cyber security Archives - Page 4 of 7

Cyber-attacks on India continue even after the understanding with Pakistan: Cyber officials

Cyber-attacks on Indian government sites persist despite de-escalation with Pakistan, with threats emerging from Bangladesh, the Middle East, and beyond. Maharashtra Cyber has intensified efforts against cyber fraud, misinformation, and cyber slavery, saving ₹600 crore since 2019. Maharashtra On May 26, cyber officials said that even after India and Pakistan, hackers from Bangladesh, the Middle East, and the surrounding nations are still attacking Indian government websites, agreed to halt military hostilities. According to officials, just 150 out of the 1.5 crore cyberattacks that were launched after the April 22 terror attack in Pahalgam were successful. A top officer from the Maharashtra Cyber Department denied claims to reporters that hackers had stolen information from Mumbai’s Chhatrapati Shivaji Maharaj International Airport, targeted the Election Commission website, and hacked aviation and municipal systems. Investigating cybercrime and upholding security are the responsibilities of Maharashtra Cyber, a central organisation under the Maharashtra government. “The analysis discovered that when India-Pakistan hostilities ceased, cyberattacks on Indian government websites decreased, though they did not entirely stop. Pakistan, Bangladesh, Indonesia, Morocco, and other Middle Eastern nations are still launching these attacks,” the person stated. According to him, 38 out of 83 fake news items have been removed by Maharashtra Cyber, which has started a focused effort against false information on social media. Under the “Nation First Fact First” campaign, the cyber department will combat false information about the Indian government and military, the official continued. Specialised helplines were established to educate the public about online fraud. To get emergency assistance, citizens can ring 1930 or 1945. The official stated that approximately 100 phone lines are operational at the same time and that analysts contact the caller after receiving the distress call. He stated that both the 1930 and 1945 numbers receive 7,000 calls per day. Since 2019, cyber officials have prevented cyber fraud by taking prompt action against cybercriminals, saving Rs 600 crore. “In the last six months, Rs 200 crore has been saved”. According to authorities, a 39-year-old CA student was detained in Indore for reportedly using seven profiles on X to disparage Hindu deities. Since 2021, the accused has reportedly insulted Hindu deities. BJP MP Medha Kulkarni brought this matter to the attention of Chief Minister Devendra Fadnavis. According to the official, Maharashtra Cyber has rescued six young people from Maharashtra who were ensnared in cyberslavery in Laos. If the confined teenagers refused to commit cybercrimes, they were tormented by being shocked with electricity and having their nails pulled out. According to him, Maharashtra Cyber has learned that 29 Indians are ensnared in cyberslavery in the Southeast Asian nation.

Andhra police arrest international cyber fraud syndicate, 33 held

Andhra police busted an international cyber fraud ring posing as Amazon support, arresting 33 and seizing tech gear and cash. The gang targeted US citizens via VoIP scams. An alleged worldwide cyber fraud gang based in Achyutapuram, Andhra Pradesh, has been busted by the police, who have arrested 33 individuals and confiscated expensive tech equipment and Rs 3 lakh in cash. Following a Village Revenue Officer’s report and information, Anakapalli district Deputy Superintendent of Police (DSP) Vishnu Swaroop conducted concurrent searches at three key locations on 22 May. Computers, network equipment, and upscale furniture were among the items confiscated. Swaroop told PTI on Friday that this was a full-fledged contact centre that used Amazon support as a front to target US individuals with impersonation and Voice Over Internet Protocol (VoIP) fraud. Police claim that job seekers were recruited via internet job boards, educated in impersonation tactics, and then used in scam calls to obtain private financial data from US citizens. Food and lodging were given to the recruits, who were primarily from Assam and northeast India. He claimed that after a week of training, they were on calls the following week. The fraud had four layers: managers, American bank representatives, and dialers impersonating Amazon assistance used “gift card redemptions” and other strategies to trick unsuspecting Americans.

