Website Security News
In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our…
Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php; These are…
Read More about Shell Logins as a Magento Reinfection Vector
Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting…
Read More about SF9 Realex Magento Module Targeted by Credit Card Scrapers
Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website security. Online shopping, to many people, is almost synonymous with a certain…
Read More about New Guide on How to Fix Hacked Magento Sites
With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento installations in order to steal…
Read More about Malicious Redirect Injected in Magento One Page Checkout
Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week….
We regularly find and write about malware that steals credit card details from Magento sites because attackers discover new techniques to obtain sensitive data daily. This time, the malicious code…
Read More about Magento Credit Card Stealer for Braintree Extension
With about 30% of the market share, Magento is gradually becoming a “WordPress” of the ecommerce world. Like WordPress, it becomes a major target for hackers due to its popularity….
Read More about Magento PCI Compliance Issues and Theft Over TLS
During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely. We notified the Magento team…
We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from “guruincsite[.]com“. Google already blacklisted about seven thousand sites because of this malware. There are…
We’ve been writing a lot about ecommerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more…
Read More about Magento Platform Targeted By Credit Card Scrapers
