Posts By Shikhil Sharma

Thanksgiving is coming (1)

BlackFriday sales have been a huge hit online. There has been a 21.6% year on year growth in buying during blackfriday with sales estimated to be worth $3.34 billion! With the buying going online, there has been an increase in hacks also. Hackers target your website or app with the sole motive of compromising your customers for financial gains. What's…

Third in the line of the world's most well known Content Management System after WordPress & Joomla, Drupal is the sort after after CMS. Drupal fuels sites including MTV, Popular Science, Sony Music, Harvard, and MIT. Like any other CMS, Drupal has been at the focal point of reputation a couple of times because of looming vulnerabilities in it. The…

Tips to secure OpenCart on BlackFriday CyberMonday

Sales like BlackFriday, Thanksgiving and other ones have become a huge hit with coming of e-commerce. Billions of dollars are spent within a few days time during thanksgiving period on online shopping. You've prepared your OpenCart store well for the sales. Made sure that every product is in stock, coupon codes are ready and marketing is in full swings. However,…

Blackfriday-Thanksgiving-security-for-website-apps-astra-security (2)

Thanksgiving sales have become a big hit online. Customers get to see multiple brands and browse amazing offers just by clicking a few buttons. Most importantly, no more standing in queues and hopping stores. For businesses too, this entire online thanksgiving sales have opened new set of opportunities. For website/app owners with this ease of running sales online comes a…

Opencart Magento website redirecting to malware sites

An OpenCart & Magento malware redirecting both desktop and mobile websites to malicious links has been doing rounds. Since last week we have encountered several cases of this malware. There are no specific versions which are being targeted as we have seen this infection in a wide range of versions in both Magento & OpenCart. Also, check our in-detailed blog…

Magento Amasty RMA Plugin

About Amasty RMA Extension Vulnerabilities During a security audit engagement with a client using Magento, our engineers discovered a few critical vulnerabilities in Amasty RMA extension. The first vulnerability allows a hacker to upload malicious files on the server. Since php files can also be uploaded, a hacker can easily upload malicious shells like c99, r57, anishell etc to the…

OpenCart Magento Malware Infections

Last week was quite a busy one for our team. We tackled a number of website hack cases. A number of instances were of malware infections, websites getting blacklisted by Google and even getting defaced by hackers. Statistically, majority of these cases were from OpenCart followed by Magento. The top three OpenCart & Magento malware infections/attack vectors found were: The…

Magento-Module-XSS-AffiliatePlus-GetAstra.com

A couple of weeks ago, we were performing a security scan for a customer using Magento shop. While auditing their website our team found a critical vulnerability in Affiliate Plus module. According to Affiliate Plus' website, 7000+ stores use the extension. This Affiliate Plus Magento module XSS vulnerability leaves a number of Magento stores vulnerable. About Affiliate Plus Magento Module XSS When logged…

12
Close