centers (CDCs) strategically located around the globe.

“Wipro’s CyberShield platform, powered by CrowdStrike’s AI-native product suites and strengthened by our security ecosystem will help enterprises contain threats swiftly and ensure continuity of digital operations,” said Tony Buffomante, Senior Vice President & Global Head – Cybersecurity & Risk Services, Wipro Limited. “This integrated platform approach enables AI automated workflows, prevents lateral threat movement, and eliminates potential security gaps that fragmented solutions often miss.”

“The Falcon platform supercharges Wipro’s CyberShield Managed Security Services to deliver real-time attack detection, faster response and outcomes that stop breaches,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Together, we’re simplifying operations across Wipro’s ecosystem of partners — reducing costs, accelerating time-to-value and giving customers the confidence to stay ahead of today’s adversaries.”

Wipro CyberShieldSM MDR unified MSS will be launched at CrowdStrike Fal.Con 2025.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading AI-powered technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. Wipro Innovation Network, which brings together our clients, partners, academia, and tech communities, reflects our commitment to client-centric co-innovation. As a part of this, the Innovation Labs and Partner Labs, located across the globe, allow us to collaborate with clients to solve real-world challenges and showcase cutting-edge industry solutions that explore the future of technology. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

Accenture Announces Its Largest Ever Cybersecurity Acquisition of CyberCX

No comments 0
Accenture Announces Its Largest Ever Cybersecurity Acquisition of CyberCX

Global consulting giant Accenture has announced its largest-ever cybersecurity acquisition, acquiring Australian firm CyberCX in a landmark deal reportedly valued at $650 million. The move significantly expands Accenture’s cyber defense capabilities across the Asia-Pacific region and beyond.

CyberCX is one of the largest and most prominent cybersecurity firms in the Asia Pacific region. The company’s end-to-end services extend across consulting, transformation and managed security services and include advanced capabilities in offensive security and cyber physical security, crisis management, threat intelligence, managed detection and response, as well as strategic advisory, identity, cloud and network security.

Accenture’s acquisition of Australian cybersecurity firm CyberCX for a reported $650 million marks its largest-ever cybersecurity deal to date.

Why CyberCX?

  • CyberCX employs approximately 1,400 cybersecurity professionals.
  • Operates across Australia, New Zealand, London, and New York.
  • Specializes in sovereign cloud security, threat intelligence, and crisis response.
  • Offers advanced AI-powered cybersecurity platforms.
CyberCX was founded in October 2019 by John Paitaridis, who serves as CEO, and Alastair MacGibbon, the company’s Chief Strategy Officer. Paitaridis brought extensive experience from his leadership roles at Optus and Telstra, while MacGibbon contributed deep expertise from his tenure as Australia’s national cybersecurity advisor. Their vision was to create a sovereign cybersecurity powerhouse rooted in Australian and New Zealand capabilities.

CyberCX was financially backed by BGH Capital, a private equity firm that facilitated the rapid consolidation of 17 cybersecurity businesses to form CyberCX. This strategic roll-up enabled CyberCX to quickly establish itself as a dominant force in the region’s cybersecurity landscape.

    Strategic APAC Expansion

    Australia has faced a wave of high-profile cyberattacks in recent years, including breaches at Optus, Medibank, and Qantas. CyberCX’s strong local presence and government partnerships make it a strategic asset for Accenture’s push into the region. The acquisition positions Accenture as a dominant force in securing digital ecosystems across APAC.

    Accenture’s Cybersecurity Growth Trajectory

    Since 2015, Accenture has completed 20 security acquisitions, including most recently acquiring Morphus, MNEMO Mexico and Innotec Security.

    YearCompanyCountry
    2023MorphusBrazil
    2022MNEMOMexico
    2021Innotec SecuritySpain
    2025CyberCXAustralia

    What This Means for the Industry

    The acquisition signals a broader trend of consolidation in the cybersecurity sector, as global firms race to bolster defenses against increasingly sophisticated threats. For Accenture, it’s a bold step toward becoming the go-to provider for end-to-end cyber resilience, especially in geopolitically sensitive regions.

