Profile

Cover photo
63 followers|544,885 views
AboutPostsPhotosYouTube

Stream

Foregenix

Shared publicly  - 
 
Encryption 101: How It Works

When it comes to talking about encryption, it’s important to ensure we’re speaking about the same thing – and to clarify and simplify some of the different implementations we see. Sometimes these are implemented for security and best practice, while other times they are implemented to tick a box. It's important to know the difference between encryption mechanisms, know when to use what and be able to identify and judge the security of particular implementations. This is the first of 2 or more posts.

http://bit.ly/2eY1lI1
1
Add a comment...

Foregenix

Discussion  - 
 
Magento Malicious JavaScript in Action

Many Magento websites are being affected by the recent wave of hacks involving malicious JavaScripts that steal website customer data - including/especially their payment data.

We recorded a demo transaction on a hacked website this morning to show you the JavaScript in action.

You can see the demo here:
http://www.foregenix.com/blog/magento-malicious-javascript-in-action

If you want to check your website for similar issues, we provide a free scan here:
http://webscan.foregenix.com/ 
1
Add a comment...

Foregenix

Discussion  - 
 
Magento Malicious JavaScript in Action

Many Magento websites are being affected by the recent wave of hacks involving malicious JavaScripts that steal website customer data - including/especially their payment data.

We recorded a demo transaction on a hacked website this morning to show you the JavaScript in action.

You can see the demo here:
http://www.foregenix.com/blog/magento-malicious-javascript-in-action

If you want to check your website for similar issues, we provide a free scan here:
http://webscan.foregenix.com/ 
1
Add a comment...

Foregenix

Discussion  - 
 
Magento Patching Alert

Magento websites - have you patched SUPEE-8788 yet? If not, you're putting your online business at risk.

http://www.foregenix.com/blog/magento-website-have-you-patched-supee-8788
Magento security patch SUPEE-8788. Have you patched? Is your magento website secure?
1
Add a comment...

Foregenix

Shared publicly  - 
 
Magento Patching Alert

Magento websites - have you patched SUPEE-8788 yet? If not, you're putting your online business at risk.

http://www.foregenix.com/blog/magento-website-have-you-patched-supee-8788
Magento security patch SUPEE-8788. Have you patched? Is your magento website secure?
1
Add a comment...

Foregenix

Discussion  - 
 
Alert: Magento "Cloud Harvester" Malware Targeting Insecure Websites

Magento websites are under attack from a new credit card harvesting technique designed to evade detection while harvesting payment card data from major payment processor iframes - called "CLOUD HARVESTER".

The Forensic Team at Foregenix are regularly finding new techniques that attackers are adopting in attempts to remain undetected by victim websites – and it seems they have added a new tactic to attack Shoplift-affected eCommerce websites. Not only are they changing the way that traditional cardholder data harvesting methods are executed – the malicious payload is now retrieved from an external resource.

The basics of the standard client-side attack are pretty straight forward and follow this process:

- An attacker exploits the Magento Shoplift vulnerability to gain access to the website through SQL injection.
(Magento Shoplift is not a new vunerability - it was alerted by Magento in February 2015 with patch SUPEE-5344 – SHOPLIFT BUG PATCH and we also pushed out an alert to our client base.)

- This access permits them to insert data or code (malware) directly into the site's database. Magento has the ability to render content directly from the database and this situation means attackers can push malicious code into an eCommerce website that never actually "touches the disk" directly. As such, normal (file system based scanning) attempts to detect the compromise would be found lacking — the analysis has to consider the database content.

- Client side attacks - an additional twist in the scenario above affecting eCommerce websites with fully outsourced payment models. We are starting to see an increase in the number of situations where client side code is being pushed into the database. Generally written in JavaScript, this is executable code that would run in the consumer's browser and as such would be able to "see" the payment card details even though the don't go anywhere near the compromised merchant's site.

For full details of "CLOUD HARVESTER", including detection and prevention, please visit the Foregenix blog at:
http://blog.foregenix.com/alert-magento-cloud-harvester-malware-targeting-insecure-websites

Full details of Magento Shoplift Patch is at:
https://magento.com/security/patches/supee-5344-%E2%80%93-shoplift-bug-patch

#magento   #malware   #cybersecurity  
New malicious Javascript called Cloud Harvester Malware attacking iframes on eCommerce websites.
1
Add a comment...

Foregenix

Magento  - 
 
Magento Malicious JavaScript in Action

Many Magento websites are being affected by the recent wave of hacks involving malicious JavaScripts that steal website customer data - including/especially their payment data.

