Category Archives Magento Security

Magento is considered as the best e-commerce platform available today and it has numerous features, plugins, regular updates and a huge community of developers. As the technology and security measures improve, so do the capabilities of the hackers. Hackers usually target e-commerce websites to gain credit card information or just for some kicks. The first step towards security starts with…

Securing-website-from-malware-Astra-Security-WordPress-OpenCart-Magento-Malware-Removal.png

Malware attacks are bad! They bring your business to a stand still and cause a loss money, reputation and even customers. Usually business owners only start caring about malware after they get infected with it. As they say everyone feels secure until they get hacked, and they haven't got hacked until now because a hacker didn't try. Once infected, it…

Magento 2, one of the largest open-source e-commerce platforms in the world, has often been an eye candy for people with malicious intent. No matter the amount of work gone into securing this platform, hackers tend to come up with new ways to circumvent security measures. As its reputation grows, so does the notoriety surrounding the diverse forms of malpractices…

How to remove Magento & OpenCart credit card malware hack

Magento & OpenCart Credit Card Hijack Credit Card malware or Credit Card Hijack is when malicious PHP/JavaScript code is injected into Magento and OpenCart shops which allow hackers to intercept credit card data. This new way of credit card fraud has been undetected for 6 months. There are many cases in which hackers have targeted Magento Payment Security. What is Credit…

Restrict Access to Magento Admin Area

With the rise in Magento related security incidents, it is important to restrict access to the Magento admin area. One foolproof way to secure the Magento backend from password guessing attacks is to only allow access to trusted IP addresses. This drastically minimizes the security risk and only takes a couple of minutes to configure. In this guide, we will…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

When it comes to empowering retailers and brands, Magento is one of the most widely used e-commerce platforms. However, with great power comes greater responsibility of adhering to security practices for safe e-commerce businesses. On the contrary, Magento is one of the highest targeted e-commerce platforms for credit card fraud and user credential theft, with a staggering 62% of stores…

Magento Amasty RMA Plugin

About Amasty RMA Extension Vulnerabilities During a security audit engagement with a client using Magento, our engineers discovered a few critical vulnerabilities in Amasty RMA extension. The first vulnerability allows a hacker to upload malicious files on the server. Since php files can also be uploaded, a hacker can easily upload malicious shells like c99, r57, anishell etc to the…

Close