India has millions of internet users, making them the perfect target for scammers. And according to the Indian Computer Emergency Response Team (CERT-In), there’s a new attack model looking to steal their data and even money. The cyber body explained about a credit card skimming campaign run through e-commerce websites. Also Read - Microsoft launches Windows File Recovery app to help recover deleted data
Attackers targeted the websites hosted on Microsoft’s IIS server and running ASP.NET web application framework, CERT-In explained. Apparently, Microsoft no longer supports this framework. And this has made the websites running on the server vulnerable to cyber attacks. Also Read - New Android vulnerability warning issued by CERT-In
Watch: Weekly News Roundup – June 17
So understandably, CERT-In wants owners of these websites to update their framework to the latest version. In addition to this, they want to make sure they audit the applications as well as the server database. This way, they will be able to keep a track of any malicious files loaded into the backend for exploiting the security weakness. Also Read - CERT-In issues alert on 'Locky' ransomware spreading in India
The details shared by CERT-In came through a recent Malwarebytes Labs report. It had discovered vulnerability termed CVE-2017-9248, for ASP.NET ..
Support the originator by clicking the read the rest link below.
