Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code … [Read more...] about Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
eCommerce
Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft
Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake … [Read more...] about Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft
Cyberattacks Targeting E-commerce Applications
Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing and ongoing monitoring are necessary to fully protect web applications, identifying weaknesses so … [Read more...] about Cyberattacks Targeting E-commerce Applications
GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry
Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the … [Read more...] about GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry
How to add a store locator to your ecommerce storefront with Elastic
How to add a store locator to your ecommerce storefront with ElasticEnglish简体中文한국어日本語FrançaisDeutschEspañolPortuguêsOne thing that adds value to a business’s ecommerce presence is the ability for customers to easily find physical stores with an interactive map. Store locators can be built quite rapidly — all you need to place them on a map is geographic location in latitude and … [Read more...] about How to add a store locator to your ecommerce storefront with Elastic
6 ways Elastic Enterprise Search creates a competitive edge in ecommerce
What’s the top thing customers want when purchasing online? It’s ease. Experiencing friction for even a fraction of a second may send a shopper to a competitor’s site. It may also mean they don’t return to your site the next time they’re looking to purchase. Patience and forgiveness are often in short supply in the ecommerce world.So how can you achieve the ruthless efficiency … [Read more...] about 6 ways Elastic Enterprise Search creates a competitive edge in ecommerce
5 ways ecommerce technology can be your competitive advantage
Does your organization consider your tech stack a competitive edge? It should. The right technology empowers your business to offer goods and services that your customers want, in a way that others in your industry can’t match. This is especially critical in ecommerce. According to a new study from Wakefield Research, “78% of shoppers encounter difficulties that lead to … [Read more...] about 5 ways ecommerce technology can be your competitive advantage
New Golang-based Linux Malware Targeting eCommerce Websites
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms," researchers from Sansec Threat Research said in an analysis. … [Read more...] about New Golang-based Linux Malware Targeting eCommerce Websites
e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata
In what's one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites."We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores," … [Read more...] about e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata
Critical Flaws in ‘OXID eShop’ Software Expose eCommerce Sites to Hacking
If your e-commerce website runs on the OXID eShop platform, you need to update it immediately to prevent your site from becoming compromised.Cybersecurity researchers have discovered a pair of critical vulnerabilities in OXID eShop e-commerce software that could allow unauthenticated attackers to take full control over vulnerable eCommerce websites remotely in less than a few … [Read more...] about Critical Flaws in ‘OXID eShop’ Software Expose eCommerce Sites to Hacking