    TAC InfoSec’s CyberScope Files U.S. Patent for World’s First AI-Powered Blockchain Trust Scoring Platform

    No comments 0
    • A Patent-Backed Innovation Designed to Drive Revenue, Market Share, and Client Confidence
    • Strengthening TAC Security’s Global IP Portfolio and Competitive Edge in Cybersecurity
    • Unlocking New Commercial Opportunities in Web3 Risk Intelligence with Web3 Arm “Cyberscope”
    • The First AI-Optimised Security Engine to Fuse On-Chain, Off-Chain, and Market Data at Scale
    • Reinforcing TAC Security’s Position as a Global Leader in Next-Gen Cyber Intelligence
    TAC InfoSec Limited (NSE: TAC), a global leader in cybersecurity and vulnerability management, today announced that its Web3 Security arm, CyberScope, has filled patent for CyberScope Cybersca in the United States — the world’s first AI-optimised, multi-domain blockchain trust scoring and fraud detection platform.

    This breakthrough is designed to give investors, exchanges, and regulators a real-time, verifiable trust score for every blockchain project — turning fragmented, manual due diligence into instant, actionable intelligence.

    Defining the Next Era of Web3 Security Trust

    CyberScope Cyberscan fuses on-chain, off-chain, and Web2 data at scale; delivering actionable security intelligence in under five seconds. The patented technology is set to unlock new commercial opportunities across the $20B+ blockchain security market, reinforcing TAC Security’s global IP portfolio and leadership in next-gen cyber intelligence.

    Key Industry-First Capabilities:
    • Dual-Mode Polling Engine — Combines Slow Mode batch re-indexing for deep coverage with Fast Mode real-time scans for instant insights. 
    • Multi-Domain Intelligence Fusion — Integrates smart contract analysis, liquidity metrics, GitHub activity, DNS audits, and KYC/Audit verification into a unified trust score.
    • Adaptive Prioritization — Dynamically targets high-risk projects based on listing status, market cap, and activity spikes.
    • Live Malicious Behavior Detection — Flags honeypots, rug pulls, liquidity manipulation, and privileged functions before damage occurs.
    • Cross-Domain Correlation Engine — Links suspicious blockchain activity with anomalies in domain registration, code changes, and market behavior.

    Business Impact

    • Reducing Investor Risk — Instant red flags for scam patterns and security vulnerabilities.
    • Empowering Exchanges & Launchpads — Automated, embedded trust scoring via developer-ready API.
    • Regulatory Alignment — Standardized, auditable trust metrics for compliance reporting.
    • Driving Market Confidence — A scalable framework for capital markets to safely embrace Web3.
    Trishneet Arora, Founder & CEO, TAC Security: “For the decentralized economy to thrive, trust can’t be optional — it must be engineered into the system. CyberScope doesn’t just measure credibility, it defines it — instantly, for every project in the market. This is the intelligence layer that empowers investors to act decisively, enables exchanges to list with confidence, and allows capital to move into Web3 without hesitation. With this patent, we’re not just talking about blockchain trust; we’re building it, today.”

    Saransh Rawat, CTO, TAC Security & Co-Founder, CyberScope, said, “Every once in a while, a technology comes along that changes the rules entirely — Cyberscan is that moment for Web3 security. We’ve created a platform that doesn’t just scan; it understands. It reads the signals across blockchains, marketplaces, and code repositories, turning them into instant, trustworthy intelligence. This is the foundation for a safer, smarter, and truly scalable decentralized future.”

    About TAC Security (TAC InfoSec Limited) – Symbol - NSE: TAC

    TAC Security, a leading global cybersecurity company specialising in vulnerability management, is a publicly listed cybersecurity company that made headlines with its oversubscribed IPO worth $1 billion. TAC Security’s flagship product, ESOF (Enterprise Security in One Framework), excels in cyber scoring, cyber risk quantification, and leveraging advanced AI for vulnerability assessment and penetration testing.

    TAC Security holds prestigious certifications like CREST PT, SOC2 and ISO 27001, IoXT Security Assessor and partners with tech giants such as Google, Microsoft, and Meta for ADA’s CASA (Cloud Application Security Assessment). Serving a diverse global clientele, TAC Security is committed to innovation and excellence in cyber security for Fortune 500 companies, start-ups, and Governments Globally.

    For more information, visit https://tacsecurity.com

    About CyberScope, a TAC Security Company

    Cyberscope, a TAC Security Company, is a leading provider of Web3 Security, smart contract auditing, and compliance solutions, serving a global client base across the decentralized finance, blockchain, and digital asset sectors. Founded in 2023, the company has completed over 2,700 smart contract audits and 500+ KYC verifications, securing more than $2 billion in digital assets for over 3,000 clients. Cyberscope’s proprietary tools combine automated and manual analysis to deliver rapid, high-quality security assessments recognized by major industry platforms such as CoinMarketCap, PinkSale, and DxSale. With a reputation for quality, speed, and trust, and backed by the resources and global reach of TAC Security, Cyberscope is positioned to set new standards for security, transparency, and compliance in the rapidly evolving Web3 ecosystem.

