

Apurva Venkat
Principal Correspondent
Apurva Venkat is principal correspondent for the India editions of CIO, CSO, and Computerworld. She has previously worked at ISMG, IDG India, Bangalore Mirror, and Business Standard, where she reported on developments in technology, businesses, startups, fintech, e-commerce, cybersecurity, civic news, and education.


LockBit apologizes for ransomware attack on hospital, offers decryptor
The LockBit ransomware-as-a-service operation said it is against its rules to attack medical institutions, but the ransomware gang's affiliates do not always adhere to this policy.

F5 expands security portfolio with App Infrastructure Protection
AIP goes one step further than API security and provides telemetry collection and intrusion detection for cloud-native workloads.

Lacework adds new capabilities to its CSPM solution
The new capabilities will allow organizations to create custom policies for AWS, Google Cloud, and Azure to secure their cloud infrastructure.

AWS launches new cybersecurity service Amazon Security Lake
The service automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account.

Ransomware attackers allegedly demand ransom from AIIMS: police deny report
The hospital has been running in manual mode for the past 7 days after being hit by a ransomware attack.

500 million WhatsApp mobile numbers up for sale on the dark web
The seller claims to have data of users from over 84 countries, including US, UK, India, Egypt, Mexico and Russia.

Cybercriminals are increasingly using info-stealing malware to target victims
In the first seven months of this year, threat actors stole over 50 million passwords, 2 billion cookie files, details of 103,150 bank cards, and data from 113,204 crypto wallets.

Ransomware attack forces top Indian medical institute into manual mode
Hospital management system at AIIMS is down for over 24 hours, affecting admission, discharge, billing, report generation etc.

Microsoft Azure launches DDoS IP protection for SMBs
DDoS IP Protection for SMBs is designed to provide enterprise-grade distributed denial of service protection at a price that's attractive to small and medium-size companies.

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency
State-sponsored threat actors have targeted 128 government organizations in 42 countries that support Ukraine, as ransomware and DDoS rank as top forms of cyberattacks, says the EU Agency for Cybersecurity (ENISA).

Espionage campaign loads VPN spyware on Android devices via social media
Attackers built a fake online community and used a malicious VPN app to steal credentials and other user data.

Engineering workstation attacks on industrial control systems double: Report
Some of the biggest challenges faced in securing industrial control systems involve integrating legacy and aging operational technology with modern IT systems.

Iran’s nuclear energy agency confirms email server hacked
Iranian hacking group Black Reward has claimed responsibility for a breach at the email server of the country's Bushehr nuclear power plant, in support of nationwide protests over the death of a young woman in police custody.

96% of companies report insufficient security for sensitive cloud data
Organizations are also having trouble tracking data in the cloud, which contributes to dark data.

Securing your organization against phishing can cost up to $85 per email
On average, organizations spend up to 60 minutes dealing with each phishing email identified in their email infrastructure, according to a new report by Osterman Research.

Malwarebytes pairs new MDR, EDR for overwhelmed cybersecurity teams
Malwarebytes MDR (managed detection and response) works by pairing EDR (end point detection and response) technology with a dedicated team of security analysts, providing both automated and human lines of defense.

Portnox adds IoT fingerprinting to network access control service
The IoT fingerprinting feature will allow companies to fully identify IoT devices that don't have the storage or processing capabilities to communicate complete identifying information such as model number, or even device type.

Endor Labs offers dependency management platform for open source software
Startup Endor Labs comes out of stealth with an end-to-end platform to help CSOs understand and catalogue everything developers are using from the internet.

New cryptojacking campaign exploits OneDrive vulnerability
While currently the campaign is only involved in cryptojacking, it exploits DLL sideloading, which can be used to deploy spyware or ransomware.