Security BSides Bangalore

📌 New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities Researchers have uncovered a new variant of the EAGERBEE malware framework, targeting ISPs and governmental entities in the Middle East. This updated version features advanced backdoor capabilities, including the ability to deploy additional payloads, manipulate file systems, and execute command shells. The malware's modular, plugin-based architecture enhances its stealth and flexibility, making it a significant threat to critical infrastructure. Read More: https://lnkd.in/gCeBReKt #CyberSecurity #EAGERBEE #Malware #Backdoor #CyberEspionage #ISPs #GovernmentTargets #AdvancedThreats #TCC #CyberThreats #SecurityResearch #MacOS #iOS #Infosec

🌐 Cybersecurity Alert: Hacker Charged for $3.2M Bitcoin Extortion A Brazilian hacker breached a network, stealing data from 300,000 accounts, and demanded 300 Bitcoin ($3.2M) in ransom. The U.S. Department of Justice has charged the individual with extortion and threatening communications, carrying up to 5 years per count. Read More: https://lnkd.in/gz9A5CZk #Cybersecurity #DataBreach #Ransomware #InfoSec

🎆 🎇 Happy New Year 2025! 🌟 ✨ 💫 As the calendar turns to a brand new year, we wish you a season filled with hope, joy, health, prosperity, peace and endless opportunities. May 2025 bring you success in all your endeavors, cherished moments with loved ones, and the strength to achieve your dreams. To our community members, sponsors, and supporters—thank you for being a part of our journey. We look forward to continuing this amazing adventure with you in 2025 and beyond. 🎯 Here’s to a year of learning, sharing, and exponential growth. Together, we can accomplish incredible things! #bsidesbangalore #cybersecurity #community #newyear #2025 #greetings Team: Sujatha Yakasiri, Ashok Kumar Ratnagiri CISM, Tulika Pandey, Vishal Salvi, John Lambert, Praveen Singh, Dr. Ram Kumar G, Ph.D, CISM, PMP, Visagan Subburayalu, Navaneethan M, Harshit Mahajan, Ahmad Zia, Rushabh Pinesh Mehta,PGP-ITBM,CGRC,CISA(Q),CISM(Q) CRISC (Q), CTPRP, CDPSE, CCSK, CC, DCDPO, CDPO/IN | Sapna Singh | Siddhi Golvilkar | Rohit Shivarkar CISSP | Kirthi Kalikar | Sandeep Singh, CISSP, CCSP | Aditya P Raghu Vamsi | Naresh kumar |Pragya Johari, CISSP (Q), CISM (Q) | Ankit Sharma | Divya K 🇮🇳 | Ranjinni Joshe ✨️ | Kannammal G | K Sai Sree Akshaya Gurudatta | Sarthak Goyal | Mohammad A. | Srishti Shukla Tiwari | Dr. Shifa Cyclewala | Bhavesh Naik | Gokul

🚀 As 2024 Sets: A Moment to Reflect on Our Journey Together As the year 2024 draws to a close, it’s time to pause and reflect on the incredible journey we’ve shared as a community at Security BSides Bangalore. Together, we’ve grown stronger, embraced challenges, and celebrated successes that define who we are today. This year has been a testament to what we can achieve when we come together with purpose, determination, and a shared vision. Our Achievements: A Collective Effort. Checkout the press release and other stats from attached 2024 report. Press Release 2024: The Times Of India: https://lnkd.in/dHN4Srhy The Mainstream formerly known as CIO News : https://lnkd.in/dZmThJ6P NewsFirstKannada: https://lnkd.in/dp8MKMGc NewsFirstKannada:https://lnkd.in/dfqFEmDg NewsFirstKannada:https://lnkd.in/dSgvX8w4 NewsFirstKannada:https://lnkd.in/dPJuDKMM NewsFirstKannada: https://lnkd.in/dxp7FuCD ✨We extend our heartfelt thanks to our esteemed sponsors who have been an integral part of our success. Your unwavering support and generosity have made it possible for the Security BSides Bangalore Community to thrive. Google, Target, Tesco, Amazon, Check Point Software, CloudSEK, Synopsys Inc,AppSentinels, @Cyberpwn Acalvio Technologies, CheckRed, MetaCTF, CyberTalents| media partners The Mainstream formerly known as CIO News, NewsFirstKannada, Executive Women's Forum on Information Security, Risk Management & Privacy| Knowledge Partner Hacktify Cyber Security ✨ Also, kudos to our advisory board members, cfp review board members, awards jury, speakers, trainers, community core-team and amazing volunteer team . Each of you played a vital role in making this year a resounding success. ✨To our incredible community members—thank you for traveling with us on this journey, for showing up, engaging, and contributing. Your enthusiasm and commitment remind us why this community exists—to foster knowledge, connection, and collective growth. Looking Ahead: 2025 and Beyond ✨As we bid farewell to 2024, we carry forward the lessons learned, the relationships built, and the dreams ignited. The coming year holds new opportunities, and we are excited to continue this journey, knowing that together, there’s no limit to what we can achieve.✨ Leadership Team: Sujatha Yakasiri, Ashok Kumar Ratnagiri CISM, Tulika Pandey, Vishal Salvi, John Lambert, Praveen Singh, Dr. Ram Kumar G, Ph.D, CISM, PMP, Visagan Subburayalu, Navaneethan M, Harshit Mahajan #cybersecurity #community #reflect #2024 #learn #connect #grow #global #bsidesbangalore #w3cs #thoughtleaders