    For more information, visit https://cyberscope.io

    Voice Phishing Breach at Cisco: ShinyHunters Suspected in CRM Data Heist

    No comments 0
    Voice Phishing Breach at Cisco: ShinyHunters Suspected in CRM Data Heist

    Cisco has confirmed a targeted voice phishing (vishing) attack that compromised user profile data stored in a third-party cloud-based Customer Relationship Management (CRM) system. The breach, discovered on July 24, 2025, involved an attacker impersonating a trusted entity over the phone to manipulate a Cisco representative into granting unauthorized access.

    Cisco Vishing Attack: What Happened

    On July 24, 2025 (GMT+9), Cisco was alerted to a voice phishing (vishing) attack targeting one of its representatives. The attacker impersonated a trusted entity over the phone and successfully manipulated the employee into granting access to a third-party, cloud-based Customer Relationship Management (CRM) system.

    What Data Was Compromised

    The attacker exported a subset of basic profile information from users who had registered on Cisco.com:
    Compromised Data
    Full names
    Organization names
    Physical addresses
    Cisco-assigned user IDs
    Email addresses
    Phone numbers
    Account-related metadata (e.g., account creation date)

    No passwords, confidential customer data, or proprietary information were accessed.

    Cisco’s Response

    Cisco took immediate action:
    • Terminated the attacker’s access to the CRM system
    • Launched a full investigation
    • Notified affected users and data protection authorities
    • Confirmed no impact to other CRM instances or Cisco products/services

    They also committed to:
    • Re-educating personnel on identifying and preventing vishing attacks
    • Implementing enhanced security measures to prevent recurrence

    Broader Context

    This breach appears to be part of a larger campaign targeting companies using Salesforce and other CRM platforms. Other victims include Allianz Life, Tiffany & Co., and Qantas. The ShinyHunters extortion group is suspected to be behind these coordinated attacks.

    Deeptech QNu Labs Launches QNu Academy to Power India’s Quantum-Ready Workforce

    No comments 0
    Deeptech QNu Labs Launches QNu Academy to Power India’s Quantum-Ready Workforce
    • This launch marks a strategic milestone in India's journey toward achieving quantum self-reliance & digital sovereignty
    • The academy is designed to serve a wide range of learners, including universities, faculties & students to build a skilled workforce capable of securing India’s digital future

    QNu Labs, India’s first and world’s no.1 integrated end-to-end quantum secured cybersecurity platform today announced the launch of QNu Academy, a global educational initiative aimed at building a future-ready talent pipeline in quantum technologies and cyber-security. As India advances its digital infrastructure and aligns with the National Quantum Mission, QNu Academy, backed by National Quantum Mission aims to bridge the existing talent gap. This launch marks a strategic milestone in India's journey toward achieving quantum self-reliance and digital sovereignty.

    QNu Academy offers in-depth education and practical training in advanced technologies such as Quantum Key Distribution (QKD), Quantum Random Number Generation (QRNG), and Post-Quantum Cryptography (PQC). The curriculum blends self-paced learning and instructor-led modules, curated in collaboration with experts from premier Indian institutions like the IITs and DRDO, as well as global quantum research bodies. Learners benefit from real-world use cases, hands-on lab assignments, continuous assessments, and mentorship from industry practitioners.
    • The academy is designed to serve a wide range of learners, including universities, faculties, and students, to build a skilled workforce capable of securing India’s digital future. In addition, QNu Academy actively supports educational institutions through Faculty Development Programs and the creation of Centres of Excellence (CoE) Labs to promote quantum innovation and applied research. Placement support, certifications and career readiness initiatives are also integrated into the learning journey.

    Speaking on the launch, Sunil Gupta, Co-Founder & CEO of QNu Labs, said, “QNu Academy is more than an educational platform. It is a national mission to democratize access to quantum education and build widespread awareness around quantum communications. Our goal is to create a sustainable ecosystem for quantum learning in India through faculty development programs, industry-relevant programs, CoE labs, certified programs, real-time projects, and assignments with placement opportunities to develop quantum experts, empowering you to become a future leader. The future of cybersecurity in India depends on how well we prepare today’s learners to tackle tomorrow’s threats.

    Through QNu Academy, we hope to foster a culture of innovation, encourage indigenous R&D in quantum tech and empower India’s workforce to lead on the global stage,” he added.

    QNu Academy represents a timely and important investment in human capital. The program aligns well with India’s broader goals of technological development, digital resilience, and global leadership in quantum innovation. It is envisioned as a long-term commitment to enabling India’s readiness for quantum disruption and equipping the country with the skilled manpower needed to thrive in the post-quantum era.

