Magecart Attackers Pioneer Persistent E-Commerce Backdoor

April 5, 2024 at 01:24PM Magecart attackers have devised a new method of implanting persistent backdoors in e-commerce websites to automatically deploy malware. They exploit a critical command injection vulnerability in the Adobe Magento e-commerce platform to execute arbitrary code, using a layout template to inject malware into compromised sites. Upgrading to specific versions of … Read more

Magento Vulnerability Exploited to Deploy Persistent Backdoor

April 5, 2024 at 07:06AM Sansec reports exploitation of CVE-2024-20720 in Magento, allowing backdoor injection. Adobe patched it in Feb 2024, but unpatched websites remain vulnerable. Threat actors exploit by injecting XML code. Attackers use layout parser and assert package for system command execution. Backdoor is periodically reinfected for remote code execution and payment data … Read more

Russia charges suspects behind theft of 160,000 credit cards

April 2, 2024 at 11:43AM Russia’s Prosecutor General’s Office has indicted six men for card skimming crimes, involving using malware to steal payment card information from foreign online stores. The suspects are accused of bypassing website security, accessing databases, and selling the stolen card details on the dark web. Authorities advise using digital payment methods … Read more

Magecart Adds Middle East Retailers to Long List of Victims

January 23, 2024 at 10:49AM Retailers in the Middle East and Africa are increasingly targeted by web-skimming attacks, with a recent discovery of such an attack on the Khaadi clothing retail site. Despite the region accounting for a small portion of consumer victims, the threat persists. As web-skimming attacks become more sophisticated, enhanced security measures … Read more

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

December 28, 2023 at 11:21AM Apache OFBiz, utilized for business operations, contains a critical pre-authentication remote code execution vulnerability, CVE-2023-49070, actively being exploited. A patch to resolve the issue was found incomplete, resulting in the discovered bypass flaw, CVE-2023-51467. The urgency for users to upgrade to version 18.12.11 is emphasized due to the risk of … Read more