eCommerce Security – Page 3

Malicious JavaScript Used in WP Site/Home URL Redirects

Posted on January 21, 2020 by Luke Leal

Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen ov… Continue reading Malicious JavaScript Used in WP Site/Home URL Redirects→

Zen Cart “PayPal” Skimmer

Posted on January 17, 2020 by Luke Leal

While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.
We recently found a case on a lesser known open source ecommer… Continue reading Zen Cart “PayPal” Skimmer→

Website Security Tips for Black Friday & Cyber Monday

Posted on November 27, 2019 by Rianna MacLeod

Sucuri’s focus has always been on educating website owners about the latest threats and vulnerabilities — and much of that depends on our industry-leading research team.
As the holiday season approaches, we asked our researchers what recom… Continue reading Website Security Tips for Black Friday & Cyber Monday→

Black Friday/Cyber Monday Ecommerce Security Threats

Posted on November 25, 2019 by Luke Leal

With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November into the first week of December.
As consumer behavior changes an… Continue reading Black Friday/Cyber Monday Ecommerce Security Threats→

Skimmers for Both Magento and WordPress

Posted on November 7, 2019 by Denis Sinegubko

We often write about malware that steal payment information from sites built with Magento and other types of e-commerce CMS.
When discussing credit card skimmers like Magecart, it’s sometimes overlooked that WordPress also has a decent share in … Continue reading Skimmers for Both Magento and WordPress→

How to Improve Ecommerce Security

Posted on August 28, 2019 by Chase Watts

If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable.
In order to have a successful ecommerce business, you need to fol… Continue reading How to Improve Ecommerce Security→

Fake Google Domains Used in Evasive Magento Skimmer

Posted on July 25, 2019 by Luke Leal

We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings.
Our investigation revealed that the site had been infected with a credit card skimmer loading… Continue reading Fake Google Domains Used in Evasive Magento Skimmer→

Magento Killer

Posted on July 10, 2019 by Luke Leal

A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites.
While it doesn’t actually kill the Magento installation, it does allow the attacker to modify data in the cor… Continue reading Magento Killer→

Closed Source E-commerce Platforms Can Be Compromised

Posted on June 3, 2019 by Krasimir Konov

These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options.
For the most part, these platforms typically allow users to customize a template, as well as add images, videos, and some external content via ap… Continue reading Closed Source E-commerce Platforms Can Be Compromised→

PCI for SMB: Requirement 12 – Maintain an Information Security Policy

Posted on April 19, 2019 by Victor Santoyo

Welcome to the final post to conclude our series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessmen… Continue reading PCI for SMB: Requirement 12 – Maintain an Information Security Policy→