    Quick Heal's Seqrite Labs Identifies 650+ Cyber Incidents Linked to Geopolitical Tensions Surrounding ‘Operation Sindoor’

    No comments 0
    Quick Heal's Seqrite Identifies 650+ Cyber Incidents Linked to Geopolitical Tensions Surrounding ‘Operation Sindoor’

    Quick Heal Technologies Limited, a global cybersecurity solutions provider, through its Seqrite Labs, India’s largest malware analysis facility, has revealed some critical details about coordinated cyberattacks exploiting geopolitical tensions during ‘Operation Sindoor’, India’s military counterterrorism response to the April 22, 2025 Pahalgam terror attack. While the Indian Armed Forces conducted precision strikes on terrorist infrastructure in Pakistan-administered Kashmir from May 7-10, 2025, the threat intelligence team at Seqrite Labs, identified parallel cyber campaigns by Pakistan-aligned threat actors targeting defense, healthcare, telecom, and government sectors across India.

    The cyber offensive began on April 17, 2025, with spear-phishing emails distributing weaponized files such as Final_List_of_OGWs.xlam and Preventive_Measures_Sindoor.ppam. These attachments exploited public concern about national security by masquerading as official Indian government advisories. Forensic analysis confirmed the use of Ares RAT, an evolved variant of APT36’s Crimson RAT malware, which established covert communication channels with command-and-control (C2) servers at IP 167.86.97[.]58:17854. Attackers spoofed legitimate Indian domains like nationaldefensecollege[.]com and zohidsindia[.]com to bypass security protocols.

    Between May 7-10, Seqrite’s telemetry recorded 650+ cyber incidents, including DDoS attacks on telecom providers (Jio, BSNL), defacements of state education portals, and credential harvesting campaigns against healthcare institutions like AIIMS and Apollo Hospitals. Hacktivist collectives such as #OpIndia and #OperationrSindoor coordinated via Telegram, claiming responsibility for leaking sensitive data from defense contractors and municipal databases.

    The attackers’ infrastructure leveraged virtual private servers (VPS) in Russia, Germany, and Indonesia to mask origins. Malicious .ppam and .Ink files triggered PowerShell scripts that disabled security tools, exfiltrated military communication logs, and deployed ransomware on healthcare systems. Seqrite’s countermeasures included 26 custom detection signatures deployed across Seqrite XDR, integration of YARA rules into national threat intelligence platforms, real-time alerts for spoofed domains, and threat advisory dissemination to Indian entities.

    The targeted cyberattacks on Indian institutions in wake of rising geopolitical tensions between India and Pakistan paint a clear picture of how nation-state actors now collaborate with non-state hacktivists, merging technical intrusion with psychological operations. The evolution of APT36 and the simultaneous hacktivist attacks signal a deliberate convergence of cyber espionage and ideological warfare. Instead of isolated malware campaigns, we now face digitally coordinated war games run with a common objective: that of destabilizing, disinforming, and disrupting.

    In light of these alarming findings, Seqrite urges organizations to exercise utmost caution with respect to their digital security. It is advised to adopt a zero-trust approach, deploy advanced, multi-layer security systems, create regular backups, and conduct awareness drives to impart essential cybersecurity training which can help reduce human error. Seqrite’s cutting-edge suite of cybersecurity solutions, including EPS, ZTNA, EDR, and XDR, along with Seqrite Malware Analysis Platform and Seqrite Threat Intel Platform, can help organizations of all sizes strengthen their cybersecurity stanc

    Hackers vs. AI: 86% of Firms Hit by Cyber Threats—Who’s Winning?

    No comments 0
    Hackers vs. AI: 86% of Firms Hit by Cyber Threats—Who’s Winning?

    Cisco's 2025 Cybersecurity Readiness Index reveals that only 4% of organizations worldwide have reached a "Mature" level of cybersecurity readiness. This is a slight improvement from last year's 3%, but it still highlights significant gaps in global preparedness.

    The Index evaluates companies' readiness across five pillars—Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification— and encompassing 31 solutions and capabilities. Based on a double-blind survey of 8,000 private sector security and business leaders in 30 global markets, respondents detailed their deployment stages for each solution. Companies were then categorized into four readiness stages: Beginner, Formative, Progressive, and Mature.

