CERT-IN warns of credit card skimming campaign targeting e-commerce websites

By Binu MathewJuly 20, 2020

Indian Computer Emergency Response Team (CERT-In) on Saturday issued a public warning about a credit card skimming campaign spread through sports, health and e-commerce websites.

In an official post, CERT-In explains attackers are targeting websites hosted on Microsoft’s IIS server running with ASP.NET web application framework (used to develop web apps and services).

The problem lies with version 4.0.30319 of ASP.NET which is no longer officially supported by Microsoft and contains multiple vulnerabilities which makes it easier for attackers to exploit them.

CERT-In has advised websites using ASP.NET web framework and IIS web server to use the latest version and conduct security audits of web application, web server and database server, in addition to checking web server directories regularly for any malicious web shell files and remove them before they can be exploited.

CERT-IN warns of credit card skimming campaign targeting e-commerce websites

More in IT

India Inc, not just IT, dangles big bucks for AI specialists. But is it all hype?

OpenAI co-founder Ilya Sutskever departs, Sam Altman says ‘very sad to me…’

Google unveils ‘future of AI assistants’ with Project Astra. Everything you need to know

Must Read Articles

Poor Show

Zomato & Swiggy

Regulating Big Tech

Interview with Preetham Uthaiah, EVP – Marketing & Strategy Saankhya Labs

DoT launches portal for centralised RoW approvals

NCAER Working Paper

Real-Time-Bidding of your Data

DoT to get 33 pc stake of Vi for Rs 16,133 cr interest dues

National Data Governance Framework

BSNL 4G

Archives

You may also like

More in IT

Must Read Articles

Archives