Category Archives 911 Hack Removal

What Are Magecart Attacks On Magento Store And How To Prevent Them

Magecart attacks came out of the dark when it targeted credit card info of big names such as British Airways, Ticketmaster, Netwegg, etc and made headlines. But, this does not mean Magecart attacks came into existence recently. In fact, Magecart attacks can be traced back to 2014 when several groups first started monetizing with stolen credit card details. Masterminds of Magecart have been active and growing ever since.

Index.php is the landing page of your PrestaShop store. Hence, no doubt, this is one of the most visited pages of your website. However, this also implies that index.php is actively targeted by attackers. If the attackers are successful in compromising index.php of your Prestashop site, the results can be disastrous. The attackers can use it to serve malware, deface your site or steal credit card info of the customers of your PrestaShop store.

Plugin name: Data privacy extended (data protection law) - GDPR Module Vulnerability name: CSRF (Cross-Site Request Forgery) in the "Delete Account" Affected Prestashop versions: v1.6.0.4 - v1.7.6.0 Vulnerable Version: <3.7.8 Patched version: 3.7.8 Vulnerability Reported: 20th June 2019 Vulnerability Patched: 25th June 2019 While performing a security audit on one of our Prestashop clients at Astra, I found a critical…

Cross-site scripting, also known as XSS in short, is a security vulnerability found in web applications. WordPress XSS exploit allows attackers to inject malicious content under the guise of a trusted entity. Further, an XSS vulnerability also compromises user-website interaction. It allows attackers to pose as legitimate users and upload malicious content, steal user credentials and information, deface your website and tarnish your brand.

Close