Launch of Central Suspect Registry to Combat Cyber Crimes
Introduction
The Indian government has introduced initiatives to enhance data sharing between law enforcement and stakeholders to combat cybercrime. Union Home Minister Amit Shah has launched the Central Suspect Registry, Cyber Fraud Mitigation Center, Samanvay Platform and Cyber Commandos programme on the Indian Cyber Crime Coordination Centre (I4C) Foundation Day celebration took place on the 10th September 2024 at Vigyan Bhawan, New Delhi. The ‘Central Suspect Registry’ will serve as a central-level database with consolidated data on cybercrime suspects nationwide. The Indian Cyber Crime Coordinating Center will share a list of all repeat offenders on their servers. Shri Shah added that the Suspect Registry at the central level and connecting the states with it will help in the prevention of cybercrime.
Key Highlights of Central Suspect Registry
The Indian Cyber Crime Coordination Centre (I4C) has established the suspect registry in collaboration with banks and financial intermediaries to enhance fraud risk management in the financial ecosystem. The registry will serve as a central-level database with consolidated data on cybercrime suspects. Using data from the National Cybercrime Reporting Portal (NCRP), the registry makes it possible to identify cybercriminals as potential threats.
Central Suspect Registry Need of the Hour
The Union Home Minister of India, Shri Shah, has emphasized the need for a national Cyber Suspect Registry to combat cybercrime. He argued that having separate registries for each state would not be effective, as cybercriminals have no boundaries. He emphasized the importance of connecting states to this platform, stating it would significantly help prevent future cyber crimes.
CyberPeace Outlook
There has been an alarming uptick in cybercrimes in the country highlighting the need for proactive approaches to counter the emerging threats. The recently launched initiatives under the umbrella of the Indian Cyber Crime Coordination Centre will serve as significant steps taken by the centre to improve coordination between law enforcement agencies, strengthen user awareness, and offer technical capabilities to target cyber criminals and overall aim to combat the growing rate of cybercrime in the country.
References:
Related Blogs

Executive Summary:
Microsoft rolled out a set of major security updates in August, 2024 that fixed 90 cracks in the MS operating systems and the office suite; 10 of these had been exploited in actual hacker attacks and were zero-days. In the following discussion, these vulnerabilities are first outlined and then a general analysis of the contemporary cyber security threats is also undertaken in this blog. This blog seeks to give an acquainted and non-acquainted audience about these updates, the threat that these exploits pose, and prevent measures concerning such dangers.
1. Introduction
Nowadays, people and organisations face the problem of cybersecurity as technologies develop and more and more actions take place online. These cyber threats have not ceased to mutate and hence safeguarding organisations’ digital assets requires a proactive stand. This report is concerned with the vulnerabilities fixed by Microsoft in August 2024 that comprised a cumulative of 90 security weaknesses where six of them were zero-day exploits. All these make a terrible risk pose and thus, it is important to understand them as we seek to safeguard virtual properties.
2. Overview of Microsoft’s August 2024 Security Updates
August 2024 security update provided by Microsoft to its products involved 90 vulnerabilities for Windows, Office, and well known programs and applications. These updates are of the latest type which are released by Microsoft under its Patch Tuesday program, a regular cum monthly release of all Patch updates.
- Critical Flaws: As expected, seven of the 90 were categorised as Critical, meaning that these are flaws that could be leveraged by hackers to compromise the targeted systems or bring operations to a halt.
- Zero-Day Exploits: A zero-day attack can be defined as exploits, which are as of now being exploited by attackers while the software vendor has not yet developed a patch for the same. It had managed 10 zero-days with the August update, which underlines that Microsoft and its ecosystems remain at risk.
- Broader Impact: These are not isolated to the products of Microsoft only They still persist Despite this, these vulnerabilities are not exclusive to the Microsoft products only. Other vendors such as Adobe, Cisco, Google, and others also released security advisories to fix a variety of issues which proves today’s security world is highly connected.
3. Detailed Analysis of Key Vulnerabilities
This section provides an in-depth analysis of some of the most critical vulnerabilities patched in August 2024. Each vulnerability is explained in layman’s terms to ensure accessibility for all readers.
3. 1 CVE-2024-38189: Microsoft Project Remote Code Execution Vulnerability (CVSS score:8. 8) :
The problem is in programs that belong to the Microsoft Project family which is known to be a popular project management system. The vulnerability enables an attacker to produce a file to entice an user into opening it and in the process execute code on the affected system. This could possibly get the attacker full control of the user’s system as mentioned in the following section.
Explanation for Non-Technical Readers: Let us assume that one day you received a file which appears to be a normal word document. When it is opened, it is in a format that it secretly downloads a problematic program in the computer and this goes unnoticed. This is what could happen with this vulnerability, that is why it is very dangerous.
3. 2 CVE-2024-38178: Windows Scripting Engine Memory Corruption Vulnerability (CVSS score: 7.5):
Some of the risks relate to a feature known as the Windows Scripting Engine, which is an important system allowing a browser or an application to run scripts in a web page or an application. The weak point can result in corruption of memory space and an attacker can perform remote code execution with the possibility to affect the entire system.
Explanation for Non-Technical Readers: For the purpose of understanding how your computer memory works, imagine if your computer’s memory is a library. This vulnerability corrupts the structure of the library so that an intruder can inject malicious books (programs) which you may read (execute) on your computer and create havoc.
3. 3 CVE-2024-38193: WinSock Elevation of Privilege Vulnerability (CVSS score: 7. 8 )
It opens up a security weakness in the Windows Ancillary Function Driver for WinSock, which is an essential model that masks the communication between the two. It enables the attacker to gain new privileges on the particular system they have attacked, in this case they gain some more privileges on the attacked system and can access other higher activities or details.
Explanation for Non-Technical Readers: This flaw is like somebody gaining access to the key to your house master bedroom. They can also steal all your valuable items that were earlier locked and could only be accessed by you. It lets the attacker cause more havoc as soon as he gets inside your computer.
3. 4 CVE-2024-38106: Windows Kernel Elevation of Privilege Vulnerability (CVSS score: 7. 0)
This vulnerability targets what is known as the Windows Kernel which forms the heart or main frameworks of the operating system that controls and oversees the functions of the computer components. This particular weakness can be exploited and an opponent will be able to get high-level access and ownership of the system.
Explanation for Non-Technical Readers: The kernel can be compared to the brain of your computer. It is especially dangerous that if someone can control the brain he can control all the rest, which makes it a severe weakness.
3. 5 CVE-2024-38213: Windows Mark of the Web Security Feature Bypass Vulnerability (CVSS score: 6.5).
This vulnerability enables the attackers to evade the SmartScreen component of Windows which is used to safeguard users from accessing unsafe files. This weakness can be easily used by the attackers to influence the users to open files that are otherwise malicious.
Explanation for Non-Technical Readers: Usually, before opening a file your computer would ask you in advance that opening the file may harm your computer. This weak point makes your computer believe that this dangerous file is good and then no warning will be given to you.
4. Implications of the Vulnerabilities
These vulnerabilities, importantly the zero-day exploits, have significant implications on all users.
- Data Breaches: These weaknesses can therefore be manipulated to cause exposures of various data, occasioning data leaks that put individual and corporate information and wealth.
- System Compromise: The bad guys could end up fully compromising the impacted systems meaning that they can put in malware, pilfer data or simply shut down a program.
- Financial Loss: The organisations that do not patch these vulnerabilities on the shortest notice may end up experiencing a lot of losses because of having to deal with a lot of downtimes on their systems, having to incur the costs of remediating the systems that have been breached and also dealing with legal repercussions.
- Reputation Damage: Security breaches and IT system corruptions can result in loss of customer and partner confidence in an organisation’s ability to protect their information affecting its reputation and its position in the market.
5. Recommendations for Mitigating Risks
Immediate measures should be taken regarding the risks linked to these issues since such weaknesses pose a rather high threat. The following are recommendations suitable for both technical and non-technical users.
5. 1 Regular Software Updates
Make it a point that all the software, particularly operating systems and all Microsoft applications are updated. Any system out there needs to update it from Microsoft, and its Patch Tuesday release is crucial.