    2025 Cybersecurity Readiness Index

    Key Findings:

    The lack of cybersecurity readiness globally is alarming as 71% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months.
    • AI-related security incidents affected 86% of organizations in the past year.
    • 49% of respondents believe their employees fully understand AI-related threats, while 48% think their teams grasp how malicious actors use AI for attacks.
    • Nearly half of organizations suffered cyberattacks, struggling with complex security frameworks.
    • 71% of respondents anticipate business disruptions due to cyber incidents within the next 12 to 24 months.
    • Only 45% of organizations allocate more than 10% of their IT budget to cybersecurity, down from 53% last year.
    2025 Cybersecurity Readiness Index

    2025 Cybersecurity Readiness Index



    The report evaluates cybersecurity readiness across five pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification. AI is both a security tool and a threat, with 89% of organizations using AI for threat detection, response, and recovery

    The report said that — to tackle today’s cybersecurity challenges, organizations must invest in AI-driven solutions, simplify security infrastructures, and enhance AI threat awareness. Prioritizing AI for threat detection, response, and recovery is essential, as is addressing talent shortages and managing risks from unmanaged devices and shadow AI.

    Mphasis and Cybersecurity Firm SecPod Announce Strategic Security Partnership

    No comments 0
    Mphasis and Cybersecurity Firm SecPod Announce Strategic Security Partnership

    Mphasis, (BSE: 526299; NSE: MPHASIS), an Information Technology (IT) solutions provider specializing in cloud and cognitive services, today announced a strategic partnership with SecPod a SaaS-based cybersecurity products and technology company. As a part of this partnership, Mphasis will offer disruptive vulnerability management services for its clients through SecPod’s SanerNow CVEM platform.

    Through this partnership, Mphasis aims to help enterprises overcome challenges such as delayed risk identification, an increasing backlog of remediation, and inefficiencies caused by siloed products in vulnerability management. Leveraging SanerNow’s CVEM approach, Mphasis will enable its clients to consolidate multiple-point solutions into a unified, integrated solution. This solution continuously scans, detects, prioritizes, normalizes, and patches vulnerabilities, ensures compliance with regulatory requirements, prevents cyber-attacks, and keeps organizations audit-ready at all times.

    We look forward to leveraging SanerNow's advanced capabilities to empower our clients as they transform their cybersecurity approach. This shift includes moving from reactive to proactive, periodic to continuous, and manual to automated. This enables them to stay ahead of evolving cyber threats, reduce complexity, and focus confidently on achieving their core business objectives,” said Srikumar Ramanathan, Chief Solutions Officer, Mphasis.

    “We are thrilled to partner with Mphasis to integrate SecPod’s SanerNow platform into their advanced cybersecurity offerings. With Mphasis’ innovative focus on AI-driven solutions and cloud-native strategies, they are the ideal partner to amplify the benefits of SanerNow’s Continuous Vulnerability and Exposure Management (CVEM) capabilities,” said Pramod Sridharamurthy, SVP of GSIs & Strategic Alliances at SecPod. He added, “This collaboration allows us to leverage Mphasis’ extensive industry expertise and global reach, combining it with our automated vulnerability and exposure management solutions. Together, we aim to help organizations not only strengthen their cybersecurity posture but also proactively address vulnerabilities and mitigate risks in an ever-evolving threat landscape.”

    This partnership driven through our Sparkle innovation ecosystem, will accelerate the adoption of SanerNow’s Continuous Vulnerability & Exposure Management (CVEM) capabilities and integrate its services to enhance delivery capabilities, improve SLAs, reduce time-to-market, and offer integrated vulnerability management solutions.

    About SecPod:

    SecPod is a SaaS-based cybersecurity product and technology company created with a singular, unwavering goal of preventing cyberattacks. Founded in the year 2008, the company provides top-of-the-line continuous vulnerability and exposure management solutions that strengthen the cybersecurity posture of enterprises, SMBs, MSSPs and the like.

    For more information, visit https://www.secpod.com/.

    About Mphasis

    Mphasis’ purpose is to be the “Driver in Driverless Car” for Global Enterprises by applying next-generation design, architecture, and engineering services, to deliver scalable and sustainable software and technology solutions. Customer centricity is foundational to Mphasis, and is reflected in the Mphasis’Front2Back™ Transformation approach. Front2Back™ uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2TM=1) digital experience to clients and their end customers. Mphasis’ Service Transformation approach helps ‘shrink the core’ through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis’ core reference architectures and tools, speed and innovation with domain expertise and specialization, combined with an integrated sustainability and purpose-led approach across its operations and solutions are key to building strong relationships with marquee clients. 

