Credit Suisse, a global investment bank and financial services firm, has reportedly fallen victim to a cyberattack. The Credit Suisse data breach was allegedly masterminded by a threat actor (TA), operating under the alias “888,” on the data hack site BreachForums. The TA claims to have accessed highly sensitive data of the bank and posted it on the dark web marketplace. According to the the threat actor, the data breach contains personal information of about 19,000 of the bank’s Indian employees.

Credit Suisse Data Breach Details

Credit Suisse was founded in 1856 and has approximately $15.21 Billion in revenue. It is one of the leading institutions in private banking and asset management, with strong expertise in investment banking. On June 25, 2024, the threat actor claimed to have carried out a cyberattack on the bank and exfiltrated details on 19,000 of its users. [caption id="attachment_79024" align="alignnone" width="1622"] Source: X[/caption] The breached data purportedly includes names of employees, 6,623 unique email addresses, their codes, date of birth, gender, policy name, relationships, dates of joining, effective dates, statuses, and entities. To substantiate the claim, the threat actor 888 provided a sample of the data breach, which contains details of Credit Suisse employees in India. [caption id="attachment_79025" align="alignnone" width="1362"] Source: X[/caption] The TA, however, did not provide a specific price for the sale of data and has requested potential buyers to quote a figure. The hacker commented that they are only accepting cryptocurrency as the mode of payment. More specifically, the hacker was open to payment on Monero (XMR), a digital currency renowned for its privacy and anonymity attributes. This method of payment is often utilized in illegal transactions to evade detection. Despite these claims by the threat actor, a closer inspection reveals that the bank’s website is currently functioning normally, showing no signs of a security breach. The Cyber Express has reached out to the bank to verify the alleged cyberattack. As of now, no official statements or responses have been received, leaving the claims unverified.

Not the First Credit Suisse Data Breach

This is not the first time that Credit Suisse has been involved in a security breach. According to a report published in The Economic Times, in 2023, the bank warned its staff that a former employee stole personal data of its employees, including salaries and bonuses. The information included salary and "variable compensation" for a period between 2013 and 2015. Another Bloomberg report said that a data breach in 2023 impacted numerous former Credit Suisse clients who collectively held a staggering $100 billion in accounts.

Credit Suisse Hacker Targeted Big Multinationals Recently

There are many concerns over the potential misuse of sensitive information found in the data breach, which includes customer names, dates of birth, and relationships. Credit Suisse should investigate the data breach claims considering the history of the threat actor. Earlier this month, the TA 888 claimed to have stolen data of over 32,000 current and former employees of Accenture. The company, however, denied the claims and said that the data set published by the hacker had only three employee names and email addresses. The hacker also claimed responsibility for leaking details about 8,174 employees of Heineken across several countries. Prior to this, 888 also staked claims for an attack on oil and gas multinational Shell.  The TA posted sample information sharing personal details of Australian customers. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.  

Armchair travel India's ecology and climate change with Sam Matey in a wonderful heavily photographed ten-part travel report that deep dives into India's wildlife, people working in the field and efforts to ameliorate the challenges. The last piece, the hottest day in Delhi's History is an excellent introduction to Matey's framing of the environmental catastrophes we face - recognizing the scale, finding the stories and most of all, pointing out the helpers.

Cybersecurity researchers are tracking a novel Linux malware campaign that makes use of Discord emojis for command and control (C2) communication with attackers. The campaign’s unusual combination of Linux malware and phishing lures suggests an attack aimed at Linux desktop users, the researchers from Volexity said. “Volexity assesses it is highly likely this campaign, and the malware used, is targeted specifically towards government entities in India, who use a custom Linux distribution named BOSS as their daily desktop,” they wrote.

Threat Actor ‘UTA0137’ Linked to Campaign

Volexity researchers connected the campaign to a Pakistan-based threat actor they call UTA0137. The researchers said they have “high confidence that UTA0137 has espionage-related objectives and a remit to target government entities in India. Based on Volexity’s analysis, UTA0137’s campaigns appear to have been successful.” The researchers say they have “moderate confidence” that UTA0137 is a Pakistan-based threat actor because of the group’s targets and a few other reasons:

• The Pakistani time zone was hardcoded in one malware sample.
• There are weak infrastructure links to SideCopy, a known Pakistan-based threat actor.
• The Punjabi language was used in the malware.

