Sophos announces findings of its survey report in the Asia Pacific and Japan region, in association with TRA. The study states that despite cyber-attacks, cybersecurity budgets have remained unchanged. India has a shortfall of skilled cybersecurity experts, and Indian companies are struggling to recruit cybersecurity staff, the study pointed out. The need to appoint a CISO will increase from 33% to 40% in the next 24 months.
Ransomware Payments Bill 2021 was introduced in the Australian House of Representatives on Monday which, if passed, would require organizations to inform ACSC before a payment is made to a criminal organization in response to a ransomware attack. The ACSC would be required to de-identify the information for the purpose of informing the public and private sector about the current threat environment.
Quickheal has detected eight apps on the Play Store affected by joker malware with a total download count of 50,000. Google has been informed and the apps have been removed from the Playstore. Joker interacts with ads to steal users’ information. Once access is granted, it subscribes the user to paid premium services, causing a loss of money without the knowledge of the user. It downloads two payloads that infect the device and steal personal information.
Cyber threat intelligence company, Cyble has hired Rishi Mehta as their new CISO. The company specialises in empowering global organisations with dark web, cybercrime monitoring and mitigation services. Mehta is a veteran with experience of over two decades. He formerly worked with Target for six years as Senior Director, Technology. He has also worked with Religare, CitiFinancial, and Genpact. At Cyble he is expected to manage infosec functions.
Volkswagen, in a statement, said a data breach at a vendor has affected 3.3 mn customers and potential buyers in North America. Almost all of them were customers or potential buyers of Audi. The vendor had left sales and marketing information from 2014-19 in an e-file unsecured. Limited personal information about customers and potential buyers was exposed to hackers. VW will offer free credit protection services to the 90,000 customers affected by the leak.
Cybersecurity researchers have discovered a scam of a free gift campaign in the name of Tata Motors. It is collecting users’ data and has been traced back to China. The gift offer has been kept attractive to lure people. On the main page, it shows the picture of Tata Safari and congratulates the users asking them to take a survey. The real IP address has been masked using Cloudflare tech. It is being hosted on a third-party domain and not the official website of Tata Motors.
JBS USA paid a sum of $11mn after its system was hacked and its operations in North America and Australia were affected. Last week, post cyberattack, cattle slaughtering at all of its plants in the US were stopped for a day, which threatened to increase the prices. Investigations are being carried out and till now no company, employee, or customer data has been leaked. Russian groups REvil and Sodinokibi have been identified as the attacker.