India’s cybersecurity agency warns people of credit card skimming via e-commerce sites

Agencies
July 18, 2020

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 4,2020

Twitter has joined efforts to do away with racially loaded terms such as master, slave and blacklist from its coding language in the wake of the death of African-American George Floyd and ensuing Black Lives Matter protests.

The project started even before the current movement for racial justice escalated following the death of 46-year-old George Floyd in police custody in May.

The use of terms such as "master" and "slave" in programming language originated decades ago. While "master" is used to refer to the primary version of a code, "slave" refers to the replicas. Similarly, the term "Blacklist" is used to refer to items which are meant to be automatically denied.

The efforts to change these terms in favour of more inclusive language at Twitter were initiated by Regynald Augustin and Kevin Oliver and the microblogging platform is now backing their efforts.

"Inclusive language plays a critical role in fostering an environment where everyone belongs. At Twitter, the language we have been using in our code does not reflect our values as a company or represent the people we serve. We want to change that. #WordsMatter," Twitter's engineering team said in a post on Thursday.

As per the recommendations from the team, the term "whitelist" could be replaced by "allowlist" and "blacklist" by "denylist".

Similarly, "master/slave" could be replaced by "leader/follower", "primary/replica" or "primary/standby".

Twitter, however, is not the first to start a project to bring inclusivity in programming language.

According to a report in CNET, the team behind the Drupal online publishing software started using "primary/replica" in place of "master/slave" as early as in 2014.

The use of the terms "master/slave" was also dropped by developers of the Python programming language in 2018.

Now similar efforts are underway at Microsoft's Github and LinkedIn divisions as well, said the report.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
April 17,2020

Paris, Apr 17: Even as virologists zero in on the virus that causes COVID-19, a very basic question remains unanswered: do those who recover from the disease have immunity?

There is no clear answer to this question, experts say, even if many have assumed that contracting the potentially deadly disease confers immunity, at least for a while.

"Being immunised means that you have developed an immune response against a virus such that you can repulse it," explained Eric Vivier, a professor of immunology in the public hospital system in Marseilles.

"Our immune systems remember, which normally prevents you from being infected by the same virus later on."

For some viral diseases such a measles, overcoming the sickness confers immunity for life.

But for RNA-based viruses such as Sars-Cov-2 -- the scientific name for the bug that causes the COVID-19 disease -- it takes about three weeks to build up a sufficient quantity of antibodies, and even then they may provide protection for only a few months, Vivier told AFP.

At least that is the theory. In reality, the new coronavirus has thrown up one surprise after another, to the point where virologists and epidemiologists are sure of very little.

"We do not have the answers to that -- it's an unknown," Michael Ryan, executive director of the World Health Organization's Emergencies Programme said in a press conference this week when asked how long a recovered COVID-19 patient would have immunity.

"We would expect that to be a reasonable period of protection, but it is very difficult to say with a new virus -- we can only extrapolate from other coronaviruses, and even that data is quite limited."

For SARS, which killed about 800 people across the world in 2002 and 2003, recovered patients remained protected "for about three years, on average," Francois Balloux director of the Genetics Institute at University College London, said.

"One can certainly get reinfected, but after how much time? We'll only know retroactively."

A recent study from China that has not gone through peer review reported on rhesus monkeys that recovered from Sars-Cov-2 and did not get reinfected when exposed once again to the virus.

"But that doesn't really reveal anything," said Pasteur Institute researcher Frederic Tangy, noting that the experiment unfolded over only a month.

Indeed,several cases from South Korea -- one of the first countries hit by the new coronavirus -- found that patients who recovered from COVID-19 later tested positive for the virus.

But there are several ways to explain that outcome, scientists cautioned.

While it is not impossible that these individuals became infected a second time, there is little evidence this is what happened.

More likely, said Balloux, is that the virus never completely disappeared in the first place and remains -- dormant and asymptomatic -- as a "chronic infection", like herpes.

