November 18, 2024 at 06:03AM A phishing campaign, attributed to a Chinese group named SilkSpecter, targets e-commerce shoppers in Europe and the U.S. ahead of Black Friday. Using fake sites mimicking brands, it aims to steal personal information and financial data through bogus discounts and SEO strategies. Victims may also face follow-up attacks. **Meeting Takeaways: … Read more
October 10, 2024 at 04:00AM Researchers have uncovered a new malware campaign involving the Mongolian Skimmer, using Unicode obfuscation to hide its code. Targeting e-commerce, the skimmer collects sensitive data via an inline script. It employs various techniques to evade detection and ensure broad browser compatibility, even coordinating with other threat actors for profit sharing. … Read more
August 16, 2024 at 12:41PM Widespread misconfiguration in Oracle NetSuite’s SuiteCommerce ERP platform has exposed customer data on thousands of websites. The issue, uncovered by AppOmni, allows unauthorized access to sensitive data due to misconfigured access controls on custom record types. NetSuite urged customers to review their security settings, as SaaS security programs need more … Read more
June 26, 2024 at 05:33AM The credit card web skimmer, Caesar Cipher Skimmer, is targeting CMS platforms like WordPress, Magento, and OpenCart. It operates by injecting obfuscated malware into e-commerce sites to steal financial information. The skimmer uses various methods to conceal its activities and can adapt its responses based on the website it infects. … Read more
June 26, 2024 at 01:01AM Google has blocked ads for e-commerce sites using Polyfill.io due to a supply chain attack. The Chinese company Funnull acquired the domain and altered the JavaScript library to redirect users to malicious sites, impacting over 110,000 sites. Concerns have been raised about the security and maintenance of the library, prompting … Read more
June 23, 2024 at 03:08PM Hackers are exploiting a flaw in the pkfacebook module for PrestaShop to deploy a card skimmer and steal credit card details from vulnerable e-commerce sites. The flaw, tracked as CVE-2024-36680, allows for SQL injection vulnerabilities. Promokit claims the flaw was fixed, but Friends-Of-Presta warns of active exploitation and recommends specific … Read more
June 20, 2024 at 05:32PM A critical vulnerability, “CosmicSting” (CVE-2024-34102), affecting Adobe Commerce and Magento websites, poses a major security threat. Despite a security update being available, the majority of impacted sites remain unpatched, leaving them open to severe attacks. Administrators are urged to apply the recommended fixes immediately, with specific versions provided. For those … Read more
May 28, 2024 at 02:45AM Unknown threat actors are exploiting WordPress’s Dessky Snippets plugin, with over 200 active installations, to insert PHP credit card skimming malware into compromised sites. The malware manipulates WooCommerce’s checkout process to steal credit card details, exfiltrating them to a specific URL. This underscores the need for WordPress site owners, especially … Read more
May 7, 2024 at 07:45AM A ‘Thank you’ comment on a retailer’s page concealed a malicious vulnerability, allowing hackers to steal shoppers’ personal information. The continuously updated web threat management solution from Reflectiz detected and mitigated the threat. Regulatory compliance such as GDPR is crucial to avoid hefty fines and reputational damage. Protect your website … Read more
April 5, 2024 at 01:24PM Magecart attackers have devised a new method of implanting persistent backdoors in e-commerce websites to automatically deploy malware. They exploit a critical command injection vulnerability in the Adobe Magento e-commerce platform to execute arbitrary code, using a layout template to inject malware into compromised sites. Upgrading to specific versions of … Read more