

Apurva Venkat
Principal Correspondent
Apurva Venkat is principal correspondent for the India editions of CIO, CSO, and Computerworld. She has previously worked at ISMG, IDG India, Bangalore Mirror, and Business Standard, where she reported on developments in technology, businesses, startups, fintech, e-commerce, cybersecurity, civic news, and education.

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition
The cyber insurer predicts that the 1,900 CVEs would include 270 high-severity and 155 critical-severity vulnerabilities. The predictions are based on data collected over the last ten years.

Misconfiguration and vulnerabilities biggest risks in cloud security: Report
About 87% of container images include a high or critical vulnerability, while 90% of granted permissions are not used, according to cybersecurity firm Sysdig.

Trulioo launches end-to-end identity platform
The new Trulioo platform will combine all existing Trulioo products into a single platform, allowing the ID verification firm to target global enterprise customers.

FBI takes down Hive ransomware group in an undercover operation
FBI covertly infiltrated the Hive network—which has targeted more than 1,500 victims in over 80 countries around the world—and thwarted over $130 million in ransom demands.

Chinese threat actor DragonSpark targets East Asian businesses
The group is seen using SparkRAT, a multi-platform remote access Trojan, to target firms in Hong Kong, Taiwan, China, and Singapore.

P-to-P fraud most concerning cyber threat in 2023: CSI
Peer-to-peer fraud and other digital fraud constituted more than 29% of bankers categorizing it as the most worrying cyber threat in 2023, according to CSI.

T-Mobile suffers 8th data breach in less than 5 years
Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed in the breach.

Chinese hackers targeted Iranian government entities for months: Report
The networks of four Iranian government organizations including Iran’s Ministry of Foreign Affairs, have likely been compromised.

CloudSek launches free security tool that helps users win bug bounty
The company claims the tool has already helped users rake in over $70,000 in bug bounties from various software companies.

Cybercriminals bypass Windows security with driver-vulnerability exploit
CrowdStrike says cybercrime gang Scattered Spider has exploited longtime Windows security issues to use bring-your-own-vulnerable-driver (BYOVD) techniques against its own and other endpoint tools.

India’s Digital Personal Data Protection Bill: What works, what it lacks
Experts say there is no clarity on what constitutes user consent and no compensation in case their data is misused.