The malware used by the threat group uses a modified version of the discord-c2 GitHub project for its Discord command and control (C2) communication. The malware, dubbed DISGOMOJI by the researchers, is written in Golang and compiled for Linux systems. The threat actors also use the DirtyPipe (CVE-2022-0847) privilege escalation exploit against “BOSS 9” systems, which remain vulnerable to the exploit.

Attack Starts With DSOP PDF

The malware is delivered via a DSOP.pdf lure, which claims to be a beneficiary document of India’s Defence Service Officer Provident Fund (screenshot below). [caption id="attachment_77503" align="alignnone" width="750"] The DSOP lure that downloads the malware[/caption] The malware then downloads the next-stage payload, named vmcoreinfo, from a remote server, clawsindia[.]in. The payload is an instance of the DISGOMOJI malware and is dropped in a hidden folder named .x86_64-linux-gnu in the user’s home directory. DISGOMOJI, a UPX-packed ELF written in Golang, uses Discord for C2. “An authentication token and server ID are hardcoded inside the ELF, which are used to access the Discord server,”  they wrote. “The malware creates a dedicated channel for itself in the Discord server, meaning each channel in the server represents an individual victim. The attacker can then interact with every victim individually using these channels.” On startup, DISGOMOJI sends a check-in message in the channel that contains information like the internal IP, the user name, host name, OS and current working directory. The malware can survive reboots through the addition of a @reboot entry to the crontab, and it also downloads a script named uevent_seqnum.sh to copy files from any attached USB devices.

Discord Emojis Used for C2 Communication

C2 communication uses an emoji-based protocol, “where the attacker sends commands to the malware by sending emojis to the command channel, with additional parameters following the emoji where applicable.” A Clock emoji in the command message lets the attacker know a command is being processed, while a Check Mark emoji confirms that the command was executed. The researchers summarized the emoji commands in a table: [caption id="attachment_77505" align="alignnone" width="750"] The Discord emojis used to communicate with attackers (source: Volexity)[/caption] Post-exploitation activities include use of the Zenity utility to display malicious dialog boxes to socially engineer users into giving up their passwords. Open source tools such as Nmap, Chisel and Ligolo are also used, and the DirtyPipe exploit suggests increasing sophistication of the atacker's methods, the researchers said. Indicators of compromise (IoCs) can be downloaded from the Volexity GitHub page:

• YARA rules
• Single value indicators

By Mohan Subrahmanya, Country Leader, Insight Enterprises In an era consistently besieged by data breaches and increased cyber threats, blockchain technology is emerging as a key tool for the enhancement of cybersecurity and the protection of data. It is a decentralized and secure way of recording critical data that brings forth innumerable benefits to many sectors through a sound framework for secure transactions and integrity of data.

Understanding Blockchain Technology

At its core, blockchain is a decentralized ledger that records transactions across a network of computers, ensuring that data remains transparent, secure, and immutable. Each block in the blockchain contains a timestamp, transaction data, and a cryptographic hash of the previous block, creating a chain of records that is nearly impossible to alter. The exponential growth of blockchain technology is fueled by the need to simplify business processes, increase transparency, improve traceability, and cut costs. According to ReportLinker, the global blockchain market is expected to increase by 80% between 2018 and 2023, from $1.2 billion to $23.3 billion.

