You searched for magecart | Page 2 of 7 | SC Media
Skip to navigation Skip to main content

Your search for magecart returned 66 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Your search for magecart returned 66 results

Sort Results:

Relevant Recent
Security News

Misconfigured S3 exposes Twilio users to Magecart attack

By
Publish Date
A misconfiguration in an S3 bucket that was hosting a Twilio Javascript library caused a bad threat actor to inject code that made Twilio users load an extraneous URL on their browsers that has been associated with the Magecart group of attacks. In a company blog, Twilio said this solely affected v1.20 of the TaskRouter JS…
Executive Insight, Perspectives

5 Ways Web Attacks Will Change Post-COVID

By
Publish Date
COVID-19 has accelerated changes in the way attackers hit web applications. Based on behaviors we observed during our research, we developed five predictions on how web application security will change as we come out of the COVID-19 period – and what security pros can do about it. 1. More sophisticated account takeover (ATO) attacks. The…
Data Breach, Retail, Security News

Hidden Cobra built global exfiltration network for Magecart skimming scheme

By
Publish Date
Hidden Cobra threat actors are behind a series of attacks aimed at U.S. and European shoppers, using Magecart to skim credit card information from retailers. “Researchers have attributed the activity to HIDDEN COBRA because infrastructure from previous operations was reused,” according to a report from Sansec, which also identified distinctive patterns in the malware code…
OnlineClothesShopping
Malware, Retail, Security News

Cybercriminals likely poised to attack as Adobe ends support for Magento 1

By
Publish Date
After publishing a final security update for Magento 1 last week, Adobe is ending support for its popular 12-year-old ecommerce platform. “If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site’s security and PCI…
Data Breach, Government, Privacy & Compliance News and Analysis, Security News

Eight cities using Click2Gov targeted in Magecart skimming attacks

By
Publish Date
Since April 10, eight cities in three states using the Click2Gov web-based platform to collect payments for services have been hit with Magecart card-skimming attacks that still appear active. Credit card information including card number, expiration date and CVV, as well as personal information such as name and contact address, were being exfiltrated from the…
Cybercrime, Data Breach, Privacy & Compliance News and Analysis, Retail, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Magecart skimmed from Claires.com for nearly two months

By
Publish Date
International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months. Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the…
Retail & IT Security
Privacy & Compliance News and Analysis, Ransomware, Retail, Security News, Web Services Security, E-Commerce Security

Magecart skimmer strikes Fitness Depot at checkout

By
Publish Date
A Magecart credit card skimmer scheme used on Canadian fitness equipment retailer Fitness Depot’s e-commerce system Feb. 18 affected an undisclosed number of customers requesting either at-home delivery or in-store pickup at one of the company’s 40 stores. A bogus form placed on the Fitness Depot website managed to capture names, addresses, email addresses, telephone…
Security News, Vulnerabilities

900,000 WordPress sites attacked via XSS vulnerabilities

By
Publish Date
Nearly 1 million WordPress sites are being hit by what is likely a single threat actor attempting to inject a redirect into the sites by exploiting a cross site scripting vulnerability. The attacks were discovered by the WordFence Threat Intelligence Team, which noted that since April 28 the number of XSS attacks has been 30…
Coronavirus, Security News

Coronavirus-driven online shopping driving more payment card skimming

By
Publish Date
Cybercriminals tend to follow the money so with retail shopping dramatically shifting to the web due to the COVID-19 shutdown of brick and mortar retailers, researchers are seeing an increased use in online payment card skimming malware. Malwarebytes has tracked a 26 percent increase in the number of such skimmers in use in March 2020…
Cybercrime, Malware, Retail, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Report: NutriBullet’s website injected with skimmer three times by Magecart Group 8

By
Publish Date
Since February, a prominent Magecart cybercriminal group has injected the same Java-based payment card skimmer program not one, not two, but three times into the compromised international website of blender manufacturer NutriBullet, researchers from RiskIQ have reported. Each time a skimmer was removed from nutribullet.com, the criminal actors, known as Magecart Group 8, would reintroduce…
Next post in Cybercrime