WhatsApp Launches Official App for Apple iPad with Full Feature Support

WhatsApp is now available on the Apple iPad, offering full support for calls, messaging, and multitasking features. The app uses end-to-end encryption and syncs across devices. Following years of requests from tablet users seeking a smoother method of accessing the company’s end-to-end messaging service, Meta announced the debut of WhatsApp for Apple iPad users. Owners of Apple iPads may now share their screen, use the front and rear cameras, and make voice and video chats with up to 32 people using WhatsApp. Slide Over, Split View, and Stage Manager on compatible devices are a few iPadOS multitasking features. This enables users to send messages or view multiple apps simultaneously while online browsing. While on a call, users can also browse the web. Users of Apple iPads will also be able to use the conversation lock feature. Meta mentioned that the software was available for download through the software Store and encouraged users to submit comments. Users’ Magic Keyboard and Apple Pencil devices can also be used with Meta’s WhatsApp for iPad. “Regardless of the platform or device you’re messaging on, WhatsApp for iPad uses our industry-leading multi-device technology to keep everything in sync across your iPhone, Mac, and other devices while protecting your messages, calls, and media with end-to-end encryption,” Meta wrote in a blog post announcing the update.

Adidas Confirms Data Breach Exposing Customer Contact Information

Adidas Data Breach claims that a hack using a third-party service resulted in the theft of customer contact information. Payment information and passwords were not stolen. Adidas has revealed that its customers’ personal information was taken in a cyberattack. According to the sportswear giant, “certain consumer data” that “mainly consists” of the contact details of those who have interacted with its support desk was stolen by crooks. Adidas asserts that passwords and credit card credentials were not compromised in any way. “We remain fully committed to protecting the privacy and security of our consumers, and sincerely regret any inconvenience or concern caused by this incident,” it wrote on its blog. It makes sense that Adidas customers would be concerned that hackers may try to use their data, thus it’s critical that Adidas offers precise and timely updates to affected shoppers and supports them in taking steps to protect themselves,” said Lisa Barber, of the consumer advocacy organisation Which? She suggested that those who may be impacted closely monitor their credit reports and bank accounts for any unusual activity. They should also be cautious of unexpected calls, emails, or social media posts claiming to be related to the hack, she said, as these could be scammers attempting to profit from the cyberattack. It comes as significant hacks have attacked retailers like Co-op and Marks & Spencer. There is no evidence that Adidas has experienced a comparable circumstance to theirs, in which the intrusions caused significant disruptions to business operations. “Adidas recently became aware that an unauthorised external party obtained certain consumer data through a third-party customer service provider,” stated the business. “We collaborated with leading information security experts as quickly as we could to contain the problem and start a comprehensive investigation. “Adidas is in the process of informing potentially affected consumers as well as appropriate data protection and law enforcement authorities consistent with applicable law.” Since April 2025, a number of cyber events have been reported, and some specialists have discovered connections between them. Police in the UK are investigating the possibility that the M&S cyberattack was caused by Scattered Spider, a well-known group of English-speaking hackers. Hacks on the Co-op and Harrods are thought to have been carried out by the same group, but M&S was most severely affected. According to M&S, the company will lose around a third of its profit as a result of the cyberattack. There is no indication that this group is responsible for the Adidas data hack. However, the company disclosed earlier this month that data breaches had occurred in other areas of its global empire, including its South Korean and Turkish arms.

Joint Airtel-Jio-Vi initiative: Will the telecom behemoths unite to combat fraud and cybercrime

Joint Airtel-Jio-Vi initiative: Airtel has proposed a joint initiative with Jio and Vodafone Idea to combat rising telecom-related cybercrimes and frauds, citing over 1.7 million complaints in early 2024. The plan calls for real-time fraud intelligence sharing and cross-network coordination to strengthen user safety. Reliance Jio, Bharti Airtel, and Vodafone Idea (VI), India’s three main private telecom companies, may unite in an uncommon attempt to fight telecom fraud, scams, and cybercrime. The second-largest telecom provider in India by market share, Airtel, claims that it just sent a call to action to Jio and Vodafone, urging them to band together to combat these nefarious frauds and scams. The telecom giant claims that in the first three quarters of 2024, India received over 1.7 million complaints about cybercrime, which led to losses of ₹11,000 crore. India has recently witnessed a notable increase in cybercrime, ranging from identity theft to phishing links, “digital arrest” frauds, and fraudulent loan offers and payment forms. Customers received the following message from Airtel last week: “Airtel is now The Safe Network.” To keep you safe, our fraud detection tool prevents bogus URLs from opening. Additionally, for the past month, Airtel has begun adding “scam” cautions before suspected texts for a large number of consumers. However, the operator led by Sunil Mittal aims to do more. “…it became clear that more coordinated industry action was required, given the recent alarming rise in phishing attempts and malicious URL-based scams targeting unsuspecting individuals.” In letters to Telecom Secretary Neeraj Mittal and TRAI Chairman Anil Kumar Lahotia, it stated that these sophisticated fraud schemes frequently take advantage of the lack of cooperation between service providers. “Through real-time fraud intelligence sharing and cross-network coordination, this initiative would bring all TSPs together to collaboratively detect, prevent, and mitigate telecom fraud and scams across our networks,” Airtel continued. The challenge for Jio, Vodafone, and the other two companies involved in this program is to prevent unsolicited commercial communications (UCC), which are the source of the majority of scams, without interfering with the enterprise services that are properly provided by the telecom networks. This might include establishing a centralised platform for data sharing, which raises additional privacy concerns. However, that is a matter for another time. Currently, it is up to Ambani-led Jio and Vodafone Idea to agree to Airtel’s proposal for a collaborative task force to combat cybercrime based on telecoms.