📌 US Government Targets Healthcare Data Breaches with New Cybersecurity Proposals The Biden administration has introduced new proposals aimed at strengthening cybersecurity in the healthcare sector to combat the rising threat of data breaches. These measures include mandatory encryption and enhanced compliance checks to secure sensitive patient information from hacking and ransomware attacks. The updated rules are expected to cost billions but are seen as essential to safeguard Americans' private health data. Read More: https://lnkd.in/gwTcyDhT #Cybersecurity #HealthcareSecurity #DataBreach #HIPAA #BidenAdministration #HealthTech #PatientPrivacy #Ransomware #CyberDefense #HealthcareCompliance #Encryption #CyberProtection #TechPolicy #DigitalHealth #DataPrivacy

We extend our heartfelt gratitude to Visagan Subburayalu,Target and Vinayak Godse for giving us the wonderful opportunity to be part of the #AISS2024. It was an honor to collaborate as community partners with the Data Security Council of India for the #AISS2024. Delivering a live hacking workshop, "Master Class on IoT & Embedded Security Deep Dive," to a room full of enthusiastic participants was an absolute pleasure! The energy, curiosity, and engagement during the session were truly inspiring. Kudos to Arun Mane for supporting the communities wholeheartedly. It was also a delight to meet and engage with industry thought leaders such as Visagan Subburayalu, Vinayak Godse, Vishal Salvi, Sanjay Katkar, Dharshan Shanthamurthy, Suvabrata Sinha, Ramakant Mohapatra, Abhilash Varghese, Nitin Bhatnagar, Venkatesh Murthy. K. #aiss2024 #dsci #w3cs #bsidesbangalore #cybersecurity #community #conference #thoughtleaders

⚠️ Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization ‼️ A critical vulnerability (CVE-2024-52046) in Apache MINA allows remote code execution via unsafe serialization. It affects versions 2.0.X, 2.1.X, and 2.2.X and requires upgrading and explicitly configuring allowed classes for ObjectSerializationDecoder. Read more at: https://lnkd.in/gj7sURUy #CyberSecurity #ApacheMINA #RCE

🚨 Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts ‼️ A Brazilian hacker breached company’s network stealing data from 300,000 accounts. Demanded 300 Bitcoin ($3.2M) in ransom to avoid selling the information. The U.S. Department of Justice has charged the hacker with extortion and threatening communications, carrying potential sentences of up to 5 years per count. Read more at: https://lnkd.in/gnuw58JN #Cybersecurity #Bitcoin #DataBreach #CyberCrime #Ransom

As the year winds down, I can’t help but reflect on an unforgettable journey I took to Bangalore this past September. (Yes, this post is fashionably late, but as they say, better late than never!) The adventure began with a vibrant energy, quite literally, as I stepped off the plane and into Bangalore’s dynamic pulse. Joining me on this journey was Pranav Pal from the PureID team, and our first stop set the tone perfectly—the ColorTokens Inc. office. For someone like me, accustomed to working from the cozy corners of home, entering their buzzing workplace was an experience in itself. The air was alive with collaboration, the kind that sparks ideas and fuels creativity. Conversations flowed effortlessly, offering a glimpse into their innovative world. It was a refreshing change, and I soaked in every moment. Then came the real highlight of our trip: Security BSides Bangalore, themed "Harnessing AI for Next-Gen Cyber Defence." Partnered with World Wide Women in Cyber Security (w3-cs) and backed by Palo Alto Networks, the event promised to deliver—and it did, in every way possible. The day kicked off with warm welcome notes from Ashok Kumar Ratnagiri CISM and Sapna Singh (W3-CS), setting a professional yet enthusiastic tone. The keynote on “Harnessing AI for Next-Gen Cyber Defence” provided the perfect entry point into the day’s discussions. What followed were back-to-back sessions that left me buzzing with ideas: Panel Discussion: "AI Privacy and Security Safeguards – A Strategic Approach" featuring Bhavya Janardhan, Sumitra Biswal and Roopashree R "Low Hanging Opportunities for AI Adoption in Cybersecurity" by Swaminathan Natarajan, Dr. Venugopal Gandham, and Malini Rao CISSP CCISO, GCIO, CISM, CCSK, AWS 2x, DPO. Each session was a masterclass in its own right. But the one that completely captivated me? Ankit Sharma’s talk on "Unmasking Invisible Threats in AI: The Rise of Prompt Injection Attacks." Prompt engineering is a fascinating field, and learning about it through the lens of cybersecurity opened up a whole new dimension of possibilities—and challenges. Some lessons, however, are best kept off social media. 😉 There were so many other incredible speakers, panels, and discussions throughout the day that I couldn’t possibly list them all. Each one offered valuable insights, and the event left me inspired and motivated. A Heartfelt Thank You A big shoutout to PureID for making this trip possible. From exploring the incredible ColorTokens Inc. office to immersing myself in the Security BSides Bangalore BSides community, and finally, savoring the charm of Bangalore—a city where innovation meets timeless culture—this journey was nothing short of extraordinary. Until next time, Bangalore! 🌟

⚠️ Critical SQL Injection Vulnerability in Apache Traffic Control (CVE-2024-45387) Rated 9.9 CVSS — Patch Now ‼️ A critical SQL injection vulnerability has been identified in Apache Traffic Control <= 8.0.1. Exploited by a privileged user, which allows arbitrary SQL commands in the database. It has been patched in version Apache Traffic Control 8.0.2. Action Required! Read more at: https://lnkd.in/gq_RWtcv #Cybersecurity #Apache #Vulnerability #PatchNow