Skip to main content

Chinese Hackers targeted India's Power Grid

China based cyber criminals or maybe state sponsored Chinese hackers are targeting Indian power grid just to show that they can.

Investigation by multiple online security company has found, that the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.

The attack was identified through a combination of large-scale automated network traffic analytics and expert analysis.

Who are these Chinese Hackers?

These attacks were done using ShadowPad, which is one of the largest known supply-chain attacks, according to cybersecurity firm Kaspersky.

It is a obscured background malware, which hides inside legit software. Once activated, it allows attackers to access the victim system in order to install more malicious software or steal important data.

On October 12, a grid failure in Mumbai resulted in massive power outages, trains were stopped on tracks, causing covid hospitals to run on emergency power backups and hitting the stuttering economic activity hard.

Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organizations.

Labels

Labels:

Popular posts from this blog

AT&T Resets Millions of Customer Passcodes After Data Leak: What You Need to Know

AT&T recently confirmed a significant data breach affecting over 7.6 million current customers and 65 million former customers. The leaked information, which dates back to 2019 or earlier, includes personal details like names, addresses, phone numbers, and social security numbers. Fortunately, financial information and call history were not compromised. In response to the breach, AT&T has reset passcodes for affected customers. Passcodes, usually four-digit numbers, serve as an additional layer of security when accessing accounts. However, security experts warn that the encrypted passcodes leaked alongside customer information could be easily deciphered, posing a risk of unauthorized account access. Affected customers are advised to set up free fraud alerts with major credit bureaus and remain vigilant for any suspicious activity related to their accounts. AT&T is proactively reaching out to impacted customers via email or letter to inform them about the breach and the meas...
Read more

Signal Introduces Usernames for Encrypted Messaging: A Secure Way to Connect

Signal, the encrypted messaging service, is launching a new feature in the coming weeks: support for usernames. This beta feature allows users to establish unique usernames, enabling connections without divulging phone numbers. source: Signal Blog To create a username, navigate to your settings and select "Profile." Once you've chosen a unique username, generate a QR code or link to share with others. Recipients can connect by entering your username into the chat bar. Usernames can be changed at any time, though previous usernames may be claimed by others. Signal began testing usernames last fall. Unlike social media platforms, Signal usernames do not serve as logins or public handles. They offer a discreet means of communication without revealing personal phone numbers. While a phone number is required to register for Signal, sharing it is optional. Usernames remain private and do not appear on profiles or in chats unless shared explicitly. As Randall Sarafa, Signal'...
Read more

Wordpress.com is selling user data to AI companies

In September 2023, WordPress.com quietly updated a developer page about accessing a "Firehose" of around a million daily WordPress posts, clarifying that these feeds are intended for search engines, AI products, and market intelligence providers. This change, which was not previously noted, has sparked discussion, especially after revelations that Automattic, the owner of WordPress.com and Tumblr, plans to share user data with OpenAI and Midjourney. The recent buzz surrounds questions about which WordPress blogs are included, data retroactivity for opt-outs, and the lack of transparency from Automattic. This company has been selling access to post data for years, including through the Jetpack plugin, but has recently announced exclusions for select AI partners. Automattic's deals with OpenAI and Midjourney are particularly contentious as they aim to enhance generative AI tools. This data sharing, facilitated by partners like SocialGist and DataStreamer, offers insights in...
Read more