Latest news with #IndianComputerEmergencyResponseTeam
Hindustan Times
5 days ago
- Business
- Hindustan Times
Cert-In issues advisory after data breach of 16 billion credentials, asks people to change passwords
NEW DELHI: Indian Computer Emergency Response Team (Cert-In) has issued a fresh advisory asking people to follow good cybersecurity hygiene following reports of a massive data breach involving 16 billion online credentials. FILE - The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from multiple platforms. (AP) The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from platforms such as Apple, Google, Facebook, Telegram, GitHub, and several VPN services. 'This appears to be a consolidated dataset, and some of the credentials may be outdated or already changed. However, we're issuing the advisory to urge people to follow good cybersecurity hygiene,' a senior official at Cert-In, the country's nodal agency for cybersecurity incident response, said. The advisory was first released on Monday. The agency has urged individuals to update their passwords immediately, enable multi-factor authentication (MFA), and switch to passkeys wherever possible. The advisory also recommends running antivirus scans and keeping systems up to date to protect against malware. The cybersecurity agency advised organisations to enforce MFA, limit user access, and use intrusion detection systems (IDS) and Security Information and Event Management (SIEM) tools to detect suspicious activity. It also recommended that companies check that their database aren't publicly exposed and ensure that sensitive data is encrypted. The massive dataset, which is believed to be available on the dark web, has been reportedly compiled from 30 different sources, mostly through infostealer malware. The dataset could enable attackers to carry out phishing, account takeovers, ransomware attacks, and business email compromises, said the Cert-In advisory. 'This is a systemic red flag,' said Gaurav Sahay, cybersecurity expert and founding partner at Arthashastra Legal. 'The breach is decentralised, harder to detect, and much more difficult to fix. We're likely to see a wave of account takeovers, especially on cloud/email services, banking or fintech apps, developer platforms, and government portals.' Sahay added that password reuse remains rampant, and the lack of MFA on many accounts makes even older credentials dangerous. 'This is a watershed moment in cybersecurity, a reminder that the human element remains the weakest link in digital security.'
News18
6 days ago
- News18
Indian Govt Alerts Users About Windows 10 End Of Support In October 2025: What You Should Know
Windows 10 system updates officially end in October and now the Indian government has issued an advisory asking people to act before the deadline. Windows 10 support is officially ending in October this year, which means it is time to look beyond your existing Windows systems if the new 11 version is not compatible. The Indian government is notifying its users in the country about this big change this year and shares a note of advice to the affected Windows users. There has been a lot of talk around the end of Windows 10 operating system which is still a core part of services and most businesses rely on the platform for their functioning. The Indian Computer Emergency Response Team (CERT-In) issued the advisory on June 21 giving ample time for people to decide their next move to prevent losing their personal and important data. 'Users of Windows 10 are recommended upgrading to Windows 11 to continue receiving critical security updates. Individual consumers and organizations who need more time to transition to Windows 11 have the option of enrolling in the paid Extended Security," the CERT-In advisory clearly highlights the situation and who is going to be affected by the big change from Microsoft. The biggest issue with this change is that Windows 10 systems will not get the official security updates after the deadline, and hackers will be already eyeing these people whose systems will become vulnerable as the security support runs out. Windows 11 has been around for a while, so it is not like a completely new version. However, Microsoft continues to bring new AI tools to the operating system, which is why the TPM 2.0 security is paramount for the machines. The UI of Windows 11 is refreshing and you will mostly find it fluid and responsive to most tasks. The start menu has a new position on the taskbar and most of the tools are in the form of apps now. First Published:
News18
20-06-2025
- News18
Indian Govt Has A New Security Alert For Chrome Users: Possible Hacking Threat Issued
Last Updated: Chrome security risk alert issued by the Indian government highlights the ongoing concerns with the popular web browser. The Indian government has issued a new security risk warning from Google Chrome users which can leave them vulnerable to hacking threats. The latest Chrome security warning dated June 18, comes via the Indian Computer Emergency Response Team (CERT-In) with a high severity rating which is always a concern for millions of Chrome users in the country, both on Windows and Mac. These security alerts have become quite frequent but also ensure that people are being informed about the issues facing some of the popular apps and software. The latest security issue facing Chrome users is linked to some of the internal components that can only be fixed by Google. 'Multiple vulnerabilities exist in Google Chrome due to Integer overflow in V8 and Use after free in Profiler. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page." Chrome is heavily used across the globe, which makes it an obvious target for hackers, especially when they have issues that can be exploited. The CERT-In note clearly suggests that a wide range of Windows and macOS Chrome versions are affected by the vulnerabilities and the details are given below: Google does have a hold on this serious situation, and has already worked on a patch that all Chrome users should install on their Windows, macOS or Linux systems right away. All you do to is follow these steps: Head over to the three-dot menu on Chrome – Settings – About – Update Chrome. Google has listed the security fixes that come with the stable channel update. The stable channel update has been issued and you have to make sure the Chrome running on your device is updated to the latest version to keep it protected from possible hacking or system access attempts. First Published: June 20, 2025, 07:30 IST
India Today
19-06-2025
- India Today
Govt issues high risk warning for Google Chrome users and you should not miss it
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning for Google Chrome desktop users. In its latest vulnerability note tagged CIVN-2025-0130, the national cybersecurity agency under the Ministry of Electronics and Information Technology has flagged multiple vulnerabilities in Chrome. These flaws, if exploited, could allow remote hackers to gain access to users' computers and even crash the to CERT-In, the recently discovered vulnerabilities exist in Google Chrome versions prior to 137.0.7151.119/.120 for Windows and Mac, and prior to 137.0.7151.119 for Linux. These flaws arise from an integer overflow in Chrome's V8 JavaScript engine and use-after-free errors in the Profiler means that users still running the vulnerable version of the Google Chrome browser could, by unknowingly visiting a malicious or specially crafted web page, allow a remote attacker to exploit these flaws to run harmful code on their system or cause it to crash. This exploitation could also result in serious harm, including sensitive data theft, complete system compromise, or service disruption — all without the user's knowledge. CERT-In has marked the warning as High in severity, meaning these vulnerabilities in Google's web browser are particularly serious and could have major consequences if exploited. The risks include:advertisementRemote code execution: Attackers could gain control of the user's of Service (DoS): PCs may become unresponsive or crash disclosure: Users' sensitive data on the affected machine could be accessed or threat is alarming to both individual users and organisations relying on Chrome for daily operations. All desktop users of Google Chrome — whether on Windows, macOS, or Linux as mentioned above — are at risk if they are using outdated to stay safe?To protect your system, CERT-In strongly recommends that users immediately update their Chrome browser to the latest stable version provided by Google. The official update has already been released. 'The Stable channel has been updated to 137.0.7151.119/.120 for Windows and Mac, and 137.0.7151.119 for Linux, which will roll out over the coming days/weeks,' notes Google in its recent Stable Channel Update for your system is not set to auto-update, you can manually check and update Chrome:Open the Google Chrome the three-dot menu () in the top right to Help > About Google will automatically check for updates and install them if the browser to apply changes.
News18
12-06-2025
- News18
Indian Govt Issues Major Security Warning Over MediaTek Chipsets: Millions Of Smartphone And TV Users At Risk
Last Updated: The new security alert from the Indian government has been issued after MediaTek has raised its own bulletin for the users. The Indian government has raised a new security warning which concerns a range of MediaTek chipsets that power phones, TVs, audio gear and more. The alert has been notified by the manufacturer via a detailed post earlier this month. And now the Indian Computer Emergency Response Team (CERT-In) is following up with those concerns and warning the people in the country. The latest security issue affects devices running on varied MediaTek processors that can be exploited to attack the users. The CERT-In note dated June 11, 2025 comes with high-severity rating says, 'Multiple vulnerabilities exist in the MediaTek products due to heap overflow & null pointer dereference in Bluetooth, null pointer dereference & incorrect authorisation in wlan and uncontrolled recursion in ims service." When you read further about the security issue, the bulletin clearly talks about the risks linked to the Wi-Fi and Bluetooth modems/drivers running through the MediaTek chipset on various devices. Hackers can use these issues to target both businesses and individuals who use devices powered by any of the latest MediaTek chipset. You can get more details on this over here. MediaTek has thankfully discovered the issues causing the concerns and an update has been passed on to the handset makers who should be offering it via a new update in the next few weeks. You are most likely going to be asked to install the latest security patch from different brands that should keep your devices secure from a whole range of attacks. The MediaTek security alert has come a few days after Qualcomm-powered Android smartphones faced similar security risks that were notified by the government. The bulletin talks about multiple vulnerabilities reported in a host of Qualcomm chipsets that power phones, GPUs, Wi-Fi modem and more. The company also shared the details of the Snapdragon chipsets and modems affected by the vulnerabilities to inform the users. First Published: June 12, 2025, 08:10 IST
