High import duties keeping Tesla off Indian roads: Elon Musk

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

With the scrapping of Mitron and Remove China Apps from its Play Store gaining a lot of attention in India, Google on Thursday said that it removed a video app "for a number of technical policy violations", while adding that it also does not allow an app that "encourages or incentivizes users into removing or disabling third-party apps".

Both the apps became immensely popular in India within a short span of time due to the prevailing anti-China sentiment amid border tensions between India and China in Ladakh and calls by Indian activists to boycott Chinese products.

Reports suggested that the Mitron app is a repackaged version of TicTic, which is a TikTok clone.

The Remove China Apps was designed to help users identify applications of Chinese origin.

Without naming the apps, Google hinted that the Mitron app may make a comeback on the Play Store once it fixes some technical issues, but the chances of the Remove China Apps are thin.

"We have an established process of working with developers to help them fix issues and resubmit their apps. We've given this developer (of the video app) some guidance and once they've addressed the issue the app can go back up on Play," Sameer Samat, Vice President, Android and Google Play, said in a statement.

Google said that its Android app store was designed to provide a safe and secure experience for the consumers while also giving developers the platform and tools they need to build sustainable businesses.

Samat said that Google Play recently suspended a number of apps for violating the policy that it does not allow an app that "encourages or incentivizes users into removing or disabling third-party apps or modifying device settings or features unless it is part of a verifiable security service".

"This is a longstanding rule designed to ensure a healthy, competitive environment where developers can succeed based upon design and innovation. When apps are allowed to specifically target other apps, it can lead to behaviour that we believe is not in the best interest of our community of developers and consumers," Samat said.

"We've enforced this policy against other apps in many countries consistently in the past - just as we did here," he added.

Kozhikode, Apr 4: In a bid to maintain the lockdown amid COVID-19 outbreak, Police in Kozhikode is monitoring the situation using drone cameras and making sure that people are not breaking the law.

The police have so far arrested 41 persons who were out on a morning walk on Saturday during the lockdown in the backdrop of coronavirus outbreak.

The SHO of Town South Police Station informed that the accused were later released on bail.
At least 295 cases have been reported in the state so far.

Talking about COVID-19 testing, State Health Minister KK Shailaja told media: "Nine labs are conducting polymerase chain reaction (PCR) tests in Kerala. We've received 2000 rapid test kits and will start rapid tests from tomorrow. If a person tests positive in rapid test, we need to confirm it with PCR test."

The total number of COVID-19 positive cases in India climbed to 3072 on Saturday, according to Ministry of Health and Family Welfare.