    Tata Technologies Faces Ransomware Attack Resulting Temporary Suspension of Some of Its IT Services

    No comments 0
    Tata Technologies Faces Ransomware Attack Resulting Temporary Suspension of Some of Its IT Services

    Tata Technologies recently experienced a ransomware attack that affected some of its IT assets. The attack led to the temporary suspension of certain IT services. However, Tata Technologies confirmed that their client delivery services remained fully functional and unaffected throughout the incident.

    The ransomware incident was discovered on January 31, 2025. Tata Technologies did not disclose whether a ransom was demanded or paid.

    A detailed investigation is underway in consultation with experts to assess the root cause and take necessary remedial actions.

    The company has restored the affected services and launched a detailed investigation to determine the root cause and take necessary remedial actions.

    CEO Warren Harris highlighted the importance of increased funding for upskilling initiatives aligned with Industry 4.0 to support India's economic growth.

    Tata Technologies emphasized its commitment to maintaining high standards of security and data protection. They are working closely with experts to mitigate any potential risks associated with the attack.

    This incident highlights the growing cybersecurity challenges faced by companies, especially in sectors like engineering and technology.

    Last December, Deloitte UK was reportedly cyberattacked for whopping 1 TB of sensitive data by ransomware group called Brain Cipher Ransomware.

    Last year, Infosys' U.S.-based subsidiary, McCamish Systems, experienced a significant data breach due to a ransomware attack attributed to the LockBit ransomware operation, and data from over 6.078 million individuals was compromised.

    India-US Researchers Creates Quantum-Safe Video Encryption Framework to Tackle Deepfake-like Threats

    No comments 0
    India-US Researchers Creates Quantum-Safe Video Encryption Framework to Tackle Deepfake-like Threats

    Researchers from India and the USA have created a quantum-safe video encryption framework to tackle modern cyber threats like deepfakes and data manipulation. This innovative framework combines quantum computing's inherent randomness with advanced SSL-encrypted HTTP transmission, providing unmatched security and efficiency.

    The research, led by experts from Florida International University and the National Forensic Sciences University, has been featured in IEEE Transactions on Consumer Electronics.

    This framework integrates quantum encryption with classical video transmission methods to enhance security against evolving cyber threats.

    This breakthrough is expected to significantly enhance video communication security, especially for sensitive communications in defense, government, and military operations.
    India-US Researchers Creates Quantum-Safe Video Encryption Framework to Tackle Deepfake-like Threats

    Dr. Naveen Kumar Chaudhary from the National Forensic Sciences University in India collaborated with Dr. S.S. Iyengar and Dr. Yashas Hariprasad from Florida International University has led to the development of this quantum-safe encryption framework.

    A promising step towards a more secure digital future, the framework is based on hybrid quantum video encryption, which uniquely combines the power of quantum encryption with classical video transmission techniques, ensuring robust protection against potential quantum computing threats.

    The Quantum Encryption utilizes the principles of quantum mechanics to create encryption keys that are virtually impossible to crack using classical computing methods.

    The framework incorporates advanced SSL-encrypted HTTP transmission to maintain high-quality video communication. It Merges the strengths of both quantum and classical encryption, offering a dual layer of security.

    It has varied cybersecurity applications with an aims to protect sensitive video communications, particularly in sectors like defense, government, and military.

    Designed to withstand the advancements in quantum computing, making it a long-term solution for secure video transmission, the framework is a significant leap forward in cybersecurity, addressing the growing concerns over deepfakes and data manipulation.

    It's a promising development that could reshape the landscape of secure digital communication. The research has been funded by U.S. Army DEVCOM Army Research Laboratory and U.S. National Science Foundation (NSF), an independent agency of the United States federal government. 

    Tackling Deepfakes

    The quantum-safe encryption framework tackles deepfake threats by leveraging the inherent randomness of quantum computing and advanced SSL-encrypted HTTP transmission. Here's how it works:

    1. Pseudorandom Keys: The framework uses quantum-generated pseudorandom keys to encrypt video streams. These keys are extremely difficult to predict or replicate, making it challenging for deepfake creators to manipulate the video content.

    2. Quantum-Safe Protocols: Individual frames of the video are secured using quantum-safe protocols, ensuring that each frame is protected against tampering.

    3. Enhanced Security: By combining quantum encryption with classical methods, the framework provides a dual layer of security, significantly outperforming current methods.

    4. Authenticity and Integrity: The encryption ensures the authenticity and integrity of video communications, making it difficult for malicious actors to create convincing deepfakes.

    This approach is particularly effective in sensitive sectors like defense, government, and military operations, where the authenticity of video communications is crucial.

