Website Security: How Do Websites Get Hacked?
Tony Perez In 2014, the total number of websites on the internet reached 1 billion. Today it’s hovering somewhere in the neighborhood of 944 million due to…
Browsing Category
Ecommerce Security
154 posts
Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!
Daniel Cid The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more than two months…
Impacts of a Hack on a Magento Ecommerce Website
Denis Sinegubko Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience. In this…
Security Advisory: Persistent XSS in WP-Super-Cache
Marc-Alexandre Montpas During a routine audit for our Website Firewall (WAF), we discovered a dangerous persistent XSS vulnerability affecting the very popular WP-Super-Cache plugin (more than a…
Intro to E-Commerce and PCI Compliance – Part I
Update: Read our new PCI Compliance guide. Have you ever heard of the term PCI? Specifically, PCI compliance? If you have an ecommerce website you…
IIS, Compromised GoDaddy Servers, and Cyber Monday Spam
While doing an analysis of one black-hat SEO doorway on a hacked site, I noticed that it linked to many similar doorways on other websites,…
Security Advisory – Medium Severity – WP eCommerce WordPress Plugin
Mickael Nadeau If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall…
Security Advisory – Hikashop Extension for Joomla!
In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…
Many Pieces of a Puzzle: Target, Neiman Marcus and Website Hacking
David Dede Corporations get hacked all the time. This is not news to anyone in the security business, but it has certainly received a lot of attention…
Phishing 2.0 – Credit Card Redirection on Compromised Sites
We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the…
WordPress Plugin: Easy Digital Downloads – Security Flaw Discovered and Patchedd
Dre Armeda Last night we were contacted by Adam Pickering about a security flaw discovered in Easy Digital Downloads (EDD), a free WordPress eCommerce plugin that allows…