Tag Archives Magento security

Magneto vulnerabilities

Magento is quite popular among the business community. This can be traced back to its open source origins. Magento was aimed towards easing the process of managing and creating a store. Being open source it uses MySql or MariaDB for data storage and management. On daily basis hear news of Credit card theft scam, Cryptojacking and SEO spam. Magento security audit…

Thanksgiving is coming (1)

BlackFriday sales have been a huge hit online. There has been a 21.6% year on year growth in buying during blackfriday with sales estimated to be worth $3.34 billion! With the buying going online, there has been an increase in hacks also. Hackers target your website or app with the sole motive of compromising your customers for financial gains. What's…

Magento security

How to Prevent Magento Malware Injection? Magento, while being one of the most favored e-commerce platforms, has also witnessed a steep rise in malware attacks. E-commerce platforms are a goldmine for malicious actors to harvest lucrative credit card and personal information from online transactions. While Magento owes to its popularity to strict security practices, a timely update of system core and immediate…

Magento 2, one of the largest open-source e-commerce platforms in the world, has often been an eye candy for people with malicious intent. No matter the amount of work gone into securing this platform, hackers tend to come up with new ways to circumvent security measures. As its reputation grows, so does the notoriety surrounding the diverse forms of malpractices…

Opencart Magento website redirecting to malware sites

An OpenCart & Magento malware redirecting both desktop and mobile websites to malicious links has been doing rounds. Since last week we have encountered several cases of this malware. There are no specific versions which are being targeted as we have seen this infection in a wide range of versions in both Magento & OpenCart. Also, check our in-detailed blog…

In 2016, the Magecart infrastructure, notoriously known as a fraudulent payment stealing script was making waves across the e-commerce industry. Named so because it largely targeted e-commerce platform giants like Magento, Powerfront CMS and OpenCart, leading to massive theft of credit card information from these e-commerce sites. However, even a year later, the Magecart issue hasn't been dissolved and remains a…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

When it comes to empowering retailers and brands, Magento is one of the most widely used e-commerce platforms. However, with great power comes greater responsibility of adhering to security practices for safe e-commerce businesses. On the contrary, Magento is one of the highest targeted e-commerce platforms for credit card fraud and user credential theft, with a staggering 62% of stores…

Magento Extension PDF Invoice Plus Vulnerability by Astra Magento Security

About PDF Invoice Plus Magento Extension Vulnerability A couple of weeks ago, our security team was performing a security audit on a customer store using Magento. While testing the extensions used by the customer, a critical vulnerability was found in the extension PDF Invoice Plus. This extension is a widely used extension by hundreds of Magento stores to generate invoices…

Close