Website Security News
Our latest posts on website security issues that impact ecommerce sites, including tips for keeping client data secure. Learn about PCI compliance and emerging threats against ecommerce platforms such as Magento, Prestashop, Woocommerce, and OpenCart.
Sucuri’s focus has always been on educating website owners about the latest threats and vulnerabilities — and much of that depends on our industry-leading research team. As the holiday season approaches, we asked our researchers what recommendations they had for ecommerce website owners to protect…
Read More about Website Security Tips for Black Friday & Cyber Monday
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November…
Read More about Black Friday/Cyber Monday Ecommerce Security Threats
We often write about malware that steal payment information from sites built with Magento and other types of e-commerce CMS. When discussing credit card skimmers like Magecart, it’s sometimes overlooked…
If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable. In…
We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that the site had been infected…
Read More about Fake Google Domains Used in Evasive Magento Skimmer
The final actor of the stolen payment data supply chain is the end user. Rather than just selling or reselling payment data, the end user plans on fraudulently monetizing it….
Read More about Stolen Payment Data: Infected Ecommerce Website to Darknet Markets
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow…
These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well…
Read More about Closed Source E-commerce Platforms Can Be Compromised
We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into…
Read More about How Stolen Ecommerce Data is Sold on the Darknet
Update: Read our new PCI Compliance guide. Welcome to the final post to conclude our series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show…
Read More about PCI for SMB: Requirement 12 – Maintain an Information Security Policy
Update: Read our new PCI Compliance guide. Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how…
Read More about PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks
