How to Secure Your eCommerce Website

How to Improve Ecommerce Security

If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable. In order to ...
Fake Google Domains Used in Evasive Magento Skimmer

Fake Google Domains Used in Evasive Magento Skimmer

We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that the site had been infected with a ...
Magento Killer

Magento Killer

A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow the attacker ...
Closed Source E-commerce Platforms Can Be Compromised

Closed Source E-commerce Platforms Can Be Compromised

These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well as add ...
How Stolen Ecommerce Data is Sold on the Darknet

How Stolen Ecommerce Data is Sold on the Darknet

We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into some of ...
PCI for SMB: Requirement 12 – Maintain an Information Security Policy

PCI for SMB: Requirement 12 – Maintain an Information Security Policy

Welcome to the final post to conclude our series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance ...
PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process ...
Google Analytics and Angular in Magento Credit Card Stealing Scripts

Google Analytics and Angular in Magento Credit Card Stealing Scripts

Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious and evade detection by website owners. The ...
Localization and Customization of Credit Card Stealing Malware

Localization and Customization of Credit Card Stealing Malware

Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain. Sometimes the ...
PCI DSS vs GDPR Compliance: What's the Difference?

Navigating Data Responsibility

As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data has been made available to everyone. Moving ...
Loading...