Sansec – WindowsTechs.com

Attackers are searching for online store backups in public folders. Can they find yours?

Posted on February 7, 2023 by Zeljka Zorz

Too many online store administrators are storing private backups in public folders and exposing database passwords, secret API keys, administrator URLs and customer data to attackers who know where to look. “Exposed secrets have been used to gain… Continue reading Attackers are searching for online store backups in public folders. Can they find yours?→

Attackers mount Magento supply chain attack by compromising FishPig extensions

Posted on September 14, 2022 by Zeljka Zorz

FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected with malware after its distribution server was compromised. How the attackers c… Continue reading Attackers mount Magento supply chain attack by compromising FishPig extensions→

For Magecart groups and other credit-card skimmers, old and new opportunities abound

Posted on March 21, 2022 by Joe Warminsky

The entry points for Magecart and other e-commerce skimmers are changing, but the attackers are getting more clever, too.

The post For Magecart groups and other credit-card skimmers, old and new opportunities abound appeared first on CyberScoop.

Continue reading For Magecart groups and other credit-card skimmers, old and new opportunities abound→

Novel Online Shopping Malware Hides in Social-Media Buttons

Posted on December 4, 2020 by Tara Seals

The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images. Continue reading Novel Online Shopping Malware Hides in Social-Media Buttons→

Magecart Attack Impacts More Than 10K Online Shoppers

Posted on September 14, 2020 by Tara Seals

Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. Continue reading Magecart Attack Impacts More Than 10K Online Shoppers→

Magecart Group 8 skimmed card info from 570+ online shops

Posted on July 8, 2020 by Zeljka Zorz

Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group (aka Magecart Group 8) since April 1, 2017. Magecart Group 8’s modus oper… Continue reading Magecart Group 8 skimmed card info from 570+ online shops→

Lazarus Group Adds Magecart to the Mix

Posted on July 6, 2020 by Tara Seals

North Korea-based APT is targeting online payments made by American and European shoppers. Continue reading Lazarus Group Adds Magecart to the Mix→

Magecart attackers hit Claire’s, Intersport web shops

Posted on June 15, 2020 by Zeljka Zorz

Magecart attackers have compromised web shops belonging to large retail chains Claire’s and Intersport and equipped them with payment card skimmers. Claire’s The compromise of Claire’s online store and that of its sister brand Icing h… Continue reading Magecart attackers hit Claire’s, Intersport web shops→