1. Home
  2. India’s cybersecurity agency warns people of credit card skimming via e-commerce sites

India’s cybersecurity agency warns people of credit card skimming via e-commerce sites

Agencies
July 18, 2020

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 10,2020

US dictionary Merriam-Webster will update the meaning of the word "racism" after being contacted by a Missouri black woman, who claimed the current definition fell short of including the systematic oppression of people of colour, according to media reports.

"A revision to the entry for racism is now being drafted to be added to the dictionary soon, and we are also planning to revise the entries of other words that are related to racism or have racial connotations," according to a statement of the 189-year-old dictionary shared by Kennedy Mitchum, a recent graduate of Drake University in Iowa, on her Facebook.

Mitchum, 22, emailed the dictionary last month, following the death of African American George Floyd in the custody of four Minneapolis police officers, Xinhua news agency reported.

"I kept having to tell them that definition is not representative of what is actually happening in the world," Mitchum told CNN. "The way that racism occurs in real life is not just prejudice, it's the systemic racism that is happening for a lot of black Americans."

Merriam-Webster's first definition of racism is "a belief that race is the primary determinant of human traits and capacities and that racial differences produce an inherent superiority of a particular race."

"It's not just disliking someone because of their race," Mitchum wrote in a Facebook post on Friday. "This current fight we are in is evidence of that, lives are at stake because of the systems of oppression that go hand-in-hand with racism."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
August 2,2020

New Delhi, Aug 2: The National Commission for Women (NCW) has issued notice to some Bollywood celebrities named in a complaint against the promoter of a company for allegedly blackmailing and sexually assaulting a number of girls on the pretext of giving them a career in modelling.

Taking cognizance of the complaint filed by social activist Yogita Bhayana of People Against Rape in India (PARI), the NCW scheduled a virtual hearing presided by its chairperson on August 6.

The complaint against Sunny Verma, promoter of a company named IMG Ventures with its headquarter in Chandigarh, alleged that he has been blackmailing and sexually assaulting a number of girls on the pretext of giving them career in modelling.

PARI's Yogita Bhayana wrote a complaint letter to NCW chairperson Rekha Sharma.

"Through his company, he (Sunny Verma) invites the girls on the pretext of organising a Miss Asia contest with a claim that the contest will launch them as models. To make it look genuine, his company has also been taking an entry fee of Rs 2,950. Once the girls apply, they are alluded by the female accomplices of Sunny Verma to submit their nude pictures in order to get the better ranking in the contest," the complaint letter said on July 31.

It alleged that Verma, after receiving the pictures and sometimes even before, used to get in touch with the girls and ask for completely nude pictures and videos.

The complaint letter said that Verma also used to allude as well as threaten the girls to submit to his sexual desires if they were interested in modelling as a career or wish to win the contest.

"Once he established a physical relationship with the girls, he used to blackmail them for regular sexual favours. Many girls from across the country have suffered a sexual and mental assault from Sunny and his accomplices," said the complaint citing several letters, texts and audio clips from several girls as proof of this modus operandi of Sunny Verma and his company.

The complaint also said that Sunny Verma has been previously also arrested on charges of sexual assault.

"We would demand that NCW should investigate the case to its depth and get the guilty punished so that any other person should not dare to exploit these kinds of innocent girls on any pretext. It will be a message to people like Sunny Verma and all associated Bollywood stars. Looking forward to strict action from NCW against sexual offenders like Sunny Verma & others," the complaint said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 9,2020

Twitter has hinted that it is planning a paid subscription platform that can be reused by other teams in the future.

The news that the micro-blogging platform is building a subscription platform with a team codenamed "Gryphon" resulted in Twitter stock rising over 8% on Wednesday.

Twitter revealed its plan via a job listing that seeks a full-stack senior software engineer in New York to join "Gryphon".

Interestingly, Twitter "edited" the job listing once the news broke, removing the part about "Gryphon" and any mention of their internal team or their subscription feature. The listing said the company is looking for an Android engineer to "work on a bevy of backend engineering teams to build components that allow for experimentation to deliver the best experience possible to all of our users".

Later, Twitter users noticed that the company restored the earlier job listing that mentioned the upcoming subscription platform and "Gryphon".

A spokesperson for Twitter told CNN on Wednesday that it's only a job posting, not a product announcement.

This is not the first time Twitter has thought of a paid product. 

In 2017, it sent out a survey to users and a preview of what a premium offering of its TweetDeck app might look like, including breaking news alerts and more analytics, according to The Verge.

"We're conducting this survey to assess the interest in a new, more enhanced version of Tweetdeck. We regularly conduct user research to gather feedback about people's Twitter experience and to better inform our product investment decisions, and we're exploring several ways to make TweetDeck even more valuable for professionals," a Twitter spokesperson had said at that time.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.