November 23, 2021
Via: Help Net SecurityWith Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organization has […]
Threats & Malware, Vulnerabilities
April 29, 2020
Via: Security AffairsAdobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]
November 13, 2019
Via: Threat PostThe popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. While the company didn’t specify what kinds […]
June 4, 2019
Via: TechRadarSME websites using the Magento ecommerce platform are currently at high risk from cyberattacks according to new research from Foregenix. The firm analyzed almost 9m websites worldwide, including 2m in Europe, to discover that 87 percent of SME websites using […]
Network security, Vulnerabilities
April 1, 2019
Via: CSO OnlineThe Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon become a target for attackers. Magento, an Adobe-owned company since 2018, released […]
September 5, 2018
Via: Help Net SecurityA card skimming operation has compromised 7339 Magento-based online stores, allowing the attackers to quietly slurp payment card info as it’s being entered by customers. Flagged in early August by Peeter Marvet (in Estonian) and then by security researcher Willem […]
October 20, 2016
Via: Security AffairsSecurity experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate payment card data […]
November 10, 2015
Via: CSO OnlineLast week, researchers from Russian antivirus vendor Doctor Web discovered a new Ransomware family targeting Linux systems. They called the malware Linux.Encoder.1, and warned administrators with Magento installations to patch immediately, as the malware was observed targeting flaws in CMS […]
October 19, 2015
Via: malwareSome websites running the e-commerce platform #magento appear to have been infected with code that directs victims to the #neutrino #exploit kit. It’s not exactly clear how the Magento sites were infected, wrote Denis Sinegubko, a senior #malware researcher with […]
October 14, 2015
Via: hackerResearchers at Trustwave spotted a zero-day #exploit in the Magmi plugin for the #magento e-commerce platform that can be used by an attacker to access #credentials and potentially gain complete control of the a user’s Magento database. The vulnerability exists […]
September 14, 2015
Via: vulnerabilities#researchers recently discovered a smattering of #vulnerabilities in web applications and mobile applications belonging to companies like #yahoo, #paypal, #magento, and Shopify that could have led to account theft, session hijacking, and phishing, among other consequences. Hadji Samir, Ebrahim Hegazy, […]
July 6, 2015
Via: featuredHere’s an overview of some of last week’s most interesting news and articles: 5 ways to stop the Internet of Things from becoming the Internet of Thieves This is the Internet universalized, embedded more deeply into every aspect of our […]
March 21, 2024
March 7, 2024