Latest news with #CERT-In
News18
13 hours ago
- News18
Indian Govt Has A New Security Alert For Chrome Users: Possible Hacking Threat Issued
Last Updated: Chrome security risk alert issued by the Indian government highlights the ongoing concerns with the popular web browser. The Indian government has issued a new security risk warning from Google Chrome users which can leave them vulnerable to hacking threats. The latest Chrome security warning dated June 18, comes via the Indian Computer Emergency Response Team (CERT-In) with a high severity rating which is always a concern for millions of Chrome users in the country, both on Windows and Mac. These security alerts have become quite frequent but also ensure that people are being informed about the issues facing some of the popular apps and software. The latest security issue facing Chrome users is linked to some of the internal components that can only be fixed by Google. 'Multiple vulnerabilities exist in Google Chrome due to Integer overflow in V8 and Use after free in Profiler. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page." Chrome is heavily used across the globe, which makes it an obvious target for hackers, especially when they have issues that can be exploited. The CERT-In note clearly suggests that a wide range of Windows and macOS Chrome versions are affected by the vulnerabilities and the details are given below: Google does have a hold on this serious situation, and has already worked on a patch that all Chrome users should install on their Windows, macOS or Linux systems right away. All you do to is follow these steps: Head over to the three-dot menu on Chrome – Settings – About – Update Chrome. Google has listed the security fixes that come with the stable channel update. The stable channel update has been issued and you have to make sure the Chrome running on your device is updated to the latest version to keep it protected from possible hacking or system access attempts. First Published: June 20, 2025, 07:30 IST
India Today
a day ago
- India Today
Govt issues high risk warning for Google Chrome users and you should not miss it
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning for Google Chrome desktop users. In its latest vulnerability note tagged CIVN-2025-0130, the national cybersecurity agency under the Ministry of Electronics and Information Technology has flagged multiple vulnerabilities in Chrome. These flaws, if exploited, could allow remote hackers to gain access to users' computers and even crash the to CERT-In, the recently discovered vulnerabilities exist in Google Chrome versions prior to 137.0.7151.119/.120 for Windows and Mac, and prior to 137.0.7151.119 for Linux. These flaws arise from an integer overflow in Chrome's V8 JavaScript engine and use-after-free errors in the Profiler means that users still running the vulnerable version of the Google Chrome browser could, by unknowingly visiting a malicious or specially crafted web page, allow a remote attacker to exploit these flaws to run harmful code on their system or cause it to crash. This exploitation could also result in serious harm, including sensitive data theft, complete system compromise, or service disruption — all without the user's knowledge. CERT-In has marked the warning as High in severity, meaning these vulnerabilities in Google's web browser are particularly serious and could have major consequences if exploited. The risks include:advertisementRemote code execution: Attackers could gain control of the user's of Service (DoS): PCs may become unresponsive or crash disclosure: Users' sensitive data on the affected machine could be accessed or threat is alarming to both individual users and organisations relying on Chrome for daily operations. All desktop users of Google Chrome — whether on Windows, macOS, or Linux as mentioned above — are at risk if they are using outdated to stay safe?To protect your system, CERT-In strongly recommends that users immediately update their Chrome browser to the latest stable version provided by Google. The official update has already been released. 'The Stable channel has been updated to 137.0.7151.119/.120 for Windows and Mac, and 137.0.7151.119 for Linux, which will roll out over the coming days/weeks,' notes Google in its recent Stable Channel Update for your system is not set to auto-update, you can manually check and update Chrome:Open the Google Chrome the three-dot menu () in the top right to Help > About Google will automatically check for updates and install them if the browser to apply changes.
News18
12-06-2025
- News18
Indian Govt Issues Major Security Warning Over MediaTek Chipsets: Millions Of Smartphone And TV Users At Risk
Last Updated: The new security alert from the Indian government has been issued after MediaTek has raised its own bulletin for the users. The Indian government has raised a new security warning which concerns a range of MediaTek chipsets that power phones, TVs, audio gear and more. The alert has been notified by the manufacturer via a detailed post earlier this month. And now the Indian Computer Emergency Response Team (CERT-In) is following up with those concerns and warning the people in the country. The latest security issue affects devices running on varied MediaTek processors that can be exploited to attack the users. The CERT-In note dated June 11, 2025 comes with high-severity rating says, 'Multiple vulnerabilities exist in the MediaTek products due to heap overflow & null pointer dereference in Bluetooth, null pointer dereference & incorrect authorisation in wlan and uncontrolled recursion in ims service." When you read further about the security issue, the bulletin clearly talks about the risks linked to the Wi-Fi and Bluetooth modems/drivers running through the MediaTek chipset on various devices. Hackers can use these issues to target both businesses and individuals who use devices powered by any of the latest MediaTek chipset. You can get more details on this over here. MediaTek has thankfully discovered the issues causing the concerns and an update has been passed on to the handset makers who should be offering it via a new update in the next few weeks. You are most likely going to be asked to install the latest security patch from different brands that should keep your devices secure from a whole range of attacks. The MediaTek security alert has come a few days after Qualcomm-powered Android smartphones faced similar security risks that were notified by the government. The bulletin talks about multiple vulnerabilities reported in a host of Qualcomm chipsets that power phones, GPUs, Wi-Fi modem and more. The company also shared the details of the Snapdragon chipsets and modems affected by the vulnerabilities to inform the users. First Published: June 12, 2025, 08:10 IST
&w=3840&q=100)
Business Standard
09-06-2025
- Business Standard