For Non-Technical Users: As much as possible, reply ‘yes’ to updates whenever your computer or smartphone prompts for it. These updates correct security matters and secure your instruments.
5. 2 Realisation of Phishing Attacks
Most of the risks are normally realised through phishing techniques. People should be taught diversifiable actions that come with crazy emails like clicking on links and opening attachments.
For Non-Technical Users: Do not respond to emails from unknown people and if they make you follow a link or download a file, do not do it. If it looks like spam, do not click on it.
5. 3 Security Software
Strong and reliable antivirus and anti-malware software can be used to identify and avoid the attacks that might have high chances of using these vulnerabilities.
For Non-Technical Users: Ensure you download a quality antivirus and always update it. This works like a security guard to your computer by preventing bad programs.
5. 4 Introduce Multi Factor Authentication (MFA)
MFA works in a way to enforce a second factor of authentication before the account can be accessed; for instance, a user will be asked to input a text message or an authentication application.
For Non-Technical Users: NS is to make use of two-factor authentication on your accounts. It is like increasing the security measures that a man who has to burgle a house has to undergo by having to hammer an additional lock on the door.
5. 5 Network segmentations and Privileges management
Network segmentation should be adopted by organisations to prevent the spread of attacks while users should only be granted the privileges required to do their activities.
For Non- Technical Users: Perform the assessments of user privileges and the networks frequently and alter them in an effort of reducing the extent of the attacks.
6. Global Cybersecurity Landscape and Vendor Patches
The other major vendors have also released patches to address security vulnerabilities in their products. The interdependent nature of technology has the effect on the entire digital ecosystem.
- Adobe, Cisco, Google, and Others: These companies have released updates to address the weaknesses in their products that are applied in different sectors. These patches should be applied promptly to enhance cybersecurity.
- Collaboration and Information Sharing:Security vendors as well as researchers and experts in the cybersecurity domain, need to remain vigilant and keep on sharing information on emerging threats in cyberspace.
7. Conclusion
The security updates companies such as Microsoft and other vendors illustrate the present day fight between cybersecurity experts and cybercriminals. All the vulnerabilities addressed in this August 2024 update cycle are a call for prudence and constant protection of digital platforms. These vulnerabilities explain the importance of maintaining up-to-date systems, being aware of potential threats, and implementing robust security practices. Therefore, it is important to fortify our shield in this ever expanding threat domain, in order to be safe from attackers who use this weakness for their malicious purposes.

Introduction
" सर्वे भवन्तु सुखिनः, सर्वे सन्तु निरामयाः " May all be happy, may all be free from suffering. This timeless invocation reflects a vision of collective well-being, where progress is meaningful only when shared, and protection extends to every individual in society. This very philosophy lies at the heart of Corporate Social Responsibility, which seeks to ensure that growth is not isolated or unequal, but inclusive, ethical, and mindful of the broader social good.
At its core, Corporate Social Responsibility is not merely a statutory obligation, it is a reflection of a deeper ethical commitment, an acknowledgement that growth must carry with it a sense of duty towards society. In many ways, CSR embodies the idea that progress without responsibility is incomplete, and that corporations, as key actors shaping modern life, must help safeguard the very communities they engage with.
Reframing Digital Literacy Through Cyber Safety in CSR Frameworks
In India, this moral vision has been given a legal structure under the Companies Act, 2013, CSR Schedule VII, which mandates certain classes of companies to allocate a portion of their profits towards socially beneficial activities. Section 135 of the Act requires companies meeting specified financial thresholds to undertake CSR initiatives, guided by principles of inclusivity, sustainability, and social welfare. The underlying values are clear, CSR is intended not as charity, but as a strategic and accountable contribution to societal development.
Schedule VII of the Act further outlines the broad areas that qualify as CSR, including “Education and Digital Literacy”, gender equality, rural development, and measures for reducing inequalities. Within this framework, promoting “digital literacy” has increasingly been recognised as a legitimate and necessary CSR activity, especially in the context of a rapidly digitising society like India.
