Latest news with #CERT-in
Time of India
27-07-2025
- Business
- Time of India
Centre conducts over 9,700 cybersecurity audits of critical sectors like power, banking
New Delhi: The Indian Computer Emergency Response Team (CERT-in) and National Critical Information Infrastructure Protection Centre (NCIIPC) have together carried out 9,798 security audits to strengthen cybersecurity across critical sectors like power, energy and the banking, financial services and insurance (BFSI) in the country, according to the government. The government remains conscious of the cyber threats to India's digital and physical infrastructure. "The policies of government of India are aimed at ensuring a safe, trusted, and accountable cyberspace for all users. Multiple initiatives have been undertaken to secure critical infrastructure sectors such as power, transport or banking for their uninterrupted and safe functioning," said Minister of State for Electronics and IT , Jitin Prasada, in the Rajya Sabha. CERT-in has empaneled 200 cybersecurity organisations for carrying out these audits. The cyber agency issues the necessary guidelines for setting up of State/sectoral Computer Security Incident Response Teams (CSIRTs). Sector-specific CSIRTs, such as CSIRT in Finance sector (CSIRT-Fin) and CSIRT in Power sector (CSIRT-Power), are operational to coordinate cyber security issues and improve cyber resilience within respective sectors. The Centre for Development of Advanced Computing (C-DAC) has developed a range of indigenous cyber security tools in mobile security, forensics, log collection and analytics, etc. to reduce reliance on foreign solutions, said the minister. CERT-In has formulated a Cyber Crisis Management Plan (CCMP) for all government bodies to counter cyber-attacks and cyber-terrorism. CCMP provides strategic framework to coordinate recovery from cyber-crisis and enhance resilience. In addition, guideline documents and templates have been published to assist development and implementation of state-level/sectoral Crisis Management Plans . CERT-In also regularly conducts workshops for government bodies and key organisations to sensitise them about the cyber security threat landscape and enabling them to prepare and implement the CCMP. So far, 205 such CCMP workshops have been conducted.
Hans India
27-07-2025
- Business
- Hans India
Centre conducts over 9,700 cybersecurity audits of critical sectors like power, banking
New Delhi: The Indian Computer Emergency Response Team (CERT-in) and National Critical Information Infrastructure Protection Centre (NCIIPC) have together carried out 9,798 security audits to strengthen cybersecurity across critical sectors like power, energy and the banking, financial services and insurance (BFSI) in the country, according to the government. The government remains conscious of the cyber threats to India's digital and physical infrastructure. 'The policies of government of India are aimed at ensuring a safe, trusted, and accountable cyberspace for all users. Multiple initiatives have been undertaken to secure critical infrastructure sectors such as power, transport or banking for their uninterrupted and safe functioning,' said Minister of State for Electronics and IT, Jitin Prasada, in the Rajya Sabha. CERT-in has empaneled 200 cybersecurity organisations for carrying out these audits. The cyber agency issues the necessary guidelines for setting up of State/sectoral Computer Security Incident Response Teams (CSIRTs). Sector-specific CSIRTs, such as CSIRT in Finance sector (CSIRT-Fin) and CSIRT in Power sector (CSIRT-Power), are operational to coordinate cyber security issues and improve cyber resilience within respective sectors. The Centre for Development of Advanced Computing (C-DAC) has developed a range of indigenous cyber security tools in mobile security, forensics, log collection and analytics, etc. to reduce reliance on foreign solutions, said the minister. CERT-In has formulated a Cyber Crisis Management Plan (CCMP) for all government bodies to counter cyber-attacks and cyber-terrorism. CCMP provides strategic framework to coordinate recovery from cyber-crisis and enhance resilience. In addition, guideline documents and templates have been published to assist development and implementation of state-level/sectoral Crisis Management Plans. CERT-In also regularly conducts workshops for government bodies and key organisations to sensitise them about the cyber security threat landscape and enabling them to prepare and implement the CCMP. So far, 205 such CCMP workshops have been conducted.
India Today
19-05-2025
- India Today
Government warns Google Chrome users on Windows and Mac of severe security risks
CERT-in — The Indian Computer Emergency Response Team — under the Ministry of Electronics and Information Technology (MeitY), has issued a high-severity security alert for users of Google Chrome on computer platforms. This includes Chrome users on Windows, macOS and Linux systems. The advisory warns that certain security flaws in older versions of the browser could allow attackers to remotely take control of a user's computer. One of these vulnerabilities is already being exploited by attackers in the wild, which makes this a serious and time-sensitive threat. If you use Chrome on your laptop or PC, you are strongly advised to update it immediately to avoid falling victim to these potential to CERT-In, the affected Chrome versions are those prior to 136.0.7103.113 on Linux, and prior to 136.0.7103.113 or 136.0.7103.114 on Windows and Mac. These older builds contain flaws linked to two key components in the browser — one is called the Loader, and the other is Mojo, which is used for inter-process communication in Chromium-based browsers. The agency explained that the vulnerabilities arise due to insufficient policy enforcement in the Loader, and improper handling in Mojo. These gaps can be exploited by attackers to execute arbitrary code on a device, essentially giving them access to everything on your makes this even more concerning is that one of the vulnerabilities, labelled CVE-2025-4664, is already being actively used by cybercriminals. This means attackers are not just preparing to use it — they already are. This flaw can be triggered simply by luring users to visit a malicious website or clicking on a dangerous link. Once exploited, it can allow the attacker to take control of the device, inject malware, steal sensitive information, or crash the system prevent this from happening, CERT-In has recommended that all users and organisations running Google Chrome on desktops should upgrade to the latest version without delay. Google has confirmed that the issues have been patched in versions 136.0.7103.113 and 136.0.7103.114, and that the updated builds are being rolled out via the Stable channel. These updates will become available to all users over the coming days or don't need to download anything manually — Chrome has a built-in update mechanism. Simply open Google Chrome on your desktop, click on the three-dot icon in the top-right corner, go to Help and then click About Google Chrome. Your browser will automatically start checking for updates and install them if available. After the update is installed, restart the browser to complete the process.