CERT-In issues high-risk security warning for Google Chrome, Android users
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for users of the Google Chrome browser on Windows PC, Macs, and Linux devices, as well as for smartphones running on older Android versions. The advisory highlights security flaws within these platforms stating that they can be exploited by an attacker. CERT-In advisory for Google Chrome Affected software: Google Chrome versions prior to 137.0.7151.55 for Linux Google Chrome versions prior to 137.0.7151.55/56 for Windows and Mac Nature of the threat: CERT-In has classified these vulnerabilities as "High risk," warning that they could potentially allow remote attackers to execute arbitrary code and cause denial of service on targeted systems. The advisory stated that these vulnerabilities could affect both individual and organisational users. CERT-In advisory stated that the vulnerabilities stem from various issues such as inappropriate implementation of Background Fetch API, FileSystemAccess API and more. It stated that a remote attacker could potentially exploit these vulnerabilities by persuading a victim to visit a specially crafted web page. Solution: CERT-In strongly advises all users to update Google Chrome to the latest version immediately. The official fix is available through Chrome's stable channel update. CERT-In advisory for Android Affected software: Android 13 Android 14 Android 15 Nature of the threat: CERT-In has classified these vulnerabilities as "High risk," warning that they could potentially allow attackers to gain unauthorised access to sensitive user data, gain elevated privileges, and cause denial of service on targeted systems. These vulnerabilities exist on smartphones from all OEMs running on the affected software version. CERT-In advisory stated that the vulnerabilities exist in Android due to flaws in the Framework, Android Runtime, System, Google Play, Arm Components, Imagination Technologies and Qualcomm Components. Solution:
Entrepreneur
29-05-2025
- Business
- Entrepreneur
Espionage Emerges as Top Cyber Threat in 2025: Industry Leaders Weigh In
In 2025, government bodies accounted for 42% of all nation-state attack targets, up from 39% in 2023 Opinions expressed by Entrepreneur contributors are their own. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. In an alarming trend, espionage has become the most dominant form of cyberattack globally in 2025, accounting for 86 per cent of all nation-state cyberattacks, according to Wipro's State of Cybersecurity Report 2025. This marks a steady rise from 82 per cent in 2023, signalling how cyber operations are becoming an increasingly strategic tool of statecraft. The report highlights a disturbing shift in the global cyber threat landscape, with government entities being the most targeted, followed by the private sector and civil society. In 2025, government bodies accounted for 42 per cent of all nation-state attack targets, up from 39 per cent in 2023 and 30 per cent in 2021. The private sector also remained vulnerable, holding steady at 32 per cent of attacks since 2023. Civil society accounted for 18 per cent, and military institutions 8 per cent. "This overwhelming focus on espionage shows that nation-state actors are playing the long game—embedding themselves within networks to quietly extract strategic information," said Rahil Patel, Chief Growth Officer at QNu Labs. "The future lies in prevention at the protocol level, not just monitoring at the perimeter. We need to move from resilience after breach to immunity before breach." Also, China, Russia, Iran, and North Korea have emerged as the key aggressor states behind these sophisticated cyber intrusions. India's growing exposure and preparedness gap India remains a top target, with critical infrastructure such as finance, energy, healthcare, and government services repeatedly coming under attack. According to CERT-In, over 1.3 million cybersecurity incidents were reported in 2022 alone. Srinivas Shekar, Founder and CEO of Pantherun Technologies, remarked, "Cyber operations have become integral to modern statecraft. In India, threat actors continue to exploit sectoral vulnerabilities. Strengthening our defences requires continuous monitoring, cross-sector collaboration, and skilled manpower." However, Neehar Pathare, MD, CEO and CIO at 63SATS Cybertech, believes that India's fragmented cyber defence framework is not keeping pace with the rising threat. "There are critical gaps—fragmented frameworks, inconsistent incident reporting, and a lack of unified cyber response," said Pathare. "A centralised Threat Intelligence and Monitoring Response Centre integrating CERT-In, sectoral CSIRTs, and corporate SOCs is vital." Budget and investment challenges Despite the rising stakes, India's cybersecurity budget remains relatively modest. Shekar said that in 2023, the government allocated INR 515 crore (USD 62 million) under the Ministry of Electronics and IT. In contrast, the U.S. Cyber Command's budget request stood at USD 3.3 billion for FY2024. He estimated that a robust, integrated national cyber defence system, encompassing infrastructure, personnel training, and threat detection, would require an initial investment of INR 2,000 to INR 5,000 crore. This figure does not include ongoing costs for upskilling and operational support. Tony Buffomante, SVP & Global Head – Cybersecurity & Risk Services, Wipro, echoed the same: "Cybersecurity budgets are struggling to keep pace with growing threat sophistication. AI helps strengthen defences while optimising costs. CISOs must focus on risk-adjusted returns on investment." Towards quantum-safe and collaborative defence With attacks becoming stealthier and longer-term, there is a growing push for next-generation defences. Quantum-safe security solutions are gaining traction, as traditional encryption methods may not survive future quantum computing capabilities. "There's an over-reliance on legacy encryption. We need a national migration path to quantum-resilient encryption—complemented by policy mandates and sector-specific blueprints," said Patel. He added, "This is not just a technical upgrade, it is a strategic imperative for digital sovereignty. Startups, research labs, and government bodies must collaborate, not work in silos." Public-private partnerships also need to evolve. Rather than acting as vendors, tech firms and government bodies must co-develop secure systems and protocols. Protecting democracy in the digital age The growing targeting of civil society (18 per cent) and military institutions (8 per cent) is not only a security concern, it is a threat to democratic stability. "Securing democracy in the digital age means investing in infrastructure that cannot be undermined by time or tech advances," said Patel. "The quantum threat is borderless; so too must be our response."
