A survey reveals 87% of Indian citizens believe their personal data is compromised, with telecom providers, e-commerce platforms, and banks blamed. Meanwhile, CyberPeace reports 80,000+ cyberattacks targeting India’s aviation sector, exposing critical vulnerabilities. In the U.S., Penn-Harris-Madison schools suffer a ransomware attack, disrupting operations.
AWS misconfigurations are exploited for phishing, bypassing security measures. The Toronto Zoo confirms a data breach, leaking visitor records on the dark web. Hackers abuse Microsoft Teams and Quick Assist to deploy malware.
Majority of Indian Citizens Believe Their Personal Data is Compromised
A survey by LocalCircles reveals that 87% of Indian citizens believe their personal data has been leaked in the public domain. The study, based on responses from 36,000 people across 375 districts, highlights growing concerns over data privacy.
Respondents blame telecom providers (65%), e-commerce platforms (63%), and banks (56%) for data breaches. Many also point fingers at government departments for failing to secure sensitive information.
Cyber Threats in Indian Aviation: 80,000+ Attacks Recorded
A report by CyberPeace highlights escalating cyber threats in India’s aviation industry. Between June and August 2024, simulated attacks recorded 80,588 intrusion attempts, exposing vulnerabilities in Telnet (64,104 attacks), MySQL (15,629), and HTTP (512).
Attackers leveraged brute-force attempts using 296 unique usernames and 15,928 passwords to bypass authentication. The malicious traffic originated from China, India, the US, South Korea, and Taiwan.
Ransomware Attack Hits Penn-Harris-Madison School Network
The Penn-Harris-Madison school district is battling a ransomware attack that forced administrators to shut down network-connected computers.
While desktop systems remain offline as a precaution, students and staff can still use Chromebooks, laptops, and cloud-based applications. The IT team is working to restore services and assess potential data exposure.
Hackers Exploit AWS for Phishing Campaigns
Researchers at Palo Alto Networks Unit 42 have uncovered a phishing campaign exploiting misconfigured AWS environments. Tracked as TGR-UNK-0011 (JavaGhost), the threat actors leverage Amazon SES and WorkMail to send phishing emails.
Rather than exploiting AWS vulnerabilities, attackers take advantage of exposed AWS access keys, making phishing emails appear legitimate and bypass security filters.
Toronto Zoo Issues Final Notice on Cyberattack
The Toronto Zoo has confirmed that personal data from 2000 to April 2023 was leaked on the dark web following a cyberattack in early 2024.
The breach includes names, addresses, phone numbers, and partial credit card details. While downloading the leaked data remains difficult, there is a possibility of future exposure.
Hackers Exploit Microsoft Teams & Quick Assist for Stealth Attacks
Security researchers at Trend Micro have uncovered a cyberattack campaign targeting Microsoft Teams and Quick Assist for unauthorized access.
Since October 2024, 21 incidents have been recorded across North America and Europe. Attackers use social engineering to steal credentials, then exploit Quick Assist for privilege escalation.