Odisha Police Train 700 Officers in Digital Investigation Techniques

Odisha Police: Around 700 police investigating officers from Odisha’s Eastern Range attended a digital investigation workshop on May 21, 2025, to enhance skills in e-investigation, evidence management, and case documentation. The initiative reflects Odisha Police’s commitment to modernising law enforcement through technology. Odisha’s Balasore (PTI) On May 21, 2025, around 700 police investigating officers (IOs) attended a workshop on the latest methods and knowledge in digital investigation, evidence management, and case documenting. The State Crime Records Bureau (SCRB) conducted a workshop for the IOs of the districts of Balasore, Bhadrak, and Mayurbhanj on e-investigation, e-sakshya, and e-sign, according to Satyajit Naik, DIG Eastern Range. The DIG stated, “The training aimed to equip IOs with the latest skills and knowledge in digital investigation, evidence management, and case documentation.” The police department uses technology to improve the efficacy and efficiency of investigations, which ultimately ensures the delivery of justice. According to the DIG, this project demonstrates the Odisha Police’s dedication to implementing creative solutions and keeping up with the most recent advancements in law enforcement. He stated that this capacity-building operation is expected to have a good effect on crime investigation and public service delivery in the area, and that the Eastern Range Police stand to gain enormously from it.

Department of Telecommunications Launches FRI Tool to Detect Risky Mobile Numbers in Cyber Frauds

The Department of Telecommunications has launched the Financial Fraud Risk Indicator (FRI) to help banks and payment platforms identify risky mobile numbers linked to cyber fraud. Platforms like PhonePe, Paytm, and Google Pay are integrating the tool to enhance transaction security. The Financial Fraud Risk Indicator (FRI), a new multi-dimensional analytical tool created as part of the Department of Telecommunications’ (DoT) Digital Intelligence Platform (DIP), was unveiled on Wednesday. Its purpose is to assist financial institutions in preventing cyber fraud by providing them with advanced, actionable intelligence. In order to combat financial crime and cyber fraud, FRI facilitates improved intelligence sharing with banks, UPI service providers, and other financial organizations. A cell phone number can be categorized as having a Medium, High, or Very High risk of financial fraud using this risk-based criteria. In the event that a mobile number is deemed to be at high risk, the action is expected to assist banks, non-banking financial institutions, and UPI service providers in giving enforcement top priority and implementing further client protection measures. The digital payment provider PhonePe, which was among the first to implement FRI, has utilised it to reject transactions associated with Very High FRI mobile numbers and to show a notice on the screen as part of the PhonePe Protect feature. According to the DoT, PhonePe is working to show a proactive user alert for Medium FRI numbers before authorising the transaction. PhonePe, Paytm, and Google Pay, which collectively manage over 90% of UPI transactions, have begun integrating DIP notifications into their systems, the DoT claims. Fraud detection According to the department, “this classification is the result of inputs obtained from various stakeholders, including intelligence shared by banks and financial institutions, reporting on DoT’s Chakshu platform, the National Cybercrime Reporting Portal (NCRP), and the Indian Cyber Crime Coordination Centre (I4Cs). The list of mobile numbers that were disconnected due to their involvement in cybercrime, failure to re-verify, and violating limitations is shared by the DoT every month. Financial fraud also frequently uses these numbers. The life of a cell number used in cyber frauds is usually a few days, and complete verification might take several days, therefore, the DoT believes that an advanced signal of risk associated with such numbers is quite important. As a result, when a stakeholder flags a suspected mobile number, it is subjected to multi-dimensional analysis, which determines whether it carries a Medium, High, or Very High financial risk. It is then promptly shared with all stakeholders via DIP.

