Website Security News
Keep up to date on the latest Magento infections and mitigation steps to keep your Magento shop secure. Browse our latest posts about Magento security, including the latest vulnerability disclosures, credit card swipers, and PCI compliance.
E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information from online storefronts. A recent investigation for a compromised Magento website revealed a rather interesting injection. The website owner had…
Read More about It Takes 2 Seconds of Silence to Skim a Credit Card
Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle transactions based on order details…
Read More about Credit Card Stealer Targets PsiGate Payment Gateway Software
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for known malicious content and malware…
Read More about WordPress Overtakes Magento in Credit Card Skimmers
As more businesses switch to online options Magento is a popular Content Management System (CMS) of choice for eCommerce websites. That being said, with the online industry becoming more interconnected…
On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked as CVE-2022-24086 with a CVSS…
Read More about Adobe Patches Critical RCE Vulnerability in Magento2
While unpatched installations of Magento 2 contain many vulnerabilities, I’m going to focus my attention on Magento 1 for this article. This is because Magento 2 provides regularly updated patches…
Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of 18 security vulnerabilities patched according…
Read More about Adobe Patches Critical Magento Vulnerabilities in Recent Update
During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by…
Recently one of our analysts, Weston H., found a very interesting credit card stealer in a Magento environment which loads a malicious JavaScript without using any script tags. In this…
Read More about Stylish Magento Card Stealer loads Without Script Tags
MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers and selling them on the…
Read More about Magecart Swiper Uses Unorthodox Concatenation
In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the reasons behind why websites become…
Read More about Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2
