Website Security News
Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting malicious scripts that create functions designed to steal credit card information. This technique is not…
Read More about SF9 Realex Magento Module Targeted by Credit Card Scrapers
Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website security. Online shopping, to many people, is almost synonymous with a certain…
Read More about New Guide on How to Fix Hacked Magento Sites
With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento installations in order to steal…
Read More about Malicious Redirect Injected in Magento One Page Checkout
Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week….
We regularly find and write about malware that steals credit card details from Magento sites because attackers discover new techniques to obtain sensitive data daily. This time, the malicious code…
Read More about Magento Credit Card Stealer for Braintree Extension
With about 30% of the market share, Magento is gradually becoming a “WordPress” of the ecommerce world. Like WordPress, it becomes a major target for hackers due to its popularity….
Read More about Magento PCI Compliance Issues and Theft Over TLS
During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely. We notified the Magento team…
We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from “guruincsite[.]com“. Google already blacklisted about seven thousand sites because of this malware. There are…
We’ve been writing a lot about ecommerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more…
Read More about Magento Platform Targeted By Credit Card Scrapers
As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it can be exploited to take…
Read More about Magento Shoplift (SUPEE-5344) Exploits in the Wild
The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more than two months since the release and still…
Read More about Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!
