WhatsApp appoints grievance officer for India

Consumer watchdog Which? has claimed that more than one billion Android phones and tablets are vulnerable to hackers as they no longer supported by security updates.

According to the research report, the most at-risk phones are any that run Android 4 or older and those smartphones running Android 7.0 which can not be updated are also at risk.

Based on data from Google analysed by Which?, two in five android device users around the world are no longer receiving the important updates. Currently, those devices are unlikely to have issues, but the lack of security leaves them open to attack.

"It is very concerning that expensive Android devices have such a short shelf life before they lose security support, leaving millions of users at risk of serious consequences if they fall victim to hackers," Kate Bevan editor Which? said in a statement.

"Google and phone manufacturers need to be upfront about security updates with clear information about how long they will last and what customers should do when they run out. The government must also push ahead with planned legislation to ensure manufacturers are far more transparent about security updates for smart devices and their impact on consumers," Kate added.

Android phone released around 2012 or earlier, including popular models like the Samsung Galaxy S3 and Sony Xperia S, are particularly at risk to hackers.

Which? has made suggestions to Android users on what to consider if they have an older phone that may be at risk.

Any Android device which is more than two years old, check whether it can be updated to a newer version of the operating system. If it is on an earlier version than Android 7.0 Nougat, try to update via Settings> System>Advanced System update.

In case a user is not able tto update the phone, the device could be at risk of being hacked if it is running a version of Android 4 or lower.

A user also need to be careful about downloading apps outside the Google Play store and should also install a mobile anti-virus via an app.

In a first, the Supreme Court on Friday allowed the service of summons and notices, a necessity in almost all legal proceedings, through instant messenger like WhatsApp as well as by e-mail and fax.

A bench headed by Chief Justice SA Bobde observed that it has been brought to the notice of the court that it is not feasible to visit post offices for service of notices, summons, and pleadings. The bench also comprising Justices AS Bopanna and R Subhash Reddy observed that notice and summons should be sent through e-mail on the same day along with instant message through WhatsApp and other phone messenger services.

The bench clarified that all methods should be deployed for a valid service on the party. "Two blue ticks would convey that the receiver has seen the notice," noted the bench.

The bench declined the request of the Attorney General for specifically naming WhatsApp as a mode of effectuating service. The top court noted that it would not be practical to specify only WhatsApp. The apex court also permitted RBI to extend the validity of cheques in the backdrop of lockdown to contain the coronavirus outbreak.

Senior advocate V Giri representing RBI informed the bench that he had circulated the note regarding validity of a cheque as directions issued on the previous hearing.

The bench noted that it will be in discretion of the RBI to issue orders which are suitable to alter the validity of the period of a cheque.

During an earlier hearing on the matter on July 7, the Attorney General contended before the top court that the Centre had some reservations in connection with the utilization of mobile applications like WhatsApp and other apps for service of summons. The Centre's top law officer informed the apex court that these apps claimed to be encrypted, and they were not trustworthy.

The RBI counsel had contended before the top court that it was considering clarifying the validity of a cheque which has been reduced to 3 months from 6 months.

Indian enterprises were flooded with a whopping 14.6 crore malware threats in 2019 - a growth of 48 per cent (year-on-year) compared to 2018, a new report said on Friday.

Manufacturing, BFSI (banking, financial services and insurance), education, healthcare, IT/ITES, and the government were the most at-risk industries in the country, said the report from Seqrite, the enterprise arm of Pune-based IT security firm Quick Heal Technologies.

Interestingly, almost a quarter (23 per cent) of the threats were identified through 'Signatureless behaviour-based' detection by Seqrite, indicating how a growing number of cybercriminals were deploying new or previously unknown threat vectors to compromise enterprise security.

"With the latest Seqrite annual threat report, we want to empower CIOs, CISOs, business leaders and all key public stakeholders with the insights they need to combat the growing complexity of the threat landscape," said Sanjay Katkar, Joint Managing Director and CTO, Quick Heal Technologies.

The most prominent trend was the drastic increase in the volume, intensity, and sophistication of cyber-attack campaigns targeting Indian enterprises in 2019.

The rapid integration of IoT devices, BYOD (bring your own device), and third-party APIs into enterprise networks has created newer security vulnerabilities that might go unnoticed until a major breach occurs.

Threat researchers at Seqrite observed several large-scale advanced persistent threats (APT) attacks deployed against organisations in the government sector.

"The entry of nation-states and organised cybercrime cells into the fray is expected to add more complication to this situation and will require Indian government bodies and corporate enterprises to shore up their cyber defence strategies in 2020 and beyond," the report noted.

More alarming, however, was the continued lack of security awareness amongst enterprises and government organisations.

"Unsecured Remote Desktop Protocol (RDP) and Server Message Block (SMB) protocols continued to be targeted through brute-force attacks," said the report.

Spear phishing attack campaigns leveraging Office exploits and infected macros were also used extensively by cybercriminals to gain access to enterprise networks and steal critical data.

"India's digital journey depends on ensuring robust cybersecurity for all stakeholders within the enterprise ecosystem," said Katkar.

The sharp spike should be a cause of concern for CIOs and CISOs in the country, especially given the growing digital penetration within their enterprise networks.

"With network vulnerabilities and potential entry points increasing at a rapid pace, threat actors are expected to leverage artificial intelligence (AI) capabilities to power their malware campaigns in the future to capitalise on newer attack vectors," the report added.