Your phone's motion sensors may reveal your PIN, passwords

New Delhi, Jan 22: "Don't get into a trap. Your security is in your hands," the Border Security Force (BSF) has said issuing its social media rules for its officers and men. It has directed them not to use 42 mobile applications and show caution while using Facebook, Twitter and WhatsApp.

"Be cautious while using social media," said the BSF in a circular issued recently.

"Before using WhatsApp, Facebook, Twitter and other social media platforms, one needs to keep in mind that you are border guarding force and Central Civil Services (Conduct) Rules rule duly are applicable," it said.

It further pointed out that by commenting/writing about or forwarding unverified reports and rumours one violates laws of land.

"Several times unverified reports would be presented in way that they are absolutely true and start believing it. Seeing such post always use your commonsense and never get into the trap (sic.)," it state adding that the anti-national elements uses social media to propagate their agenda to cause unrest in India.

A picture clicked by Border Security Force personnel and posted on a social media platform remains there for always. Therefore, one should use officially approved pictures about any incident or untoward incidents related to Border Security Force, stated the circular. It pointed that unauthorised persons should not engage into taking pictures of the incidents.

It also highlighted how through social media, a few BSF personnel have fallen into trap of espionage racket carried out by enemy countries.

"Our security and respect is in our hands. Always think twice whether you are doing correct by accepting friendship requests from unknown persons, especially women and girls," it cautioned the troopers and officers.

It also highlighted that while going on leave and joining back the force, always follow the rules and regulations laid out for safety and security. "This is for your own safety," it stressed in the end.

The BSF has also issued a list of 42 mobile applications that needs to be completely avoided by serving BSF officers and jawans.

They are MI store, Weibo, Wechat, Shareit, Truecaller, UC News, UC Browser, Beautyplus, NewsDog, Viva Video - QU video Inc, Parallel Space, Apus Browser, Perfect Corp, Virus Cleaner - HI Security Lab, CM browser, MI Community, DU recorder, Vault Hide - No mobile Security, Youcam Makeup, Cachecleaner DU Apps Studio, DU battery saver, DU privacy, 360 security, DU Browser,Clean master - Cheeta Mobile, Baidu Translate, Wonder Camera - Bindu Inc, ES Ifle Explorer, Photo Wonder, QQ international , QQ music, QQ Mail, AA player, QQ News Feed, Wesync, QQ security Center, Selfie City, Mail Master, Mi Video Call -Xaomi and QQ launcher.

New Delhi, Jul 15: The employees union of state-run telecom operator BSNL will stage protests across the country on Thursday on a host of issues including the cancellation of its 4G tender and non-payment of salaries.

All major unions are organising ‘lunch-hour black-flag' demonstrations throughout the country under the banner of All Unions and Association of BSNL (AUAB), said a statement by AUAB. These demonstrations will be organised, by maintaining social distancing and by taking other precautions, like wearing of masks. The BSNL employees will also wear black-badges the whole day on July 16.

The employees body would demand that BSNL should immediately be allowed to roll out its 4G services and the tender should be issued immediately. Further, they want that in the matter of procuring new equipment and upgradation, there should not be any discrimination between BSNL and other private telecom service providers.

Recently, the Centre cancelled the 4G upgradation tender for BSNL as it had decided to come up with fresh specifications for the upgrade process, in a move to keep Chinese technology companies at bay as the border tussle escalated with the northern neighbour.

The Department of Telecommunications (DoT) would issue a fresh tender for the same, and people in the know said that Chinese companies may not be allowed to participate.

"The agitational programme is being organised to express the deep anguish and resentment of the employees against cancellation of BSNL's 4G tender, cancellation of BSNL's proposal for upgradation of its 49,300 BTSs to 4G, abnormal delay in issuing ‘Add on Order' for 4G equipments, inordinate delay in the implementation of BSNL's Revival Package and against the non-settlement of the burning problems of the employees," said the statement.

The umbrella body of BSNL's employees' unions noted that rolling out of 4G services is the backbone for the revival of this telecom PSU, but the recent cancellation of the tender floated by BSNL for procuring 4G equipment at a cost of Rs 9,300 crore, has brought the company back to square one.

It said that BSNL is already having 49,300 base transceiver stations (BTS), which are 4G compatible and through minor upgradation, all these equipment can be converted into 4G BTSs with an investment of about Rs 1,500 crore.

In addition to this, BSNL could have added another 15,000 BTSs, by placing an Add on Order to the existing mobile tender, it added.

Noting that in October 2019, the PSU could have rolled out pan-India 4G services, AUAB said: "Being the sole owner of the company, the Government of India also cannot shirk its responsibility in this matter."

"Adding insult to injury, the tender floated by BSNL to procure 4G equipment, has been cancelled by the government, based on a complaint from the Telecom Equipments and Services Promotional Council (TEPC)," it said.

AUAB said that BSNL is already lagging four years behind the private operators, in terms of 4G and the cancellation of the tender is going to inordinately delay the company's 4G launch.

Saying that TEPC's contention has been to bar foreign companies from participating in BSNL's tender, AUAB statement pointed out that when private operators are procuring equipment from multinationals, "why BSNL alone should be compelled to procure 4G equipments from domestic vendors, whose 4G technology is not tested or proven so far."

It alleged a conspiracy to destabilise BSNL by disrupting its rolling out of 4G services.

AUAB further said that even after the lapse of nine months, the implementation of the much publicised BSNL's Revival Package is moving at a snail's pace.

"Except the swift retrenchment of 79,000 BSNL employees under VRS, all other assurances given in BSNL's Revival Package have been put in cold storage."

The management should ensure that the salary payment of the employees is made on the last working day of every month. Deductions made from employees' salary, on account of "society dues", should immediately be remitted, it said.

Regarding the monetisation of the company's assets under the revival package, the organisation said that the land asset should not be handed over to corporates, at "throwaway" prices.

"These lands should be sold in a transparent manner and at the prevailing market rates. They should not be sold at book value or at circle rates. The AUAB will strictly monitor these dealings," it said.

New Delhi, Jul 18: India's national cybersecurity agency CERT-in, has warned people of credit card skimming spreading across the world through e-commerce platforms.

Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP), the Computer Emergency Response Team (CERT-In) said in a notice on Thursday.

Recently, attackers targeted sites which were hosted on Microsoft's IIS server running with the ASP.NET web application framework, it said.

Some of the sites affected by the attack were found to be running ASP.NET version 4.0.30319, which is no longer officially supported by Microsoft and may contain multiple vulnerabilities, CERT-In said.

The notice also included a list of best practices for website developers including the use of the latest version of ASP.NET web framework, IIS web server and database server.

The advisory is based on research by Malwarebytes which found that this skimming campaign likely began sometime in April this year.

Credit card skimming has become a popular activity for cybercriminals over the past few years, and the increase in online shopping during the pandemic means additional business for them, too, Malwarebytes said in a blog post, adding that attackers do not need to limit themselves to the most popular e-commerce platforms.

Researchers from global cybersecurity and anti-virus brand Kaspersky had warned in December last year that more cybercriminal groups will target online payment processing systems in 2020. 

It said that over the past couple of years, so-called JS-skimming (the method of stealing of payment card data from online stores), has gained immense popularity among attackers. 

Kaspersky researchers in their report said they are currently aware of at least 10 different actors involved in these type of attacks.

Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.