There’s a new security alert from the Indian Computer Emergency Response Team or CERT for Apple users. The agency has said Apple’s Safari browser has issues that can leave them vulnerable. And in order to avoid falling prey to cyber attacks, they need to update the browser right away. The alert advisory has been titled CIAD-2020-0047. Also Read - India's CERT issues warning about credit card scam on the internet
CERT-In says these vulnerabilities are there because of issues like improper validation, improper access restrictions, and improper memory handling among others. It says attackers can use these issues to target the users via a specially crafted website. “They can do this to cause URL Unicode encoding on a targeted system,” it adds. Also Read - Microsoft issues security alert over cyber attack: Reports
Watch: OnePlus Nord First Look and Unboxing
Thankfully, Apple seems to have recognized this issue. The update for Safari is available on Apple’s support website. This was released on July 15 and works on versions of macOS Mojave and macOS High Sierra. It comes included in macOS Catalina. CERT-In has given it a high severity rating, which means Apple users should ideally update their browsers right away. Also Read - Cyber attacks outpacing physical terror attacks
CERT-In gives security warnings for credit card skimmers
This is the second major alert from the agency this month. A few days back it had shared details about a new attack model that is looking to steal user data and even money. The cyber body explained about a credit card skimming campaign run through e-commerce websites.
Attackers targeted the websites hosted on Microsoft’s IIS server and running ASP.NET web application framework, CERT-In explained. Apparently, Microsoft no longer supports this framework. And this has made the websites running on the server vulnerable to cyber attacks.
The details shared by CERT-In came through a recent Malwarebytes Labs report. It had discovered vulnerability termed CVE-2017-9248, for ASP.NET allowed them to steal credit card details. That’s not all, the issue could allow attackers to steal passwords of users, it said. The report said incidents were first observed in April this year. This is when online transactions were at a peak because of lockdown in many parts of the world.