wordpress blog stats
Connect with us

Hi, what are you looking for?

,

Updated: CCAvenue Payment Gateway Hacked: Report

Update 7: Countering what Patel claims in an interview with us, Akash Mahajan, in the comments to this post, points out a web server update log(screenshot), that indicates that the upgrade to Apache 2.2.17 for CCAvenue took place today. Patel had told us that the upgrade took place 5 months ago, and used that as a basis for claiming that the logs published are inaccurate, since they indicate that the server was Apache 2.2.14. As a counterpoint, OneMindsl says that netcraft updates that data only when requested, so this may not be indicative of upgrades, rather updates of upgrades (confusing, eh?). Update 6: FullDisclosure appears to have the original copy of the email that d3hydr8 sent. Thanks @dotmanish. Additionally, Anon, in the comments, says that "its still possible that someone accessed this backup somewhere in their file system on their server; and asks "if there was no hack, how is company confidential schema, employee data out in the public domain?" Note that Patel told us that it's not "real live database schema". Akash Mahajan points out "Sorry for nitpicking but, Passwords need to be hashed. Hashing means one way encryption. This means once hashed there is no way of getting the original value back. Ideally secure passwords are salted and hashed. This helps in avoiding a dictionary attack against hashed passwords." More questions in the comments from asdf Update 5: Hetal R on Twitter says that when he tried resetting a CCAvenue password, he got the plaintext password, and that is a security hole.…

Please subscribe/login to read the full story.
Written By

Founder @ MediaNama. TED Fellow. Asia21 Fellow @ Asia Society. Co-founder SaveTheInternet.in and Internet Freedom Foundation. Advisory board @ CyberBRICS

Free Reads

News

Telecom companies are against a regulatory sandbox, as they think information revealed by businesses during the sandboxing process might be confidential should be out...

News

According to a statement, the executive body of the European Union had also sought internal documents on the risk assessments and mitigation measures for...

News

The newly launched partially open-sourced LLM Grok-1 can be commercially used but not trademarked.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

NPCI CEO Dilip Asbe recently said that what is not written in regulations is a no-go for fintech entities. But following this advice could...

News

Notably, Indus Appstore will allow app developers to use third-party billing systems for in-app billing without having to pay any commission to Indus, a...

News

The existing commission-based model, which companies like Uber and Ola have used for a long time and still stick to, has received criticism from...

News

Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...

News

Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