However, the current understanding of digital literacy within CSR remains incomplete. It often emphasises access and usage, teaching individuals how to navigate digital platforms, use devices, and engage with online services. What remains insufficiently addressed is the question of safety. In an environment where cyber fraud, data breaches, online harassment, and identity theft are becoming increasingly common, digital literacy without cyber awareness risks becoming a partial and potentially harmful intervention.
Embedding cyber awareness and capacity building within ‘digital literacy’ in explicit form is therefore not optional, it is essential. This includes equipping individuals with the ability to recognise online threats, protect personal data, understand digital consent, and respond effectively to cyber risks. It also requires recognising that vulnerable populations, including first-time internet users, women, and marginalised communities, often face disproportionate exposure to cyber harm.
“It is pertinent to note that Cybersecurity awareness training is relevant to CSR but is not yet consistently implemented as an explicit CSR activity. It is often included indirectly within digital literacy programs, highlighting the need for a more structured, progressive and integrated approach.”
Given this reality, there is a strong case for explicitly recognising cyber awareness as a distinct and integral component of CSR activities, rather than treating it as an implicit subset of digital literacy. Doing so would not only align CSR with contemporary societal risks but also ensure that corporate interventions move beyond enabling access to actively ensuring safety.
In a digital society, empowerment without protection is incomplete. If CSR is to truly reflect its foundational values, it must evolve to address not just the opportunities of the digital age, but also its risks.
Why Cyber Safety Must Be Central to CSR
The current state of digital ecosystems, which used to operate as secondary systems, now functions as essential systems that support government operations, banking systems, educational institutions, and social communication. The digital environment has its vulnerabilities, which create direct dangers for people in society. The elderly, first-time internet users, and rural communities face higher cyber threat risks because they often lack knowledge and protective resources on responsible use. The implementation of CSR initiatives that provide digital access to these groups, along with how to handle risks, will create greater benefit for their safety. Organisations must encourage the implementation of cyber safety training in their CSR programs because doing so will create value while fulfilling their ethical obligations. The empowerment process needs to achieve complete success, which protects people from any potential dangers according to the "do no harm" principle.
Key Components of CyberPeace-Aligned Digital Literacy
To make CSR initiatives more effective and future-ready, organisations should incorporate the following elements into their digital literacy programs:
- Cyber Awareness and Risk Recognition: The training program teaches participants how to recognise typical security threats, which include phishing attacks and scams, deepfake technology and misinformation.
- Data Protection and Privacy Literacy: The program teaches users how to protect their personal information, together with the process of giving consent and the methods used to handle their online presence.
- Responsible Digital Behaviour: The program teaches people how to use the internet responsibly by showing them how to make ethical decisions that require both respect and accountability while understanding the legal consequences of their actions.
- Incident Response and Reporting Mechanisms: The program teaches users about cyber incident response, which includes all reporting methods and available support resources.
- Inclusion-Focused Design: The program develops specific solutions which protect various demographic groups from their particular vulnerabilities while maintaining accessibility and essential programmatic relevance.
Policy and Institutional Alignment
The integration of cyber safety into corporate social responsibility lets organisations achieve their national objectives, which include:
- Strengthening digital trust and resilience
- Supporting safe digital inclusion initiatives
- Complementing the efforts of institutions working on cybersecurity awareness and capacity building
The structured approach requires organisations to execute three specific steps, which include:
- Partnering with cybersecurity organisations and civil society
- Developing standardised cyber awareness modules
- The organisation will use behavioural change indicators to evaluate its impact instead of relying on access metrics.
The Way Forward
Digital-era Corporate Social Responsibility needs to transition from its present state of providing access to digital resources toward establishing secure online platforms for users. The understanding of digital literacy needs to shift from its current status as a technical ability toward its new definition as a social competency that encompasses safety, responsibility and resilience training.
Companies need to understand their digital transformation obligations because their digital transformation efforts require them to handle all associated risks. The implementation of cyber safety within corporate social responsibility frameworks will enable organisations to develop a secure and trustworthy digital environment that includes all users.
