11 matches found
Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme
The head of counterintelligence for a division of the Russian Federal Security Service FSB was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. T...
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 CVSS score: 9.1, which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way f...
Chrome Extensions Harboring Dormant Colors Malware Infect Over a Million PCs
By Waqas Among other capabilities, Dormant Colors malware can also inject ads into standard pages and append affiliate links to e-commerce websites to generate affiliate revenue. This is a post from HackRead.com Read the original post: Chrome Extensions Harboring Dormant Colors Malware Infect Ove...
Critical Magento zero-day vulnerability actively exploiting multiple e-commerce websites
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Adobe issued an emergency advisory informing Adobe Commerce and Magento Open-Source product users of a critical zero-day vulnerability that is being actively exploited in the wild. A zero-day vulnerability which has been...
Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocksBlockcomment and encoding stolen credit card data into images and other files hosted on the server, once again demonstrating how the attackers are continuously...
Magecart Cyberattack Targets NutriBullet Website
A faction under the Magecart umbrella, Magecart Group 8, targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers. Yonathan Klijnsma, threat researcher with RiskIQ, said in a Wednesday post that a JavaScript web skimmer co...
Magecart Hackers Compromise 80 More eCommerce Sites to Steal Credit Cards
Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers. Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of...
Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites
Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain,...
Hackers infect e-commerce sites by compromising their advertising partner
Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recent...
Critical Vulnerability Found in Magento eCommerce Platform
The most popular e-commerce platform owned by eBay, Magento is once again in the news. This time for a critical Remote Code Execution RCE vulnerability, affecting hundreds of thousands of online merchants worldwide. If exploited, the critical vulnerability could allow a hacker to compromise...
Under the hood of recent DDoS Attack on U.S. Banks
Incapsula security study reveals how a simple neglect in managing the administrative password of a small UK site was quickly exploited by Botnet shepherds operating obscurely out of Turkey to hurl large amounts of traffic at American banks. If you've been following the news, you are probably awar...