As tests for live virus and antibodies have not yet been perfected, it is also possible that these patients at some point tested "false negative" when in fact they had not rid themselves of the pathogen.

"That suggests that people remain infected for a long time -- several weeks," Balloux added. "That is not ideal."

Another pre-publication study that looked at 175 recovered patients in Shanghai showed different concentrations of protective antibodies 10 to 15 days after the onset of symptoms.

"But whether that antibody response actually means immunity is a separate question," commented Maria Van Kerhove, Technical Lead of the WHO Emergencies Programme.

"That's something we really need to better understand -- what does that antibody response look like in terms of immunity."

Indeed, a host of questions remain.

"We are at the stage of asking whether someone who has overcome COVID-19 is really that protected," said Jean-Francois Delfraissy, president of France's official science advisory board.

For Tangy, an even grimmer reality cannot be excluded.

"It is possible that the antibodies that someone develops against the virus could actually increase the risk of the disease becoming worse," he said, noting that the most serious symptoms come later, after the patient had formed antibodies.

For the moment, it is also unclear whose antibodies are more potent in beating back the disease: someone who nearly died, or someone with only light symptoms or even no symptoms at all. And does age make a difference?

Faced with all these uncertainties, some experts have doubts about the wisdom of persuing a "herd immunity" strategy such that the virus -- unable to find new victims -- peters out by itself when a majority of the population is immune.

"The only real solution for now is a vaccine," Archie Clements, a professor at Curtin University in Perth Australia, told AFP.

At the same time, laboratories are developing a slew of antibody tests to see what proportion of the population in different countries and regions have been contaminated.

Such an approach has been favoured in Britain and Finland, while in Germany some experts have floated the idea of an "immunity passport" that would allow people to go back to work.

"It's too premature at this point," said Saad Omer, a professor of infectious diseases at the Yale School of Medicine.

"We should be able to get clearer data very quickly -- in a couple of months -- when there will be reliable antibody tests with sensitivity and specificity."

One concern is "false positives" caused by the tests detecting antibodies unrelated to COVID-19.

The idea of immunity passports or certificates also raises ethical questions, researchers say.

"People who absolutely need to work -- to feed their families, for example -- could try to get infected," Balloux.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 4,2020

The Mars Colour Camera (MCC) onboard ISRO's Mars Orbiter Mission has captured the image of Phobos, the closest and biggest moon of Mars.

The image was taken on July 1 when MOM was about 7,200 km from Mars and 4,200 km from Phobos.

"Spatial resolution of the image is 210 m.

This is a composite image generated from 6 MCC frames and has been color corrected," ISRO said in an update along with the image.

Phobos is largely believed to be made up of carbonaceous chondrites.

According to ISRO, "the violent phase that Phobos has encountered is seen in the large section gouged out from a past collision (Stickney crater) and bouncing ejecta."

"Stickney, the largest crater on Phobos along with the other craters (Shklovsky, Roche & Grildrig) are also seen in this image," it said.

The mission also known as Mangalyaan was initially meant to last six months, but subsequently ISRO had said it had enough fuel for it to last "many years."

The country had on September 24, 2014 successfully placed the Mars Orbiter Mission spacecraft in orbit around the red planet, in its very first attempt, thus breaking into an elite club.

ISRO had launched the spacecraft on its nine-month- long odyssey on a homegrown PSLV rocket from Sriharikota in Andhra Pradesh on November 5, 2013.

It had escaped the earth's gravitational field on December 1, 2013.

The Rs 450-crore MOM mission aims at studying the Martian surface and mineral composition as well as scan its atmosphere for methane (an indicator of life on Mars).

The Mars Orbiter has five scientific instruments - Lyman Alpha Photometer (LAP), Methane Sensor for Mars (MSM), Mars Exospheric Neutral Composition Analyser (MENCA), Mars Colour Camera (MCC) and Thermal Infrared Imaging Spectrometer

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.