About

Latest cybersecurity news from India

When it comes to cybersecurity news, India is never far from the headlines. In fact, cyber-attacks in India are all too commonplace.

A technology-driven nation prone to cyber-attacks, India has become a popular target for cybercriminals.

It has also seen a steady climb, however, in the number of homegrown security teams dedicated to stamping out cybercrime across the nation.

To read the hottest information security news India has to offer, follow The Daily Swig.


Hiding in the shadows

Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns13 June 2022Hiding in the shadowsCybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns

Indian VPN providers resist incoming data-logging law

08 June 2022Indian VPN providers resist incoming data-logging lawPrivacy concerns raised over mandate to retain customer records

Treading a fine line

Security ‘researcher’ hits back against claims of malicious CTX file uploads27 May 2022Treading a fine lineSecurity ‘researcher’ hits back against claims of malicious CTX file uploads

Suspicious update

Malicious Python library removed from PyPI repo amid reports of domain hijack25 May 2022Suspicious updateMalicious Python library removed from PyPI repo amid reports of domain hijack

Black Hat Asia

‘If democracy is to survive, technology will have to be tamed’13 May 2022Black Hat Asia‘If democracy is to survive, technology will have to be tamed’

‘A great step’

India to introduce six-hour data breach notification rule05 May 2022‘A great step’India to introduce six-hour data breach notification rule

Tearing down red flags

Women in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros15 April 2022Tearing down red flagsWomen in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros

RCE vulnerability uncovered in Hashnode blogging platform

02 March 2022RCE vulnerability uncovered in Hashnode blogging platformA local file coding error could be exploited to trigger RCE

Up close and personal

What does India's Personal Data Privacy Bill mean for individuals and businesses?23 February 2022Up close and personalWhat does India's Personal Data Privacy Bill mean for individuals and businesses?

Google Groups unsubscribe feature abused to remove members

23 February 2022Google Groups unsubscribe feature abused to remove members‘This could have destroyed the Google Payment system flow,’ security researcher tells The Daily Swig

SureMDM bug chain enabled compromise of managed devices

01 February 2022SureMDM bug chain enabled compromise of managed devicesSeries of flaws in MDM platform addressed in web console and Linux agent

Bookshop of errors

Indian academic bookseller Oswaal Books fixes alleged serious vulnerabilities with Shopify relaunch05 January 2022Bookshop of errorsIndian academic bookseller Oswaal Books fixes alleged serious vulnerabilities with Shopify relaunch

Indian authorities set to tighten data breach laws in 2022

29 December 2021Indian authorities set to tighten data breach laws in 2022Credit card storage rules and 72-hour breach notification deadline due to come into play next year

New bug bounty platform launches for Indian ethical hackers

21 October 2021New bug bounty platform launches for Indian ethical hackersSecurity researchers can sign up now

Cybercrime sentencing

Fraudster handed 11-year prison term for role in North Korean operation13 September 2021Cybercrime sentencingFraudster handed 11-year prison term for role in North Korean operation

Supply chain security

Realtek SDK vulnerabilities impact dozens of downstream IoT vendors16 August 2021Supply chain securityRealtek SDK vulnerabilities impact dozens of downstream IoT vendors

Pwned in translation

Microsoft Edge universal XSS flaw exploitable ‘on any web page’30 June 2021Pwned in translationMicrosoft Edge universal XSS flaw exploitable ‘on any web page’

Instagram privacy flaw

Vulnerability nets researcher $30k after exposing users’ private content25 June 2021Instagram privacy flawVulnerability nets researcher $30k after exposing users’ private content

APNIC stations

Asia-Pacific internet registry says WHOIS admin passwords were exposed for three months22 June 2021APNIC stationsAsia-Pacific internet registry says WHOIS admin passwords were exposed for three months

Bug Bounty Radar // May 2021

New web targets for the discerning hacker30 April 2021Bug Bounty Radar // May 2021New web targets for the discerning hacker

Telecoms industry facing increased DDoS attacks

21 April 2021Telecoms industry facing increased DDoS attacksNew research from Cloudflare details cyber-attack trends of 2021 so far

Inference attacks

How much information can machine learning models leak?14 April 2021Inference attacksHow much information can machine learning models leak?

Upstox breach

Indian stock trading site resets passwords amid data breach fears12 April 2021Upstox breachIndian stock trading site resets passwords amid data breach fears

Covid-19 pandemic

How bug bounty programs helped secure some of the world’s leading track and trace apps12 April 2021Covid-19 pandemicHow bug bounty programs helped secure some of the world’s leading track and trace apps

Data breach denial

Payment provider MobiKwik continues to refute claims of 8.2 TB leak31 March 2021Data breach denialPayment provider MobiKwik continues to refute claims of 8.2 TB leak

Indian cyber-espionage activity rising amid growing rivalry with China and Pakistan

Cyber warfare: a Bollywood special25 February 2021Indian cyber-espionage activity rising amid growing rivalry with China and PakistanCyber warfare: a Bollywood special

Know when to fold ’em

Joker’s Stash demise likely to spawn growth to rival cybercrime forums21 January 2021Know when to fold ’emJoker’s Stash demise likely to spawn growth to rival cybercrime forums

Penalty notice

Fines against banks for data breaches more than doubled in 202031 December 2020Penalty noticeFines against banks for data breaches more than doubled in 2020

What’s in a CNAME?

Rampant misconfiguration leaves thousands of orgs open to attack25 November 2020What’s in a CNAME?Rampant misconfiguration leaves thousands of orgs open to attack

Western govt’s move to curtail end-to-end encryption

12 October 2020Western govt’s move to curtail end-to-end encryptionSecurity community resists anti-encryption push as counter-productive

Paranoid about Android

Vulnerability scanners tackle code obfuscation and false positives02 October 2020Paranoid about AndroidVulnerability scanners tackle code obfuscation and false positives

Youth unemployment risks fueling Indian cybercrime boom

Many young Indians are turning to the dark side for additional income22 September 2020Youth unemployment risks fueling Indian cybercrime boomMany young Indians are turning to the dark side for additional income

China targeting AI tech in ‘brazen’ cyber espionage offensive

27 August 2020China targeting AI tech in ‘brazen’ cyber espionage offensivePRC becoming more aggressive in the midst of deteriorating international relations

Indian train ticket vendor RailYatri downplays data breach

25 August 2020Indian train ticket vendor RailYatri downplays data breachCompany denies that 700,000 users had their details exposed via public-facing server

Indian national pleads guilty to role in Microsoft tech support scam

25 August 2020Indian national pleads guilty to role in Microsoft tech support scamVictims were told that malware had been detected on their computers

Intel Owl

OSINT tool automates the intel-gathering process using a single API18 August 2020Intel OwlOSINT tool automates the intel-gathering process using a single API

Bug Bounty Radar // July 2020

New web targets for the discerning hacker31 July 2020Bug Bounty Radar // July 2020New web targets for the discerning hacker