Hacked Website Report – 2016/Q3
Daniel Cid Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri…
Browsing Category
Magento Security
94 posts
Malicious Redirect Injected in Magento One Page Checkout
Bruno Zanelato With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento…
Magento Credit Card Swiper Exports to Image
Ben Martin Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding…
Hacked Website Report – 2016/Q2
Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights…
Magento Credit Card Stealer for Braintree Extension
John Castro We regularly find and write about malware that steals credit card details from Magento sites because attackers discover new techniques to obtain sensitive data daily.…
Hacked Website Report – 2016/Q1
Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our…
Fake SUPEE-5344 Patch Steals Payment Details
Denis Sinegubko Update 2/17: This post is not about hackers tricking webmasters into installing fake Magento security patch. It’s about malware that pretends to be an applied…
Magento PCI Compliance Issues and Theft Over TLS
With about 30% of the market share, Magento is gradually becoming a “WordPress” of the ecommerce world. Like WordPress, it becomes a major target for…
Security Advisory: Stored XSS in Magento
Marc-Alexandre Montpas During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely.…
Malicious Pastebin Replacement for jQuery
Website hackers are always changing tactics and borrowing ideas from each other. One of the challenges of website security is staying on top of those…
Massive Magento Guruincsite Infection
We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from “guruincsite[.]com“. Google already blacklisted about seven thousand sites because…