Website Security News
Update 2/17: This post is not about hackers tricking webmasters into installing fake Magento security patch. It’s about malware that pretends to be an applied security patch. In case you don’t know, SUPEE-5344 is an official security patch to the infamous Magento shoplift bug. That bug…
Read More about Fake SUPEE-5344 Patch Steals Payment Details
During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely. We notified the Magento team…
Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting…
Read More about SF9 Realex Magento Module Targeted by Credit Card Scrapers
Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website security. Online shopping, to many people, is almost synonymous with a certain…
Read More about New Guide on How to Fix Hacked Magento Sites
As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it can be exploited to take…
Read More about Magento Shoplift (SUPEE-5344) Exploits in the Wild
With about 30% of the market share, Magento is gradually becoming a “WordPress” of the ecommerce world. Like WordPress, it becomes a major target for hackers due to its popularity….
Read More about Magento PCI Compliance Issues and Theft Over TLS
We’ve been writing a lot about ecommerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more…
Read More about Magento Platform Targeted By Credit Card Scrapers
Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week….
Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience. In this post, I’ll show you how…
Read More about Impacts of a Hack on a Magento Ecommerce Website
A few days ago, Magento 1.7.0.2 was released to fix a very serious security vulnerability that allows attackers to read any file on the web server where the Zend XMLRPC…
Read More about Magento Security Update (1.7.0.2) – Zend_XmlRpc Vulnerability
Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this every day in the news now. Everyone seems to…