We recorded a demo transaction on a hacked website this morning to show you the JavaScript in action.

You can see the demo here:
http://www.foregenix.com/blog/magento-malicious-javascript-in-action

If you want to check your website for similar issues, we provide a free scan here:
http://webscan.foregenix.com/ 
1
Add a comment...

Foregenix

General Discussion  - 
 
Magento Malicious JavaScript in Action

Many Magento websites are being affected by the recent wave of hacks involving malicious JavaScripts that steal website customer data - including/especially their payment data.

We recorded a demo transaction on a hacked website this morning to show you the JavaScript in action.

You can see the demo here:
http://www.foregenix.com/blog/magento-malicious-javascript-in-action

If you want to check your website for similar issues, we provide a free scan here:
http://webscan.foregenix.com/ 
1
Add a comment...

Foregenix

Discussion  - 
 
Magento Patching Alert - SUPEE-8788

Magento websites - have you patched SUPEE-8788 yet? If not, you're putting your online business at risk.

http://www.foregenix.com/blog/magento-website-have-you-patched-supee-8788
Magento security patch SUPEE-8788. Have you patched? Is your magento website secure?
1
Add a comment...

Foregenix

General Discussion  - 
 
Magento Patching Alert

Magento websites - have you patched SUPEE-8788 yet? If not, you're putting your online business at risk.

http://www.foregenix.com/blog/magento-website-have-you-patched-supee-8788
Magento security patch SUPEE-8788. Have you patched? Is your magento website secure?
1
Add a comment...

Foregenix

Shared publicly  - 
 
Alert: Magento iframes are being affected by targeted malware called "Cloud Harvester."

Check to see if your website has been affected.
New malicious Javascript called Cloud Harvester Malware attacking iframes on eCommerce websites.
1
Add a comment...

Foregenix

Thảo luận  - 
 
Alert: Magento "Cloud Harvester" Malware Targeting Insecure Websites

Magento websites are under attack from a new credit card harvesting technique designed to evade detection while harvesting payment card data from major payment processor iframes - called "CLOUD HARVESTER".

The Forensic Team at Foregenix are regularly finding new techniques that attackers are adopting in attempts to remain undetected by victim websites – and it seems they have added a new tactic to attack Shoplift-affected eCommerce websites. Not only are they changing the way that traditional cardholder data harvesting methods are executed – the malicious payload is now retrieved from an external resource.

The basics of the standard client-side attack are pretty straight forward and follow this process:

- An attacker exploits the Magento Shoplift vulnerability to gain access to the website through SQL injection.
(Magento Shoplift is not a new vunerability - it was alerted by Magento in February 2015 with patch SUPEE-5344 – SHOPLIFT BUG PATCH and we also pushed out an alert to our client base.)

- This access permits them to insert data or code (malware) directly into the site's database. Magento has the ability to render content directly from the database and this situation means attackers can push malicious code into an eCommerce website that never actually "touches the disk" directly. As such, normal (file system based scanning) attempts to detect the compromise would be found lacking — the analysis has to consider the database content.

- Client side attacks - an additional twist in the scenario above affecting eCommerce websites with fully outsourced payment models. We are starting to see an increase in the number of situations where client side code is being pushed into the database. Generally written in JavaScript, this is executable code that would run in the consumer's browser and as such would be able to "see" the payment card details even though the don't go anywhere near the compromised merchant's site.

For full details of "CLOUD HARVESTER", including detection and prevention, please visit the Foregenix blog at:
http://blog.foregenix.com/alert-magento-cloud-harvester-malware-targeting-insecure-websites

Full details of Magento Shoplift Patch is at:
https://magento.com/security/patches/supee-5344-%E2%80%93-shoplift-bug-patch

#magento   #malware   #cybersecurity  
New malicious Javascript called Cloud Harvester Malware attacking iframes on eCommerce websites.
1
Add a comment...
Contact Information
Contact info
Phone
+44 845 309 6232
Email
Address
First Floor, 8-9 High Street, Marlborough, Wiltshire, SN8 1AA, United Kingdom
Story
Tagline
Security Specialists - focus on Forensics, PCI Compliance and protective security solution development.
Introduction
Foregenix is an independent, specialised information security business, headquartered in the United Kingdom, with regional offices in South Africa, Argentina and Uruguay - our clients range geographically from Russia to Argentina and many countries in between.  

We specialise in the following areas:
Our solutions are designed to simplify and improve security for businesses:


We're passionate about security and securing our clients!