News Analysis India

Tag: Indian Computer Emergency Response Team

  • Security Alert For Android Users! Indian Govt Issued High-Risk Warning: Read More |

    New Delhi: In the age of digitalisation, many tough things become easy and can be done in a few clicks. But one thing that is growing parallel with the digital age is risks and vulnerabilities. Yes, this is the thing that may be encountered by you. Read on further to find out about the latest incident.

    In the latest and recent security alert issued by the Indian Computer Emergency Response Team (CERT-In), Android users across India have been cautioned about a significant security threat. (Also Read: ‘You Give More Money To Govt Than Spend On Yourself’: Social Media Post On Income Tax Concerns Goes Viral)

    As per the reports, the threat can impact a vast number of Android devices across the country. This latest high-severity issue could potentially enable hackers to steal important and sensitive data from affected smartphones. (Also Read: High-Security Alert For Apple Users! CERT-In Asked To Deploy Immediate Measures)

    How It Has Originated?

    According to CERT-In’s April 2024 bulletin, the vulnerabilities stem from various weaknesses in Android’s framework, system, and Google Play system updates, as well as components from major hardware suppliers like Arm, Imagination Technologies, MediaTek, Unisoc, and Qualcomm, including their closed-source components.

    Which Android Versions Can Be Affected?

    The advisory specifies the Android versions susceptible to this security risk. Some of them include:

    Android 12 And 12L

    The report suggests that Android 12 and 12L are amongst the Android versions that may be affected. 

    Android 13

    Android 13 is also on the list.

    Android 14

    Android 14 features on the list of  Android versions susceptible to this security risk.

    Why The Concern Is Alarming?

    The different media reports claim that over 90 percent of active Android devices in India running on these versions. Now the ongoing situation raises considerable concern among users.

    The identified vulnerabilities could potentially allow attackers to access sensitive information, gain elevated privileges, and even cause denial of service conditions on targeted devices.

  • Malicious COVID-19 vaccine SMS that compromises Android phones spreading: Cyber agency

    By PTI
    NEW DELHI: A fake COVID-19 vaccine registration SMS that “maliciously” gains entry into a users’ Android phone leading to compromise of individual contact list is in circulation, the federal cyber security agency has alerted.

    The harmful SMS has been identified by at least five variants.

    “It has been reported that a fake SMS message is in circulation that falsely claims to offer an app to let users register for COVID-19 vaccine in India.”

    “The SMS carries a link that installs the malicious app on Android-based devices, which essentially spreads itself via SMS to victims’ contacts,” the Indian Computer Emergency Response Team or CERT-In said in a public advisory issued on Saturday.

    The agency is the federal technology arm to combat cyber attacks and guarding the Indian cyber space against phishing and hacking assaults and similar online attacks.

    It added that the “app also gains unnecessary permissions that attackers could leverage to acquire user data such as contact list.”

    Some of its identified variants are: Covid19.apk; Vaci__Regis.apk; MyVaccin_v2.apk; Cov-Regis.apk and Vccin-Apply.apk.

    The advisory said that the only “official” online link to register for coronavirus vaccination in the country is the portal– http://cowin.gov.in.

    It asked users to be alert against all attempts of phishing through fake domains, emails and text messages that promise registration for a jab against the pandemic.

    As part of measures to check such malicious attempts of data breach, it advised users to tune their phone setting in a manner that disables installation of apps through “untrusted sources” and that sides should undertake safe browsing and use trusted anti-virus and internet firewall tools.

    India at present is administering two COVID-19 vaccines — Covishield and Covaxin — to its citizens and according to official data, the central government has so far provided nearly 18 crore vaccine doses to states and union territories.

  • 15.5 lakh cyber security incidents in 2019, 2020, Govt tells Lok Sabha

    By PTI
    NEW DELHI: Over 15.5 lakh cyber security incidents have been reported in the last two years and 11.58 lakh of them were recorded in 2020 alone, the Lok Sabha was informed on Tuesday.

    Union Minister of State for Home G Kishan Reddy said the Indian Computer Emergency Response Team (CERT-In) is serving as the national agency for responding to cyber security incidents in accordance with the provisions of Section 70B of the Information Technology Act, 2000.

    According to the information reported to and tracked by the CERT-In, 3,94,499 and 11,58,208 cyber security incidents were observed during 2019 and 2020, respectively, he said in a written reply to a question.

    Reddy said the CERT-In receives inputs from its situational awareness systems and threat intelligence sources about malware infections in networks of entities across sectors.

    Whenever any incident comes to the notice of CERT-In, it issues alerts and advisories to the entities concerned and sectoral Computer Emergency Response Teams (CERTs) for remedial measures, he said.