Key Components of Blockchain That Ensure Data Security

Blockchain technology enhances data security by ensuring that data recorded once remains unalterable and undeletable without network consensus, thus maintaining integrity. One of the key features of blockchain technology is decentralization. Unlike traditional centralized databases, blockchain operates on a distributed network. This structure reduces the risk of a single point of failure and makes it much more difficult for malicious entities to compromise the entire system. By distributing data across multiple nodes, blockchain eliminates vulnerabilities associated with centralized servers, thereby enhancing overall security. Another feature is the Cryptographic hash function which plays a crucial role in blockchain security. These mathematical algorithms generate a unique identifier for each block, making it virtually impossible to alter any recorded data without detection. All the altered information on the blockchain is visible and immutable, which not only ensures data integrity but also provides a reliable mechanism to detect and prevent fraudulent activities. Blockchain also employs consensus mechanisms such as Proof of Work (PoW) and Proof of Stake (PoS) to validate transactions and ensure network consistency. By allowing only authentic transactions to be added to the blockchain, these mechanisms prevent double payments and other fraudulent practices. Digital signatures, which use a private key to sign transactions, further enhance this level of security. This ensures that only authorized individuals can initiate or modify data entries, while anyone with the public key can verify the authenticity of the transaction.

Applications Across Sectors

The use of blockchain technology could have a significant impact on cybersecurity across various sectors. Many organizations are recognizing the significant business benefits of blockchain technology and are increasingly adopting it across various sectors. Blockchain has a lot to offer, from manufacturing and healthcare to supply chains and beyond. Financial services, for instance, can benefit from blockchain's ability to secure transactions, reduce fraud, and improve transparency. The healthcare sector can utilize blockchain to secure storage and share patient information between authorized personnel, ensuring confidentiality and accuracy. In the manufacturing industry, blockchain is primarily used for the movement and management of digital assets and physical goods, enhancing transparency and traceability. In order to ensure a transparent and immutable record of the origin of products, supply chain management can use blockchain technology to prevent counterfeiting and ensure authenticity. Government services can also use blockchain to increase the security and efficiency of public records, voting systems as well as identity management.

Key Challenges and Considerations

There are certain challenges to the use of blockchain technology, despite its many benefits. Scalability is an important concern, as the number of transactions increases, the blockchain may become slow and costly to maintain. Furthermore, significant computational power is required for consensus mechanisms such as POW which could result in considerable energy consumption. Regulatory uncertainty is another issue, as the evolving legal landscape can obscure the widespread adoption of blockchain technology. Addressing these challenges is crucial for the continued growth and adoption of blockchain technology. Global efforts are being made to create scalable blockchain systems and more effective consensus methods. Additionally, regulatory frameworks are also evolving to offer more precise guidelines to implement blockchain technology.

Growth of Blockchain Technology in India

India is seeing a strong increase in the adoption of blockchain technology in many sectors. This growth is driven by government-backed projects and initiatives, such as the National Blockchain Framework, to improve transparency, security, and efficiency. The technology's potential to enhance data integrity and operational efficiency aligns well with India's digital transformation goals, making blockchain a key component in the nation's technological advancement. The use of blockchain technology has been much more of a game-changer in terms of data security and is supporting cybersecurity. It provides robust security against all cyber threats since it is decentralized, immutable, and fully transparent. Overcoming the challenges of scaling and regulatory uncertainty would enable blockchain's distributed ledger technology to emerge as the key player in secure digital infrastructures that drive innovation across all sectors. The more organizations study its potential applications, the more blockchain will change the face of data security and cybersecurity. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

GQ: "It's happening very fast," said Saurabh Netravalkar, the Team USA cricket player with the world-famous LinkedIn profile ... Several fans in attendance held up signs calling Kohli a god; one held up a sign asking Netravalkar for a job reference. Guardian: As it happened: USA beat Pakistan. The Athletic: So, for a son of Mumbai to inflict such a humiliating defeat on the old enemy was a case of Netravalkar - in the words of his younger sister Nidhi on social media - "making two countries happy". Times of India: Balancing his dual roles as a cricketer and a software engineer at Oracle, Netravalkar manages his demanding career alongside his sports commitments. Interviewed in cricbuzz: "I filed for a patent. It was an innovation algorithm that we had."

Cricinfo: After the Pakistan win, a screen grab of his Slack out-of-office message was all over social media. It said he would be away from work until June 17, when the group phase of the World Cup ends. Netravalkar is not thinking ahead to whether he might have to extend his leave of absence in case USA make it to the Super 8s... ...update on that: As of an hour ago, the USA have enough points so they can't be caught by Ireland, Canada or Pakistan in their group. This means the USA qualify, along with India, into the final group stage of the current World Cup: this also gives the USA automatic qualification for the same World Cup tournament in 2026, two years before cricket returns to the Olympics in Los Angeles. Saurabh is going to need to ask for an extension to WFWCM (Work From World Cup Matches).

Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.

The post Pakistani Threat Actors Caught Targeting Indian Gov Entities appeared first on SecurityWeek.

As India concluded the world’s largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies—and what lessons that holds for the rest of the world.

The campaigns made extensive use of AI, including deepfake impersonations of candidates, celebrities and dead politicians. By some estimates, millions of Indian voters viewed deepfakes.

But, despite fears of widespread disinformation, for the most part the campaigns, candidates and activists used AI constructively in the election. They used AI for typical political activities, including mudslinging, but primarily to better connect with voters.

Deepfakes without the deception

Political parties in India spent an estimated US$50 million on authorized AI-generated content for targeted communication with their constituencies this election cycle. And it was largely successful.

Indian political strategists have long recognized the influence of personality and emotion on their constituents, and they started using AI to bolster their messaging. Young and upcoming AI companies like The Indian Deepfaker, which started out serving the entertainment industry, quickly responded to this growing demand for AI-generated campaign material.

In January, Muthuvel Karunanidhi, former chief minister of the southern state of Tamil Nadu for two decades, appeared via video at his party’s youth wing conference. He wore his signature yellow scarf, white shirt, dark glasses and had his familiar stance—head slightly bent sideways. But Karunanidhi died in 2018. His party authorized the deepfake.

In February, the All-India Anna Dravidian Progressive Federation party’s official X account posted an audio clip of Jayaram Jayalalithaa, the iconic superstar of Tamil politics colloquially called “Amma” or “Mother.” Jayalalithaa died in 2016.

Meanwhile, voters received calls from their local representatives to discuss local issues—except the leader on the other end of the phone was an AI impersonation. Bhartiya Janta Party (BJP) workers like Shakti Singh Rathore have been frequenting AI startups to send personalized videos to specific voters about the government benefits they received and asking for their vote over WhatsApp.

Multilingual boost

Deepfakes were not the only manifestation of AI in the Indian elections. Long before the election began, Indian Prime Minister Narendra Modi addressed a tightly packed crowd celebrating links between the state of Tamil Nadu in the south of India and the city of Varanasi in the northern state of Uttar Pradesh. Instructing his audience to put on earphones, Modi proudly announced the launch of his “new AI technology” as his Hindi speech was translated to Tamil in real time.

In a country with 22 official languages and almost 780 unofficial recorded languages, the BJP adopted AI tools to make Modi’s personality accessible to voters in regions where Hindi is not easily understood. Since 2022, Modi and his BJP have been using the AI-powered tool Bhashini, embedded in the NaMo mobile app, to translate Modi’s speeches with voiceovers in Telugu, Tamil, Malayalam, Kannada, Odia, Bengali, Marathi and Punjabi.

As part of their demos, some AI companies circulated their own viral versions of Modi’s famous monthly radio show “Mann Ki Baat,” which loosely translates to “From the Heart,” which they voice cloned to regional languages.

Adversarial uses

Indian political parties doubled down on online trolling, using AI to augment their ongoing meme wars. Early in the election season, the Indian National Congress released a short clip to its 6 million followers on Instagram, taking the title track from a new Hindi music album named “Chor” (thief). The video grafted Modi’s digital likeness onto the lead singer and cloned his voice with reworked lyrics critiquing his close ties to Indian business tycoons.

The BJP retaliated with its own video, on its 7-million-follower Instagram account, featuring a supercut of Modi campaigning on the streets, mixed with clips of his supporters but set to unique music. It was an old patriotic Hindi song sung by famous singer Mahendra Kapoor, who passed away in 2008 but was resurrected with AI voice cloning.

Modi himself quote-tweeted an AI-created video of him dancing—a common meme that alters footage of rapper Lil Yachty on stage—commenting “such creativity in peak poll season is truly a delight.”

