Top

Tag: Magento


Cyber-crime, Phishing

Small businesses urged to protect their customers from card skimming

November 23, 2021

Via: Help Net Security

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organization has […]


Threats & Malware, Vulnerabilities

Adobe addresses several critical flaws in Illustrator, Bridge, and Magento

April 29, 2020

Via: Security Affairs

Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]


Malware, Vulnerabilities

Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks

November 13, 2019

Via: Threat Post

The popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. While the company didn’t specify what kinds […]


Network security, Security

Magento ecommerce sites at ‘high risk’ of cyberattack

June 4, 2019

Via: TechRadar

SME websites using the Magento ecommerce platform are currently at high risk from cyberattacks according to new research from Foregenix. The firm analyzed almost 9m websites worldwide, including 2m in Europe, to discover that 87 percent of SME websites using […]


Network security, Vulnerabilities

Critical Magento SQL injection flaw could be targeted by hackers soon

April 1, 2019

Via: CSO Online

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon become a target for attackers. Magento, an Adobe-owned company since 2018, released […]


Cyber-crime, Malware

Card skimming malware found on thousands of Magento-based sites

September 5, 2018

Via: Help Net Security

A card skimming operation has compromised 7339 Magento-based online stores, allowing the attackers to quietly slurp payment card info as it’s being entered by customers. Flagged in early August by Peeter Marvet (in Estonian) and then by security researcher Willem […]


Cyber-crime, Malware

Magento card-swiping malware hides stolen card data in legitimate images

October 20, 2016

Via: Security Affairs

Security experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate payment card data […]


Malware

Linux Ransomware has predictable key, automated decryption tool released

November 10, 2015

Via: CSO Online

Last week, researchers from Russian antivirus vendor Doctor Web discovered a new Ransomware family targeting Linux systems. They called the malware Linux.Encoder.1, and warned administrators with Magento installations to patch immediately, as the malware was observed targeting flaws in CMS […]


Malware

Magento sites targeted by Neutrino exploit kit

October 19, 2015

Via: malware

Some websites running the e-commerce platform #magento appear to have been infected with code that directs victims to the #neutrino #exploit kit. It’s not exactly clear how the Magento sites were infected, wrote Denis Sinegubko, a senior #malware researcher with […]


Hacker

Zero-Day in Magento plug-in could allow attacker to steal data

October 14, 2015

Via: hacker

Researchers at Trustwave spotted a zero-day #exploit in the Magmi plugin for the #magento e-commerce platform that can be used by an attacker to access #credentials and potentially gain complete control of the a user’s Magento database. The vulnerability exists […]


Vulnerabilities

Researchers Outline Vulnerabilities in Yahoo, PayPal, Magento Apps

September 14, 2015

Via: vulnerabilities

#researchers recently discovered a smattering of #vulnerabilities in web applications and mobile applications belonging to companies like #yahoo, #paypal, #magento, and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences. Hadji Samir, Ebrahim Hegazy, […]


Security

Week in review: Popular VPNs leaking data, and the new issue of (IN)SECURE Magazine

July 6, 2015

Via: featured

Here’s an overview of some of last week’s most interesting news and articles: 5 ways to stop the Internet of Things from becoming the Internet of Thieves This is the Internet universalized, embedded more deeply into every aspect of our […]