Weekly News Roundup

Weekly News Roundup
January 24, 2025 | Cybersecurity

By Editorial Desk, 63SATS

The global cybersecurity landscape faces escalating threats, as highlighted by recent incidents and reports. Cyble uncovered thousands of leaked credentials from major cybersecurity vendors on the dark web, emphasizing the need for robust dark web monitoring. Meanwhile, India leads in workplace digital transformation but lags in cybersecurity readiness, according to Zoho’s 2025 survey.

South India topped malware detections in 2024, stressing the urgency for advanced protections in tech hubs. High-profile breaches, such as HPE’s data leak and Rostelecom’s contractor attack, underscore vulnerabilities in third-party systems. Additionally, ransomware groups like Medusa and campaigns tied to FIN7 and Black Basta exploit innovative tactics. Governments and organizations worldwide, from India’s Mahakumbh to Costa Rica’s ransomware response, are deploying advanced measures to counter rising cyber threats.

Major Cybersecurity Vendors’ Credentials Found on Dark Web
02Jan 63 Sats Cybersecurity India

Threat intelligence firm Cyble has uncovered thousands of account credentials linked to 14 leading cybersecurity vendors on the dark web. Leaked since early 2025, these credentials include internal and customer accounts, accessible via platforms like Okta, GitHub, and Salesforce.

Priced as low as $10, the data appears to have been extracted from infostealer logs. While multi-factor authentication may mitigate risks, Cyble highlights the critical need for dark web monitoring to prevent larger breaches.

 India Tops Workplace Digital Transformation but Trails in Cybersecurity

Zoho’s “Workplace Digital Transformation Survey 2025” reveals India leads in digital workplace transformation maturity (64.6%) compared to the global average (62.3%). Despite this, cybersecurity readiness remains a significant challenge.

Based on responses from 5,000 employees, the survey outlines four transformation levels: informal, standardized, structured, and optimized operations. It emphasizes integrating AI and analytics while improving employee experience and workplace security to sustain growth.

South India Leads Malware Detections in 2024: Seqrite-DSCI Report

South India has recorded the highest concentration of malware detections nationwide in 2024, as per Seqrite-DSCI’s India Cyber Threat Report 2025. Cities in Telangana, Tamil Nadu, and Karnataka collectively accounted for 36.37% of India’s 369.01 million malware detections.

Telangana alone registered 55.90 detections per endpoint, while Bengaluru and Hyderabad contributed 23.48% of the national tally. The report emphasizes the urgent need for enhanced cybersecurity in tech-intensive regions to counter the rising risks. Seqrite continues to empower businesses with advanced solutions to mitigate threats and safeguard critical digital infrastructure.

Rostelecom Probes Cyberattack on Contractor
Rostelecom 63 Sats Cybersecurity India

Russian telecom giant Rostelecom is investigating a suspected cyberattack after hackers leaked customer emails and phone numbers. The breach targeted the corporate website and procurement portal managed by a contractor.

Rostelecom assured the public that sensitive data remains secure but advised users to reset passwords and enable two-factor authentication. This incident underscores the vulnerabilities of third-party service providers and the importance of adopting stringent cybersecurity protocols to prevent data breaches.

Ransomware Groups Deploy New Tactics to Breach Systems

Sophos has identified two ransomware campaigns, STAC5143 and STAC5777, targeting corporate victims. Attackers use spam emails, followed by fake IT Teams calls, to convince employees to install remote access tools like Quick Assist, enabling malware deployment.

STAC5777 has ties to the Black Basta ransomware group, while STAC5143 shows potential links to FIN7. Organizations must enhance employee training, implement advanced endpoint protections, and strengthen protocols to counter such sophisticated attacks.

Uttar Pradesh Strengthens Cybersecurity for Digital Mahakumbh 2025
Mahakumbh 63 Sats Cybersecurity India

The Uttar Pradesh government has partnered with IIT-Kanpur, IIIT-Allahabad, and cybersecurity startups to secure Mahakumbh 2025 against potential cyber fraud. Initiatives include hack-proofing websites, safeguarding digital devices, and deploying trained personnel.

IIT-Kanpur’s Start-up Incubation Centre has collaborated with cutting-edge startups to ensure seamless and secure digital operations for the mega event, showcasing India’s commitment to advanced cybersecurity measures.

HPE Investigates Data Breach by Hacker IntelBroker

Hewlett Packard Enterprise (HPE) is investigating claims by hacker IntelBroker of stolen data, including source code, GitHub repositories, certificates, and personal information.

IntelBroker, active on cybercrime forums, is reportedly selling the data and access to HPE services. HPE confirmed awareness of the breach and is conducting a detailed investigation.

Medusa Ransomware Targets Gateshead Council

The Medusa ransomware group attacked Gateshead Council, leaking personal and financial data on its site.

Documents include job applications, budgets, and housing reports. Gateshead confirmed the breach is contained and notified the ICO. The attack underscores vulnerabilities in public sector cybersecurity.

Advanced Cyberattack Hits German Systems with Sophisticated Tactics
germany cyber attack 63 Sats Cybersecurity India

Cyble Labs uncovered an attack on German systems using DLL Sideloading, proxying, and Sliver implants.

A phishing email with a decoy file triggers malware, bypassing security defenses. This marks a significant evolution in cyberattack methodologies targeting organizational networks.

India Boosts Digital Access with NBM 2.0 and Sanchar Saathi App

The Department of Telecommunications (DoT) launched the National Broadband Mission 2.0 (NBM 2.0) and the Sanchar Saathi app on January 17, 2025. NBM 2.0 aims to connect 1.7 lakh villages, ensuring 60% rural broadband penetration with speeds of at least 100 Mbps.

The Sanchar Saathi app helps users secure telecom resources, report fraudulent calls, manage mobile connections, and block stolen devices. These initiatives aim to bridge India’s digital divide and enhance user security.

U.S. Cyber Tool FALCON Debuts in Costa Rica Ransomware Response

A ransomware attack on Costa Rica’s largest oil refinery tested the U.S. State Department’s rapid cyber-response tool, FALCON.

Within 36 hours, the tool mobilized private-sector expertise to counter the threat. Ambassador Nate Fick emphasized FALCON’s capability to provide swift incident support and strengthen global cybersecurity norms. This marks a milestone in U.S. efforts to aid allies in critical cyber emergencies.

Otelier Data Breach Exposes Millions of Guest Records
Otelier 63 Sats Cybersecurity India

Hotel management platform Otelier suffered a breach, exposing 8 TB of guest data from brands like Marriott, Hilton, and Hyatt.

Threat actors gained access via stolen employee credentials infected with malware, maintaining access from July to October 2024. Otelier confirmed the breach and is working with affected clients. This incident highlights growing risks from credential theft and poor cloud security practices.