In some cases, the violent rhetoric in Modi’s campaign that put Muslims at risk and incited violence was conveyed using generative AI tools, but the harm can be traced back to the hateful rhetoric itself and not necessarily the AI tools used to spread it.

The Indian experience

India is an early adopter, and the country’s experiments with AI serve as an illustration of what the rest of the world can expect in future elections. The technology’s ability to produce nonconsensual deepfakes of anyone can make it harder to tell truth from fiction, but its consensual uses are likely to make democracy more accessible.

The Indian election’s embrace of AI that began with entertainment, political meme wars, emotional appeals to people, resurrected politicians and persuasion through personalized phone calls to voters has opened a pathway for the role of AI in participatory democracy.

The surprise outcome of the election, with the BJP’s failure to win its predicted parliamentary majority, and India’s return to a deeply competitive political system especially highlights the possibility for AI to have a positive role in deliberative democracy and representative governance.

Lessons for the world’s democracies

It’s a goal of any political party or candidate in a democracy to have more targeted touch points with their constituents. The Indian elections have shown a unique attempt at using AI for more individualized communication across linguistically and ethnically diverse constituencies, and making their messages more accessible, especially to rural, low-income populations.

AI and the future of participatory democracy could make constituent communication not just personalized but also a dialogue, so voters can share their demands and experiences directly with their representatives—at speed and scale.

India can be an example of taking its recent fluency in AI-assisted party-to-people communications and moving it beyond politics. The government is already using these platforms to provide government services to citizens in their native languages.

If used safely and ethically, this technology could be an opportunity for a new era in representative governance, especially for the needs and experiences of people in rural areas to reach Parliament.

This essay was written with Vandinika Shukla and previously appeared in The Conversation.

The Votes are in, and Narendra Modi has won a third term as Prime Minister of India. However, in a surprising upset, his Bharatiya Janata Party (BJP) failed to win a majority, much less the supermajority Modi had predicted.

People are still trying to figure out why the upset, but reasons include: while India's economy has grown over the last 10 years, so has social inequality and unemployment, the opposition Indian National Developmental Inclusive Alliance, which looked painfully fractured earlier this year, pulled itself together,, dissatisfaction among younger voters, concerns over freedom of the press, religious freedoms, and human rights in general. An explainer on the logistics of an election for just shy of a billion potential voters. Podcast: Looking for Modi -- An overview of Modi's career from an Australian journalit whose visa renewal was denield by the Modie government. (5 episodes) (via user d-no in a previous thread) Podcast: Modi's India -- asegment of the larger CBC podcast Understood, this CBC production digs deeper into the murder of Hardeep Singh Nijjar in Canada. (4 episodes) If you are a The Economist subscriber, they have a podcast, too. Podcast: Behind the Bastards did 2 episodes on Modi Part 1 Part 2 Previously -- Amit Shah, Modi's right hand man Previously -- Assassination of Hardeep Singh Nijjar Previously -- Modi in 2021 Previously -- Election 2019 There are quite a few more, if you search for them

Farmers have repeatedly protested over grievances tied to global warming, a major political and economic test given the importance of India’s rural economy.

© Arun Sankar/Agence France-Presse — Getty Images

Ahead of the election in India, the Guardian’s video team travelled through the country to explore how fake news and censorship might shape the outcome.

Almost one billion people are registered to vote. The country's prime minister, Narendra Modi, has been in power for more than 10 years, and his Hindu nationalist Bharatiya Janata party (BJP) is seeking a third term.

But critics of Modi and the BJP say his government has become increasingly authoritarian, fracturing the country along religious lines and threatening India’s secular democracy. At the same time, the space for freedom of speech has been shrinking while disinformation and hate speech has exploded on social media.

Continue reading...

💾

© Photograph: the Guardian

💾

© Photograph: the Guardian

Mr. Musk has built a constellation of like-minded heads of state — including Argentina’s Javier Milei and India’s Narendra Modi — to push his own politics and expand his business empire.

© Cristiana Couceiro

Meta has threatened to pull WhatsApp out of India if the courts try to force it to break its end-to-end encryption.