e-commerce
PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …
The untapped potential of machine learning for detecting fraud
E-commerce fraud protection company Signifyd has recently signed up behavioral analytics expert Long-Ji Lin to fill the position of Chief Scientist. “For advertisers, …
Connected devices and the future of payments
More than 80 percent of Americans have a strong interest in using connected devices to make purchases, with a keen eye toward security and data concerns, according to Visa and …
PCI SSC publishes best practices for securing e-commerce
Exponential online sales growth paired with the EMV chip migration in the US makes e-commerce payment security for merchants more important than ever before. As EMV chip …
6000+ compromised online shops – and counting
A week ago, RiskIQ researchers revealed that over 100 online shops have, at one point in the last six months, been injected with malicious JavaScript code that exfiltrates …
100+ online shops compromised with payment data-stealing code
Since March 2016 (and possibly even earlier), someone has been compromising a variety of online shops and injecting them with malicious JavaScript code that exfiltrates …
Shopware update fixes RCE bug that affects both shop and target system
Shopware, an open-source e-commerce software chosen by a number of big European companies to power their online shops, has recently pushed out a critical security update. The …
E-commerce web apps vulnerable to hijacking, database compromise
High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source …
Fake “account verification” email targeting Alibaba.com users
Businesses who use Alibaba.com to connect with Chinese manufacturers are being targeted in a recently discovered phishing campaign, Comodo warns. It takes the form of phishing …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Reactions to the eBay breach
A database containing eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth was compromised. Here are some of the …
eBay breached, change your password immediately
eBay has been hacked, and its customers are urged to change their account password as soon a possible. The attack, effected between late February and early March, resulted in …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility