Archive | Security

RSS feed for this section

Magento Credit Card Stealer Reinfector

In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes. In this post, we describe one of More Info »

How APIs Can Streamline Your Operations

Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern. How late do I need to stay up tonight? How much longer will this take? What did I miss? I’ve heard this communicated a More Info »

Shell Logins as a Magento Reinfection Vector

Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php; These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate. More Info »

An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the ease of mining at the expense of system administrators, website owners, and their visitors. Another Way Hackers are Tricking Website Visitors into Stealth Cryptomining The latest of these new techniques More Info »

The Impacts of a Data Breach

Have you ever wondered what happens if your e-commerce site is breached? Usually, when you think about data breaches, you think about big enterprise websites. Does that mean that big brands are the ones who suffer the most from data breaches? Actually not. Recently, Trustwave put out a report that states approximately 90% of breaches impact More Info »