Ecommerce Security

How to Secure Your eCommerce Website

How to Improve Ecommerce Security

| | Best Practices, Ecommerce Security, PCI Compliance, Website Security
If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable. In order to ...
Sucuri Blog
Fake Google Domains Used in Evasive Magento Skimmer

Fake Google Domains Used in Evasive Magento Skimmer

| | Black Hat Tactics, Ecommerce Security, google, Hacked Websites, Magento Security, Website Security
We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that the site had been infected with a ...
Sucuri Blog
Magento Killer

Magento Killer

| | Black Hat Tactics, Ecommerce Security, Hacked Websites, Magento Security, Website Security
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow the attacker ...
Sucuri Blog
Closed Source E-commerce Platforms Can Be Compromised

Closed Source E-commerce Platforms Can Be Compromised

| | Ecommerce Security, Hacked Websites, Website Malware Infections, Website Security
These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well as add ...
Sucuri Blog
How Stolen Ecommerce Data is Sold on the Darknet

How Stolen Ecommerce Data is Sold on the Darknet

| | Black Hat Tactics, Ecommerce Security, Hacked Websites, Website Malware Infections, Website Security
We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into some of ...
Sucuri Blog
PCI for SMB: Requirement 12 – Maintain an Information Security Policy

PCI for SMB: Requirement 12 – Maintain an Information Security Policy

| | Best Practices, Ecommerce Security, PCI Compliance, Security Advisory, Security Education, Website Security
Welcome to the final post to conclude our series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance ...
Sucuri Blog
PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

| | Ask Sucuri, Ecommerce Security, OSSEC, PCI Compliance, Security Advisory, Security Education, Server Security, Website Security
Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process ...
Sucuri Blog
Google Analytics and Angular in Magento Credit Card Stealing Scripts

Google Analytics and Angular in Magento Credit Card Stealing Scripts

| | Black Hat Tactics, Ecommerce Security, google, Hacked Websites, Javascript, Magento Security, Website Malware Infections, Website Security
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious and evade detection by website owners. The ...
Sucuri Blog
Localization and Customization of Credit Card Stealing Malware

Localization and Customization of Credit Card Stealing Malware

| | Black Hat Tactics, Ecommerce Security, Hacked Websites, Magento Security, Website Security
Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain. Sometimes the ...
Sucuri Blog
PCI DSS vs GDPR Compliance: What's the Difference?

Navigating Data Responsibility

| | Ask Sucuri, Best Practices, Ecommerce Security, PCI Compliance, Security Advisory, Security Education, Website Security
As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data has been made available to everyone. Moving ...
Sucuri Blog