Conclusion
The implementation of corporate social responsibility needs to fulfil its core mission of creating societal benefits through inclusive practices that span all current digital possibilities and their associated security threats. The field of digital literacy requires a new framework that combines digital safety practices with its existing educational materials.
The digital safety practice ensures that people obtain essential knowledge and skills that enable them to use digital resources securely when they access online content. The process of accomplishing shared community prosperity needs to establish a framework that benefits every person through social advancement and the protection of their rights.
References
- https://upload.indiacode.nic.in/schedulefile?aid=AC_CEN_22_29_00008_201318_1517807327856&rid=79
- https://www.allresearchjournal.com/archives/2025/vol11issue4/PartF/11-5-60-511.pdf
- https://www.unesco.org/en/dtc-finance-toolkit-factsheets/corporate-social-responsibility-csr
- https://www.investopedia.com/terms/c/corp-social-responsibility.asp
- https://digitalmarketinginstitute.com/blog/corporate-16-brands-doing-corporate-social-responsibility-successfully
- https://www.imd.org/blog/sustainability/csr-strategy/

Introduction
The rapid rise of AI tools has reshaped how health content spreads on platforms like Instagram Reels and YouTube Shorts. These sub-minute videos promise quick fixes for weight loss, glowing skin, or reduced anxiety, often delivered through polished visuals and confident AI-generated voiceovers. The result feels highly personalised, as if the advice is tailored to each viewer, even though it is usually generic and widely recycled.
Short-form videos tend to compress complex health topics into “one tip” solutions, such as drinking a specific detox drink daily or following a single workout for rapid fat loss. While appealing, this oversimplification removes essential context, including individual health conditions, long-term risks, and scientific nuance. For example, viral diet trends or fitness hacks may work for some but can be ineffective or even harmful for others.
Algorithms play a major role in amplifying such content. Videos that promise dramatic transformations or instant results are more likely to gain engagement, which pushes them to wider audiences. Repeated exposure then builds familiarity, making the advice seem more credible over time. Audiences often trust this content due to its clean presentation, authoritative tone, and frequent repetition. However, the risks include misinformation, unrealistic expectations, and potential harm from unverified practices. To approach such content critically, viewers should cross-check claims with credible medical sources, avoid relying on single tip solutions, and remember that real health advice is rarely one size fits all.
The Illusion of Personalisation
AI-generated health content often mimics personalisation through:
- Synthetic voiceovers that designers created to match different age groups through their voice output, which speak specifically to people who are 20 years old and younger.
- The script development process uses data that tracks currently popular search terms.
- Viewers can interpret information through visual elements, which show changes between two different states.
The process of "personalisation" uses generalised data that does not match individual health profiles to create targeted results. The videos fail to provide a medical assessment because they do not consider:
- Existing medical conditions
- Hereditary differences
- Personal habits and the impact of surrounding conditions
The users will think that general medical advice applies to their personal health needs, which will lead them to use this advice inappropriately.
Short-Form Content and Oversimplification
Short-form videos have time limitations, which result in reduced complex medical information development into basic medical stories. The typical patterns of evaluation include these two patterns of evaluation include:
- “One-tip solutions” (e.g., “Drink this before bed to burn fat”)
- Binary framing (“good vs bad foods”)
- The process of eliminating all disclaimers and side effects information
For example, the three diet methods here the three diet methods here
- Viral detox drinks that make the claim to "flush toxins" from the body
- Extreme calorie-cutting diet hacks
- Fitness shortcuts that guarantee users will see results within days
The content demonstrates a pattern of disregarding essential human body operation rules that include both metabolic patterns and human body operation over extended periods of time.
Algorithmic Amplification and Virality
The recommendation algorithms used by Instagram and YouTube deliver their most important results through three main factors, which include:
- Engagement (likes, shares, watch time)
- Retention rates
- Emotional or aspirational triggers
Health-related content that claims to deliver:
- Immediate body changes
- Needs minimal work from viewers
- Results in extreme physical changes
Attractive health-related content that displays extreme physical changes through quick transformations. The system produces a continuous cycle during which:
- Misleading content gains traction
- Algorithms amplify it further
- More creators replicate similar formats using AI tools
The system produces a secondary result that favours content that people share instead of content that has authentic credibility.
Why Do Users Trust AI-Generated Health Content?
Several psychological and technological factors contribute to trust:
- Professional Aesthetics - AI tools generate high-quality visual content together with authentic voiceover performance and expert-level script documentation, which replicates professional communication methods.
- Repetition and Familiarity - When people encounter identical recommendations multiple times, their belief in those recommendations increases through the illusory truth effect.
- Authority Signals
- Medical terminology serves as a standard term
- Medical professionals appear in stock footage through lab coat visuals
- The narrator delivers information through an assertive speaking style
- Perceived Personal Relevance - Algorithmic targeting makes users feel the content is "meant for them.
Real-World Examples of Viral Trends
The typical types of health misinformation that artificial intelligence systems spread through their enhanced capabilities include:
- Diet Trends: Keto shortcuts, extreme intermittent fasting variants
- Fitness Hacks: Spot reduction exercises (scientifically unsupported)
- Supplement Advice: Unverified claims about vitamins or herbal products
- Mental Health Tips: Oversimplified coping strategies that lack clinical evidence
The statement that drinking warm lemon water will detox your liver continues to be popular despite the fact that the liver has natural self-detoxification abilities.
Risks and Public Health Implications
The widespread consumption of such content creates multiple dangers, which include:
1. Physical Health Risks
- Nutritional deficiencies from extreme diets
- Injury from improper exercise techniques
- Delayed medical consultation
2. Psychological Impact
- Unrealistic body image expectations
- Anxiety due to conflicting advice
3. Misinformation Ecosystem
- The public loses confidence in evidence-based medicine
- Unverified or pseudoscientific practices spread throughout society
Regulatory and Ethical Concerns
The increase of AI-generated health materials connects to more extensive problems, which include:
- Who is responsible for the content
- Who is responsible for the platform
- How AI systems show their inner workings to users
Most platforms today do not have strict systems that can:
- Verify medical claims
- Display which health advice comes from artificial intelligence
- Punish users who spread false information multiple times
The absence of regulations allows misleading information to spread without consequences.
A CyberPeace Perspective: Building Digital Health Resilience
The problem needs complete involvement from several parties to create effective solutions that protect both online security and data integrity.
For Users
- Users should confirm claims by using trustworthy medical resources, which include the WHO and peer-reviewed studies.
- People should avoid using "quick solutions" until they receive guidance from certified experts.
- Users should exercise caution when they encounter content that does not include necessary warning signs.
For Platforms
- Platforms should implement systems that enable users to identify AI-generated content.
- Platforms should decrease the visibility of health information that contains false statements.
- Platforms should support authentic health content producers who have been validated.
For Policymakers
- Policymakers should create standards that govern AI-produced medical content.
- Policymakers need to enhance initiatives that teach people about the health information available online.
For Content Creators
- Content creators must show how they implement AI technologies.
- They should stay away from making claims that either go beyond what is needed or state things as absolute truth.
Conclusion
AI-generated health tips on short-form video platforms create complex research conditions that involve three scientific fields: technology, psychology and public health. The tools provide equal access to information, yet create higher risks for people to believe false information when they use the tools without responsible usage.
The challenge requires organisations to maintain user safety through accurate information management while providing users with transparent digital health services. The growing dependence of users on algorithm-based content requires educational institutions to develop students' critical thinking abilities and digital skills to minimise negative effects from AI-driven communication methods.
References
- https://pmc.ncbi.nlm.nih.gov/articles/PMC12924558/
- https://academic.oup.com/heapro/article/40/2/daaf023/8100645
- https://pmc.ncbi.nlm.nih.gov/articles/PMC12673052/
- https://www.frontiersin.org/journals/public-health/articles/10.3389/fpubh.2025.1713794/full
- https://www.who.int/teams/digital-health-and-innovation/digital-channels/combatting-misinformation-online
- https://link.springer.com/article/10.1186/s12982-025-00777-2
- https://www.washingtonpost.com/health/2026/04/21/chatbot-medical-advice-accurate/