    Japan Airlines Faces Cyberattack Disrupting More Than 20 Domestic Flights

    No comments 0
    Japan Airlines Faces Cyberattack Disrupting More Than 20 Domestic Flights

    Japan Airlines faced a cyberattack that disrupted more than 20 domestic flights. The attack, which occurred on December 26, 2024, was identified as a denial-of-service (DDoS) attack designed to overwhelm the airline's network with massive data transmissions. Ticket sales for same-day flights were temporarily suspended.

    Fortunately, the airline managed to halt the attack and restore its systems within hours, ensuring that flight safety was not compromised.

    The cyberattack disrupted both internal and external systems, leading to delays of over 30 minutes for 24 domestic flights. Despite the disruption, Japan Airlines confirmed that no customer data was compromised. The incident highlights the ongoing challenges and vulnerabilities in cybersecurity, especially as Japan strengthens its defense strategies and collaborations with international partners.

    Japan Airlines took immediate action by shutting down the affected router to prevent further damage. Systems were restored later in the day, and flights resumed normally by December 27.

    This incident is a stark reminder of the importance of robust cybersecurity measures in today's digital age.

    In the past year, Japan has experienced several high-profile cyberattacks.To recall, in June 2024 Japanese space agency, JAXA, reported a series of cyberattacks since 2023. Although no critical data related to rockets, satellites, or defense systems was compromised, the agency took steps to bolster its cybersecurity measures.

    Last year, a cyberattack paralyzed operations at a container terminal in Nagoya city of Japan, for three days. This incident highlighted the vulnerabilities in Japan's digital infrastructure.

    In 2018, Cathay Pacific Airways of America suffered a data breach that compromised the personal data of 9.4 million customers, including credit card information and passport details. The breach continued until May 2020.

    These incidents underscore the urgent need for enhanced cybersecurity measures in the aviation industry to protect operations, passenger safety, and organizational reputation.

    Indian Govt Issues Advisory Warning on AI Generated Deepfake Threats

    No comments 0
    Indian Govt Issues Advisory Warning on AI Generated Deepfake Threats

    India's national nodal agency for responding to computer security incidents in the country, the Indian Computer Emergency Response Team (CERT-In), has recently issued an advisory warning about the rising threats posed by Al-generated deepfakes.

    Deepfake technology, which involves the use of artificial intelligence (AI) to create highly realistic and convincing fake videos, images, and audio, is becoming increasingly sophisticated. This technology poses significant risks, including the potential for disinformation, fraud, and social engineering attacks.

    The advisory highlights risks such as misinformation, financial fraud, and privacy violations, and provides guidance for individuals and organizations to detect and counter these threats.

    Here are some key points from the advisory:

    1. Verify Sources: Ensure digital content is from reliable sources before sharing or acting on it.

    2. Look for Anomalies: Identify signs such as unnatural blinking, mismatched lip-sync, inconsistent lighting, or distorted visuals.

    3. Cross-Reference Information: Confirm the accuracy of content through multiple trusted sources

    4. Limit Personal Data: Avoid sharing high-resolution images or videos online.

    5. Use Multi-Factor Authentication (MFA): Secure accounts with MFA to reduce risks of hacking.

    6. Monitor Public Channels: Keep track of potential deepfake content targeting your Organization.

    7. Adopt Secure Communication: Use encrypted channels for sensitive discussions to prevent interception.

    The advisory also urges organizations to strengthen detection tools, monitor public channels, and enhance digital forensics capabilities.

    The advisory, with original issued date of 27 November 2024, serves as a critical resource for identifying, assessing, and mitigating the threats posed by synthetic media.

    It's crucial to stay informed and vigilant about these threats.

    US Govt's CISA Issues Guidance for Cisco Devices Frequently Targeted by China-affiliated Threat Actors

    No comments 0
    Us Govt's CISA Issues Guidance for Cisco Devices Frequently Targeted by China-affiliated Threat Actors

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued specific guidance for network engineers and defenders to patch and secure Cisco network devices in response to the Salt Typhoon cyber-espionage campaign linked to the People's Republic of China (PRC). 

    Cisco gear has been frequently targeted by PRC-affiliated threat actors, says the CISA guidance, which is developed in collaboration with other cybersecurity agencies from Australia, Canada, and New Zealand.

    The guidance titled "Enhanced Visibility and Hardening Guidance for Communications Infrastructure" is a joint publication by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate's Australian Cyber Security Centre (ACSC), Canadian Cyber Security Centre (CCCS), and New Zealand's National Cyber Security Centre (NCSC-NZ).

