Magecart Archives - Help Net Security

Magecart

Most global brands fail to implement security controls to prevent data leakage and theft

July 17, 2020

The global pandemic has seen the web take center stage. Banking, retail and other industries have seen large spikes in web traffic, and this trend is expected to become …

Magecart Group 8 skimmed card info from 570+ online shops

July 8, 2020

Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group …

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

June 29, 2020

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that …

Magecart attackers hit Claire’s, Intersport web shops

June 15, 2020

Magecart attackers have compromised web shops belonging to large retail chains Claire’s and Intersport and equipped them with payment card skimmers. Claire’s The …

Application threats and security trends you need to know about

May 27, 2020

Applications are a gateway to valuable data, so it’s no wonder they are one of attackers’ preferred targets. And since modern applications aren’t a …

Debunking myths related to client-side security and Magecart attacks

May 14, 2020

The client-side landscape has been overrun by third-party script attacks executed by malicious attackers utilizing formjacking or other methods made famous by the Magecart …

How a favicon delivered a web credit card skimmer to victims

May 7, 2020

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that “turn” malicious when victims visit …

Client-side web security

April 24, 2020

To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to …

Mac threats are growing faster than their Windows counterparts

February 12, 2020

Mac threats growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats, according …

Macy’s online store compromised in Magecart-style attack

November 19, 2019

The webshop of noted U.S. department store company Macy’s has been compromised and equipped with an information-stealing JavaScript, which ended up collecting …

Cybercriminals plan to make L7 routers serve card stealing code

September 26, 2019

One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 …

Old Magecart domains are finding new life in fresh threat campaigns

September 20, 2019

Magecart has so radically changed the threat landscape, victimizing hundreds of thousands of sites and millions of users, that other cybercriminals are building campaigns to …

Magecart

Most global brands fail to implement security controls to prevent data leakage and theft

Magecart Group 8 skimmed card info from 570+ online shops

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance

Magecart attackers hit Claire’s, Intersport web shops

Application threats and security trends you need to know about

Debunking myths related to client-side security and Magecart attacks

How a favicon delivered a web credit card skimmer to victims

Client-side web security

Mac threats are growing faster than their Windows counterparts

Macy’s online store compromised in Magecart-style attack

Cybercriminals plan to make L7 routers serve card stealing code

Old Magecart domains are finding new life in fresh threat campaigns

Don't miss

Granting employees admin status is convenient but risky

How AI can alleviate data lifecycle risks and challenges

How privacy can decrease safety

The COVID-19 pandemic and its impact on cybersecurity

Twitter employees were spear-phished over the phone