Tags e-commerce

Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says

by Jeff Stone • 5 months ago

The crooks are scanning the web for vulnerable Amazon Web Services S3 buckets, according to security vendor RiskIQ.

Magecart is the most infamous payment skimmer. But it's hardly the only one.

by Jeff Stone • 8 months ago

The infamous Magecart is used by just 12 of the 38 JavaScript-sniffer groups analyzed by the security company Group-IB

Chinese e-commerce giant Gearbest leaks millions of records, researcher finds

by Jeff Stone • 9 months ago

“Gearbest’s database isn’t just unsecured. It’s also providing potentially malicious agents with a constantly-updated supply of fresh data.”

Up to 40 percent of traffic on ticket sites is automated. Here's why that's bad for security.

by Jeff Stone • 9 months ago

Bad bots made up 39.9 percent of ticket-buying traffic between September and December 2018, according to Distil Networks.

Shopify pays $15,250 bug bounty for a Christmas Eve vulnerability

by Patrick Howell O'Neill • 2 years ago

"The bug was filed on Christmas Eve, and within 12 hours the Shopify team rolled out a fix to address the immediate issue."

TwitterFacebookLinkedInRedditGoogle Gmail