    The guide aims to provide best practices for network engineers and defenders to strengthen visibility and harden network devices against cyber threats, particularly those affiliated with the People's Republic of China (PRC).

    CISA has provided Cisco-specific advice, including patching vulnerable devices and following best practices outlined in Cisco's IOS XE Hardening Guide and Guide to Securing NX-OS Software Devices.

    Enhancing visibility means having detailed insight into network traffic, user activity, and data flow, which helps in quickly identifying threats and vulnerabilities. Hardening involves implementing measures to secure network devices and reduce potential entry points for cyber threats.

    Scope of Attacks: The attacks compromised networks of eight telecommunications providers, exfiltrating customer call records and compromising private communications.

    The guide includes recommendations such as patching vulnerable devices, monitoring configuration changes, and implementing strong network flow monitoring solutions.

    Enhanced Visibility and Hardening Guidance

    Patch Vulnerabilities: Ensure all network devices, including routers, switches, and firewalls, are up-to-date with the latest security patches.

    Monitor Configuration Changes: Implement comprehensive alerting mechanisms to detect unauthorized changes to network devices. Store configurations centrally and push them to devices.

    Network Flow Monitoring: Implement a strong network flow monitoring solution to gain visibility into network traffic and detect anomalies.

    Strong Authentication: Use strong passwords and implement two-factor authentication (2FA) to enhance security

    End-to-End Encryption: Adopt end-to-end encryption for communications to protect data from interception.

    Regular Audits: Conduct regular security audits and penetration tests to identify and address vulnerabilities.

    Implementation Steps

    Update Systems: Regularly update all network devices and software to the latest versions.

    Implement Monitoring Tools: Deploy network monitoring tools to track traffic and detect unusual activities.

    Centralize Configurations: Store device configurations centrally and push updates to devices to prevent unauthorized changes.

    Enable Alerts: Set up alerts for any configuration changes or unusual activities on network devices.

    Use Strong Passwords: Enforce the use of strong, unique passwords for all network devices and accounts.

    Implement 2FA: Enable two-factor authentication for accessing critical network devices and systems.

    Encrypt Communications: Ensure that all sensitive communications are encrypted end-to-end.

    Conduct Audits: Perform regular security audits and penetration tests to identify and fix vulnerabilities.

    By following these recommendations, telecommunications providers can significantly enhance their network security and protect against sophisticated cyber-espionage campaigns like Salt Typhoon.

    Began in 2022, Salt Typhoon has targeted at least eight U.S. telecommunications providers, including major companies like AT&T, Verizon, and Lumen Technologies. The malicious campaign has also affected telecommunications infrastructure in other countries, highlighting the global nature of cybersecurity threats.

    Deloitte UK Reportedly Cyberattacked for 1 TB of Sensitive Data by Ransomware Group

    No comments 0
    Deloitte UK Reportedly Cyberattacked for 1 TB of Sensitive Data by Ransomware Group

    The Brain Cipher Ransomware group has reportedly claimed responsibility for a significant cyberattack on Deloitte UK, alleging that they have exfiltrated over 1 terabyte of data. This breach, if confirmed, could have serious implications for Deloitte's clients and its professional reputation.

    However, Deloitte has not confirmed the breach, leaving the claim unverified.

    The group claims to have accessed and stolen over 1 terabyte of compressed data, including sensitive client information and internal documents.

    According to statements posted by Brain Cipher, the attack has exposed critical vulnerabilities in Deloitte UK’s cybersecurity infrastructure. “Soon we will tell you about this incident. We will provide an example of data that has leaked. The volume of compressed data more than 1tb".

    The group has criticized Deloitte for not observing basic information security protocols. "Unfortunately, giant companies do not always do their job well,” the hackers claim.

    Brain Cipher emerged in June 2024 and has quickly gained notoriety for targeting high-profile organizations.

    Brain Cipher has set a deadline of December 15, 2024, for Deloitte to respond, after which they threaten to release the stolen data.

    The impact of this breach could be severe when it comes to client data exposure. Potential exposure of sensitive client information, including financial records, could be affected. Reputational Damage of the "big four" firm is also at stake. As one of the world's leading professional services firms, Deloitte's stature is at stake as it is raising serious concerns about data protection practices.

    The breach, if confirmed, could disrupt operations for Deloitte and its clients, eroding trust and confidence.

    Deloitte has yet to confirm the incident publicly. This situation underscores the critical need for robust cybersecurity measures in today's digital landscape.
    Subscribe to: Comments (Atom)

    Market Reports

    Market Report & Surveys
    IndianWeb2.com © all rights reserved