News Analysis India

Tag: cyber security

  • Indian Cyber Agency Finds Multiple Bugs In Microsoft Edge, Advises Users To Update |

    New Delhi: The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Monday, warned users of multiple vulnerabilities in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system.

    The affected software includes Microsoft Edge Stable versions prior to 125.0.2535.85. “Multiple vulnerabilities have been reported in Microsoft Edge (Chromium-based) which could allow an attacker to compromise the targeted system,” said the CERT-In advisory.

    According to the cyber agency, these vulnerabilities exist in Microsoft Edge (Chromium-based) due to ‘out of bounds’ memory access in keyboard inputs; out of bounds write in streams API; heap buffer overflow in WebRTC, use after free in dawn, media session and presentation API.

    An attacker could exploit these vulnerabilities by enticing a victim to open a specially crafted file, the agency mentioned. Cert-In advised users to apply appropriate security updates as mentioned by the company.

    Meanwhile, the cyber agency warned users of multiple vulnerabilities in Android which could allow an attacker to obtain sensitive information, gain elevated privileges and cause denial-of-service (DoS) conditions on the targeted system.

    As mentioned in the advisory, these vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies and Qualcomm closed-source components.

  • Getting Fake Calls Threatening To Disconnect Your Mobile On Behalf Of DoT/TRAI? Report At THESE Numbers |

    New Delhi: Department of Telecommunications (DoT) has issued an advisory to citizens to not to take fake calls being received by the citizens wherein callers are threatening to disconnect their mobile numbers, or their mobile numbers are being misused in some illegal activities. DoT said that it does not make calls to citizens threatening disconnection.

    The DoT had also issued advisory about WhatsApp calls from foreign origin mobile numbers (like +92-xxxxxxxxxx) impersonating government officials and duping the people.

    Cyber criminals through such calls try to threaten or steal personal information to carry out cyber-crime/financial frauds. 

    Where To Report Fake Calls?

    The DoT/TRAI said it does not authorise anyone to make such call on its behalf and has advised people to stay vigilant and report such fraud communications at ‘Chakshu – Report Suspected Fraud Communications’ facility of Sanchar Saathi portal (www.sancharsaathi.gov.in/sfc). Such proactive reporting helps DoT in prevention of misuse of telecom resources for cyber-crime, financial frauds, etc.

    The DoT also advises citizens to report at cyber-crime helpline number 1930 or www.cybercrime.gov.in in case of already a victim of cyber-crime or financial fraud.

    Various measures have been taken to combat suspected fraud communications and to curb cybercrime activities. Under CHAKSHU facility, 52 Principal Entities, involved in sending malicious and phishing SMSs to the citizens have been blacklisted. 700 SMS content templates have been deactivated. 348 mobile handsets blacklisted on pan- India basis across all telecom operators.

    10,834 suspected mobile numbers flagged for re-verification to the telecom operators out of which 8272 mobile connections disconnected failing re-verification till 30th April 2024. 1.86 lakh mobile handsets blocked on pan India basis for involvement in cybercrime/financial frauds.

    Advisories have been issued on a regular basis for the public to create awareness on fake notices impersonating DoT/TRAI, suspected fraud communications and malicious calls via press, SMS, and social media, said DoT.

     

  • Cyber Attack, Data Breach Among Top Risks For Businesses In India: Survey |

    New Delhi: Cyber attacks and data breaches are the top business risks for organisations in India, according to the 2023 Global Risk Management Survey. Cyber attacks and data breaches were placed seventh in the 2021 business risks survey.

    Global professional services firm Aon collected inputs from around 3,000 risk managers, c-suite leaders, treasurers, talent professionals, and other executives from 61 countries and territories to identify the most pressing business challenges. (Also Read: Free Aadhaar Update Deadline Extended: Check List Of Required Documents To Do The Same)

    The biennial survey said that India’s dependency on technology is likely to increase with the widespread adoption of digital infrastructure like the Unified Payments Interface, Aadhaar, and Open Network for Digital Commerce. (Also Read: Poco X6 5G Gets A Significant Price Drop On Flipkart: Check Details)

    “With increasing digitisation, cybercrimes continue to become rampant with costs and complexities associated with such breaches forcing organisations to look at risk mitigation and transfer mechanisms to better manage cyber risks,” the survey noted.

