By Ashwani Mishra, Editor-Technology, 63SATS
India has strengthened its cyber laws, mandating a 24-hour takedown for explicit content while tightening regulations on digital platforms. Meanwhile, Oracle has denied claims of a massive data breach, asserting its cloud security remains intact.
In Costa Rica, President Rodrigo Chaves’ YouTube account was hacked but later recovered. The Medusa ransomware group has been exploiting a fake CrowdStrike driver to bypass security defenses. Cybercriminals are also using fake Semrush ads to steal SEO professionals’ Google accounts. Lastly, India’s CERT-In is facing a workforce shortage, impacting its ability to respond to cyber threats, including ransomware attacks.
India Tightens Cyber Laws: 24-Hour Takedown Mandate for Explicit Content
The Indian government is ramping up digital regulations to combat online exploitation, particularly child sexual abuse material. Union Minister Ashwini Vaishnaw informed the Lok Sabha that new enforcement measures under the Information Technology Act, 2000, and IT Rules, 2021, will enhance cybercrime response.
Key provisions include stricter due diligence requirements for digital platforms and social media intermediaries. Messaging services must now enable the identification of the original sender of messages linked to offences like rape or child exploitation. Additionally, intermediaries must remove explicit content—such as non-consensual intimate images—within 24 hours to retain legal immunity.
Oracle Refutes Breach Claims, Asserts Cloud Security is Uncompromised
Concerns emerged over a potential data breach involving Oracle Cloud, following claims by a hacker named “rose87168” who allegedly put six million stolen records up for sale. Bengaluru-based cybersecurity firm CloudSEK flagged the incident.
However, Oracle dismissed the claims, stating that its cloud infrastructure remains secure. “There has been no breach of Oracle Cloud. The reported credentials are unrelated to our services, and no Oracle Cloud customers have suffered data loss,” the company clarified.
Costa Rican President’s YouTube Account Restored After Cyberattack
The official YouTube account of Costa Rican President Rodrigo Chaves was hacked on Friday, remaining compromised for several hours before being restored.
According to a government statement, cybersecurity teams from the president’s office, the Ministry of Science and Technology, and Google collaborated to regain control. Authorities have not disclosed the identity of the attackers or whether any sensitive data was compromised.
Medusa Ransomware Uses Fake CrowdStrike Driver to Evade Security
The Medusa ransomware group has been deploying a malicious driver, dubbed ABYSSWORKER, in a sophisticated Bring Your Own Vulnerable Driver (BYOVD) attack to disable security defenses.
Elastic Security Labs reported that Medusa used a loader, HeartCrypt, to install a revoked certificate-signed driver from a Chinese vendor. This rogue driver, smuol.sys, impersonates CrowdStrike Falcon’s CSAgent.sys, allowing attackers to bypass endpoint detection tools. Over a dozen ABYSSWORKER samples, dating from August 2024 to February 2025, have been identified on VirusTotal, many signed with stolen certificates.
Fake Semrush Ads Used to Hijack Google Accounts of SEO Professionals
Cybercriminals are leveraging phishing campaigns disguised as Semrush Google Ads to steal credentials from SEO professionals.
Security researchers Jerome Segura (Malwarebytes) and Elie Berreby discovered that attackers are specifically targeting Google Ads accounts, potentially to launch further malvertising campaigns. This follows a growing trend of “cascading fraud,” where compromised accounts are exploited to propagate additional cyber scams. In January, a similar operation was uncovered involving fraudulent Google Ads hosted on Google Sites.
India’s Cybersecurity Response Hampered by Workforce Shortage
The Indian Computer Emergency Response Team (CERT-In) is struggling to provide adequate support for ransomware-affected entities due to staffing constraints, according to a parliamentary report tabled on Friday.
The Ministry of Electronics and IT (MeitY) emphasized the urgent need for additional cybersecurity personnel to tackle the rising number of incidents. CERT-In is also seeking dedicated office space, a data center, and a disaster recovery site to enhance its operational capabilities.
