🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read More
CloudSEK XVigil detected a security breach impacting the Indian Rural Business Incubator. Additionally, CloudSEK noticed an advisory from CyberExpress by Cyble that incorrectly linked the data leak to the Reserve Bank of India, creating unnecessary panic.Â
Protect your sensitive information from unauthorized access and data breaches with CloudSEK XVigil Credential Breaches module, ensuring the security of your valuable data
Schedule a Demo‍
‍
‍
‍
‍
On February 18, 2024, CloudSEK's contextual AI digital risk platform, XVigil, detected a security breach impacting the Indian Rural Business Incubator. Additionally, CloudSEK noticed an advisory from CyberExpress by Cyble that incorrectly linked the data leak to the Reserve Bank of India, creating unnecessary panic.Â
The breach, orchestrated by an individual or group using the moniker "ZALCYBER," exploited a SQL injection vulnerability in the endpoint https://ukrbi.in/new2/admin/index.php, which led to unauthorized access to the Indian Rural Business Incubator (Indian RBI) database. This incident resulted in the unauthorized retrieval of sensitive information which includes over 2000 records of applicant data and 48 records detailing stages, applications and service descriptions within the Indian Rural Business Incubator (Indian RBI) admin file.
‍
‍
‍
Sources providing Human Intelligence (HUMINT) to researchers at CloudSEK have conveyed crucial information contradicting the initial assumptions about the leaked data. Contrary to the incorrect attribution of the victim, the compromised data does not originate from the Reserve Bank of India, but from the Indian Rural Business Incubator (Indian RBI) marking a significant misinformation element in the reporting of information. This revelation removes a layer of complexity to the investigation and emphasizes the need for accurate clarification in subsequent communications especially in respect of Critical infrastructure and industries.
‍
‍
‍
‍
‍
‍
Attribution:
‍
‍
The incident has been compounded by misinformation, as the compromised data was initially represented as being from the Reserve Bank of India (RBI). It is imperative to clarify that the leaked data actually originated from the Indian Rural Business Incubator (RBI), and not the Reserve Bank of India. This misinformation underscores the significance of accurate representation of information in cybersecurity incidents, emphasizing the need for precise communication to prevent the spread of false information and potential reputational damage. The correction of this misinformation is essential in providing stakeholders and the public with an accurate understanding of the nature and scope of the security breach especially in respect of Critical infrastructure and industries.Â
‍
‍
‍
‍
‍
Apple warns of state-sponsored mercenary spyware attacks targeting iPhones in 92 countries. The tech giant links the sophisticated, costly attacks to private spyware firms like NSO Group's Pegasus, often working for governments.
This detailed report which delves into a case study on a security incident unveiled with CloudSEK’s Digital Supply Chain Security platform SVigil on an Life Insurance Mobile Application for a prominent bank.Â
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.
5
min read
CloudSEK XVigil detected a security breach impacting the Indian Rural Business Incubator. Additionally, CloudSEK noticed an advisory from CyberExpress by Cyble that incorrectly linked the data leak to the Reserve Bank of India, creating unnecessary panic.Â
‍
‍
‍
‍
‍
On February 18, 2024, CloudSEK's contextual AI digital risk platform, XVigil, detected a security breach impacting the Indian Rural Business Incubator. Additionally, CloudSEK noticed an advisory from CyberExpress by Cyble that incorrectly linked the data leak to the Reserve Bank of India, creating unnecessary panic.Â
The breach, orchestrated by an individual or group using the moniker "ZALCYBER," exploited a SQL injection vulnerability in the endpoint https://ukrbi.in/new2/admin/index.php, which led to unauthorized access to the Indian Rural Business Incubator (Indian RBI) database. This incident resulted in the unauthorized retrieval of sensitive information which includes over 2000 records of applicant data and 48 records detailing stages, applications and service descriptions within the Indian Rural Business Incubator (Indian RBI) admin file.
‍
‍
‍
Sources providing Human Intelligence (HUMINT) to researchers at CloudSEK have conveyed crucial information contradicting the initial assumptions about the leaked data. Contrary to the incorrect attribution of the victim, the compromised data does not originate from the Reserve Bank of India, but from the Indian Rural Business Incubator (Indian RBI) marking a significant misinformation element in the reporting of information. This revelation removes a layer of complexity to the investigation and emphasizes the need for accurate clarification in subsequent communications especially in respect of Critical infrastructure and industries.
‍
‍
‍
‍
‍
‍
Attribution:
‍
‍
The incident has been compounded by misinformation, as the compromised data was initially represented as being from the Reserve Bank of India (RBI). It is imperative to clarify that the leaked data actually originated from the Indian Rural Business Incubator (RBI), and not the Reserve Bank of India. This misinformation underscores the significance of accurate representation of information in cybersecurity incidents, emphasizing the need for precise communication to prevent the spread of false information and potential reputational damage. The correction of this misinformation is essential in providing stakeholders and the public with an accurate understanding of the nature and scope of the security breach especially in respect of Critical infrastructure and industries.Â
‍
‍
‍
‍
‍