OpenAI Acquires Jony Ive’s AI Startup io for $6.4 Billion in Major Hardware Push

OpenAI is acquiring Jony Ive’s AI device startup, io, for $6.4 billion in an all-equity deal, marking its major push into hardware. I’ve will lead design efforts at both OpenAI and io, while io integrates with OpenAI’s San Francisco teams. On May 21, 2025, OpenAI announced that it would acquire Jony Ive’s AI device startup, io, for roughly $6.4 billion in an all-equity transaction, solidifying the AI company’s entry into the hardware market. The company said in a statement that Ive will be taking on “deep creative and design responsibilities across OpenAI and io.” Ive and LoveFrom, his “creative collective,” will continue to operate independently. According to OpenAI, while io will be coming in-house. Ive and OpenAI CEO Sam Altman wrote in a blog post on May 21 that Ive launched io a year ago with the help of Apple alums Scott Cannon, Tang Tan, and Evans Hankey, who temporarily filled Ive’s position at Apple after he left. In order to collaborate more closely with the research, engineering, and product teams in San Francisco, the io team—which is dedicated to creating products that inspire, empower, and enable—will now join with OpenAI, according to the post. OpenAI, which already controls 23% of the business, stated that it is paying $5 billion in the deal. Ive is “the greatest designer in the world,” according to Altman’s post on X. This is by far OpenAI’s biggest acquisition to date, and it comes weeks after the business agreed to pay $3 billion to acquire the AI-assisted coding tool Windsurf. Before that, in 2024, OpenAI paid an unknown amount to purchase the analytics database startup Rockset. To launch LoveFrom, Ive declared in 2019 that he was leaving Apple, where he had served as chief design officer for several years. In 2020, Airbnb announced that I had been advising the business on hiring and upcoming features. Last year, the New York Times revealed that LoveFrom’s designers were working on projects for Christie’s, Airbnb, and Ferrari at the time, and that the company’s clients pay it up to $200 million annually. Ive and designer Marc Newson formed LoveFrom, according to the company’s website, but it makes no mention of io or what the business does. Apple’s most recognisable products, such as the iPod, iPhone, iPad, and MacBook Air, were all designed by Ive. Additionally, he contributed to the design of Apple Park, the company’s new Cupertino headquarters, which was started in 2004 and formally opened in 2019. As competitors like Google, Anthropic, and Elon Musk’s xAI are making significant investments and frequently releasing new products, OpenAI, which was recently valued at $300 billion in a funding round spearheaded by Soft Bank, is scrambling to remain ahead of the competition in the generative AI space. Strengthening its hardware operations is one way to keep ahead of the competition. To advance its hardware objectives, OpenAI in November named the former leader of Meta’s Orion augmented reality glasses project to lead its robotics and consumer hardware initiatives. The position would “initially focus on OpenAI’s robotics work and partnerships to help bring AI into the physical world and unlock its benefits for humanity,” according to a statement made at the time by Caitlin “CK” Kalinowski. Additionally, in November, OpenAI invested $400 million at a valuation of $2.4 billion in Physical Intelligence, a robot company based in San Francisco. Among the other investors was Amazon founder Jeff Bezos. By creating extensive AI models and algorithms to drive robots, the business aims to “bring general-purpose AI into the physical world,” according to its website.

