Website Security News
Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out for. These principles can help in satisfying PCI DSS requirements 8 & 10: Requirement 8 – Identify and authenticate access to…
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and…
Read More about SQLi Vulnerability in YITH WooCommerce Wishlist
Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also busy infecting ecommerce websites with…
Read More about Risks For E-commerce Site Owners Through the Holidays
During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. What I didn’t know was how many…
Read More about Credit Card Stealer Investigation Uncovers Malware Ring
In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer…
Read More about Ecommerce Security: Fake Jquery Used as CC Scraper
Ecommerce websites have one of the most difficult challenges in the web security space – keeping the implicit trust of a customer in order to make them feel safe shopping…
Since late last year, there has been a steady rise in malware campaigns that aim to steal sensitive personal information and financial credentials. Attackers often insert pieces of malicious code…
Read More about Ecommerce Security – Customer Data Breaches Using Images
Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting…
Read More about SF9 Realex Magento Module Targeted by Credit Card Scrapers
With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few clicks you can set up…
In a matter of hours, a big e-commerce website can have hundreds of credit card numbers stolen and used by attackers on other websites around the world. We commonly see…
Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week….