    Business interruption and failure to attract or retain top talent were marked as the second and third biggest risks facing organisations in India, respectively.

    “There is a compelling need for Indian businesses to leverage advanced data analytics and experts to understand and manage the dynamics of integrated risks,” said Nitin Sethi, Chief Executive Officer of Talent Solutions in India at Aon.

    Failure to meet customer needs, rapidly changing market trends, supply chain disruptions, and personal liabilities were marked down the list as other critical challenges for businesses in India.

  • Twitter, LinkedIn, Telegram And Other Platforms Face Data Breach, 26 Billion Records Leaked |

    New Delhi: According to Forbes, security researchers have revealed that a massive database containing no fewer than 26 billion leaked records has been discovered on an unsecured page. Security researchers are calling it the supermassive data leak or the “Mother of all Breaches.” This data leak, likely the largest ever recorded, has affected numerous platforms, including Twitter, Telegram, Chinese messaging giant Tencent, Weibo, Adobe, Canva, LinkedIn, and Dropbox.

    Researchers from Security Discovery and Cybernews detected the breach, which reportedly spans a size of 12 terabytes. The research team suspects that the database was compiled by a malicious actor or data broker.

    According to researchers, “Threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.” (Also Read: Google Chrome To Get 3 New Generative AI Features, Will Make Your Browsing Experience Easier)

    However, the most dangerous part is that it includes numerous combinations of usernames and passwords. Cybercriminals could exploit this information to execute various attacks, including identity theft, advanced phishing schemes, targeted cyber assaults, and unauthorized entry into personal and sensitive accounts.

    Jake Moore, a global cybersecurity advisor at ESET, reckons that “We should never underestimate what cybercriminals can achieve with such limited information. Victims need to be aware of the consequences of stolen passwords and make the necessary security updates in response.” (Also Read: Apple Rolls Out iOS 17.3 Update With THESE Features; Check Here)

    Other notable breaches include MySpace (360 million), Twitter (281 million), LinkedIn (251 million), and AdultFriendFinder (220 million).

  • Cyber security limited not only to digital world but national matters also: PM Narendra Modi

    By PTI

    NEW DELHI: Cyber security is no longer limited to just the digital world as it has now become a matter of national security, Prime Minister Narendra Modi said on Friday.

    He also noted that the process of importing defence items is so long that by the time they reach our security forces, many of them have become outdated and therefore, the solution is to go for indigenous manufacturing.

    “Even during the period of slavery and immediately after Independence, the strength of our defence manufacturing was very high. Weapons made in India played a big role in World War II,” he said in his address at the Defence Ministry’s post-budget webinar.

    Although this strength of ours kept on weakening in later years, it shows that there was no shortage of capacity in India then and neither it is there now, he added. About 70 percent of this year’s defence budget has been kept for domestic industry only, he said.

    “The strength of India’s IT is our great strength. The more we use this power in our defence sector, the more confident we will be in our security. For example, cyber security is no longer limited to the digital world only. It has become a matter of national security,” he noted.

    It is a source of happiness that in the last five-six years, India has increased defence exports by six times, he said. Today, India is providing Made in India defence equipments and services to more than 75 countries, he noted.

  • Focus should be on maintenance practices, robust physical and cyber security: IAF chief

    By PTI

    NEW DELHI: Air Chief Marshal RKS Bhadauria has said there is a need for critical analysis to enhance operational preparedness and focus should be on maintenance practices as well as robust physical and cyber security.

    Addressing the annual commanders’ conference of the Indian Air Force’s Central Air Command in Allahabad in Uttar Pradesh on Thursday, he also directed that readiness of all platforms, weapon systems and assets be kept at the highest level, according to an IAF statement.

    Urging the commanders to continue their efforts in ensuring a safe operational flying environment, he stressed on the need to augment the combat capability of the IAF through innovation, self-reliance and indigenisation, the statement issued on Friday said.

    Bhadauria emphasised the need for critical analysis to enhance operational preparedness, focus on maintenance practices, robust physical and cyber security, it said.

    He appreciated the role of the Central Air Command in the recent flood relief efforts and aid to civil administration.

    Last month, Madhya Pradesh’s Gwalior-Chambal region of was hit by floods after heavy rainfall, and the IAF had assisted the civil administration in rescuing people and providing relief material to the affected.