Massive Facebook Data Leak Exposes 1.2 Billion User Records, Hacker Claims

Facebook Data: A hacker claims to have leaked data from 1.2 billion Facebook users, including emails, phone numbers, and more. Researchers verified part of the sample, raising concerns about Meta’s data security and ongoing scraping issues. In response to Cyber News, Facebook’s parent company, Meta, sent a brief message along with a link to a newsroom article from four years ago titled “How we combat scraping.” “This assertion is not new. A Meta representative stated, “We revealed this years ago and have since taken action to stop such events from occurring. Meanwhile, looked into a data sample that had information on 100,000 distinct Facebook user records that the attackers had added to the post. The data seems valid based on the contents of the sample rather than the entire dataset. The team claims that the dataset consists of: User IDs Names Email addresses Usernames Phone numbers Locations Birthdays Genders Researchers advise exercising caution regarding the veracity of the attacker’s claims regarding “1.2 billion Facebook user records,” despite the fact that they are remarkable. For starters, this is only the second post the attackers have ever made that contains alleged Facebook records that were scraped. Although the quantity was substantially smaller, data purportedly collected from Facebook was also included in another attacker’s post. Researchers speculated that after publishing one post, they were able to extract further data to reach 1.2 billion entries. The social networking site would flag another case of user data being scraped in bulk if the Facebook data scrape were verified. According to the team, this calls into doubt the company’s stance on the protection of consumers’ personal information. Recurring incidents indicate a tendency toward reactive security measures as opposed to proactive ones, especially when it comes to safeguarding critical yet publicly accessible data. Millions may be vulnerable to phishing, scams, identity theft, and long-term privacy problems due to the absence of more robust protections and transparency, the researchers stated. A dataset of that size can be used in a variety of ways by threat actors since it makes it simple for hackers to automate attacks, releasing hordes of bots that target each user in the dataset with minimal human intervention. Since malicious actors are aware that the email addresses in the dataset belong to Facebook members, they can utilise one of the several Facebook phishing methods to target Facebook users. Threat actors frequently try to use APIs for malicious ends. Attackers targeted Shopify, GoDaddy, Wix, and OpenAI’s APIs earlier this year. Actors with financial motivations frequently try to misuse the same method to gain access to cryptocurrency wallets. “A pattern of reactive rather than proactive security measures is evident in repeated incidents, especially when it comes to safeguarding sensitive but publicly visible data.” Since APIs enable communication between various services, the majority of well-known services would not be possible without them. Attackers, however, manage to leverage lawful APIs for malicious ends, such as retrieving significantly more data than the software applications were designed to do. Facebook data scraping is not unheard of. For instance, Meta acknowledged last year that it had used publicly available Facebook and Instagram data to train its AI virtual assistant. In 2021, however, a different hacker shared details about more than 500 million Facebook users, including locations and phone numbers. The Irish Data Protection Commission (DPC), the European Union’s top data privacy body, fined Meta €265 million ($266 million) for the leak.

Meet the Teen “Cyberterrorist” Who, During Operation Sindoor, Waged a Digital War Against India

Cyberterrorist: An 18-year-old from Gujarat was arrested for leading over 50 cyberattacks on Indian government websites during Operation Sindoor. Authorities suspect online radicalisation and possible foreign influence behind the coordinated digital assault. AHMEDABAD Jasim Shahnawaz Ansari, an 18-year-old from Nadiad, was detained by the Gujarat Anti-Terrorism Squad (ATS) for reportedly planning more than 50 assaults on Indian government websites, a development that has shocked the country’s cybersecurity scene. After India began Operation Sindoor in May 2025 as a military response after a terror incident in Pahalgam, the attacks allegedly became more intense. Officials claim that Ansari and other young people organised Distributed Denial of Service (DDoS) attacks using free tools obtained from websites such as GitHub and Termux in a group named AnonSec on Telegram. Among the targets were important government agencies in the fields of finance, urban development, aviation, and defence. On hacked websites, they frequently displayed anti-national statements such as “India may have started it, but we will be the ones to finish it.” Open-Source Weapons: A Cybercrime How-To According to investigators, the group learned Python programming and carried out attacks using open-source software and YouTube tutorials. Ansari allegedly overloaded government servers with digital traffic using programs like PyDroid. According to the ATS, the group boasted about their crimes in internet chat rooms after learning how to use websites like checkhost.net to confirm the effectiveness of their attacks. Even though many of the attacks were simple, intelligence services were alarmed by their sheer number and timing, which coincided with Operation Sindoor. After detecting discussion on online forums about India’s military operations, the Gujarat ATS began surveillance and monitoring. Eventually, they concentrated on the Telegram channels where attack plans were publicly discussed. Radicalisation, Recruitment, and the Juvenile Web Investigators have been taken aback not only by the attacks’ boldness but also by the target demographic. Ansari, a science student in class twelve who failed recent tests, is among an increasing number of young people engaged in cyber subversion. At least one further 17-year-old kid is being investigated, according to ATS officials. The ATS is currently investigating whether these kids acted on their initiative or with the support of foreign operators. “There is a chance that hostile outside forces could have an impact. A top ATS official stated, “We are looking at digital footprints to find any deeper affiliations.” Cyberterrorism-related FIRs have been submitted following Sections 43 and 66F of the IT Act. The arrest of a teenager responsible for such coordinated cyberattacks raises alarming concerns about online radicalisation, national resilience, and the ease with which the young and enraged can weaponise digital India is confronted with a complex threat matrix that includes both digital and physical fronts in its conflict.

cyber security