It's fun time, but beware of Holi ke side-effects

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.

San Francisco, Mar 18: Facebook said a bug in its anti-spam system temporarily blocked the publication of links to news stories about the coronavirus. Guy Rosen, Facebook's vice president of integrity, said on Twitter Tuesday that the company was working on a fix for the problem.

Users complained that links to news stories about school closings and other information related to the virus outbreak were blocked by the company's automated system.

Later on Tuesday, Rosen tweeted that Facebook had restored all the incorrectly deleted posts, which also covered topics beyond the coronavirus.

Rosen said the problems were unrelated to any changes in Facebook's content-moderator workforce. The company reportedly sent its human moderators home this week because of the coronavirus outbreak.

A representative for Facebook did not immediately respond to questions on the status of Facebook's content moderators, many of whom do not work directly for the company and are not always able to work from home.

In the wake of the gas leak at a factory in Visakhapatnam, the National Disaster Management Authority (NDMA) has issued detailed guidelines for restarting industries after the lockdown and the precautions to be taken for the safety of the plants as well as the workers.

In a communication to all states and union territories, the NDMA said due to several weeks of lockdown and the closure of industrial units, it is possible that some of the operators might not have followed the established standard operating procedures.

As a result, some of the manufacturing facilities, pipelines, valves may have residual chemicals, which may pose risk. The same is true for the storage facilities with hazardous chemicals and flammable materials, it said.

The NDMA guidelines said while restarting a unit, the first week should be considered as the trial or test run period after ensuring all safety protocols.

Companies should not try to achieve high production targets. There should be 24-hour sanitisation of the factory premises, it said.

The factories need to maintain a sanitisation routine every two-three hours especially in the common areas that include lunch rooms and common tables which will have to be wiped clean with disinfectants after every single use, it added.

For accommodation, the NDMA said, sanitisation needs to be performed regularly to ensure worker safety and reduce the spread of contamination.

To minimise the risk, it is important that employees who work on specific equipment are sensitised and made aware of the need to identify abnormalities like strange sounds or smell, exposed wires, vibrations, leaks, smoke, abnormal wobbling, irregular grinding or other potentially hazardous signs which indicate the need for immediate maintenance or if required shutdown, it said.

At least 11 people lost their lives and about 1,000 others were exposed to a gas leak at a factory in Andhra Pradesh''s Visakhapatnam on May 7.

The incident took place after it restarted operations when the government allowed industrial activities in certain sectors following several weeks of lockdown.

The lockdown was first announced by Prime Minister Narendra Modi on March 24 for 21 days in a bid to combat the coronavirus threat. The lockdown was then extended till May 3 and again till May 17.