E-commerce | Breaking Cybersecurity News | The Hacker News

Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data into the credit card form on the website and exfiltrate the details to an attacker-controlled domain named "amazon-analytic[.]com," which was registered in February 2024. "Note the use of the brand name; this tactic of leveraging popular products and services in domain names is often used by bad actors in an attempt to evade detection," security researcher Matt Morrow said . This is just one of many defense evasion methods employed by the threat actor, which also includes the use of swap files ("bootstrap.php-swapme") to load the malicious code while keeping the original file ("bootstra

Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites. "Protecting our users is our top priority. We detected a security issue recently that may affect websites using certain third-party libraries," the company said in a statement shared with The Hacker News. "To help potentially impacted advertisers secure their websites, we have been proactively sharing information on how to quickly mitigate the issue." More than 110,000 sites that embed the library are impacted by the supply chain attack, Sansec said in a Tuesday report. Polyfill is a popular library that incorporates support for modern functions in web browsers. Earlier this February, concerns were raised following its purchase by China-based content delivery network (CDN) company Funnull. The original creator of the pr

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Adobe on Tuesday shipped  security updates  to remediate multiple critical vulnerabilities in its Magento e-commerce platform that could be abused by an attacker to execute arbitrary code and take control of a vulnerable system. The  issues  affect 2.3.7, 2.4.2-p1, 2.4.2, and earlier versions of Magento Commerce, and 2.3.7, 2.4.2-p1, and all prior versions of Magento Open Source edition. Of the 26 flaws addressed, 20 are rated critical, and six are rated Important in severity. None of the vulnerabilities fixed this month by Adobe are listed as publicly known or under active attack at the time of release. The most concerning of the bugs are as follows - CVE-2021-36021, CVE-2021-36024, CVE-2021-36025, CVE-2021-36034, CVE-2021-36035, CVE-2021-36040, CVE-2021-36041, and CVE-2021-36042  (CVSS score: 9.1) - Arbitrary code execution due to improper input validation CVE-2021-36022 and CVE-2021-36023  (CVSS score: 9.1) - Arbitrary code execution due to OS command injection CVE-2021-3602

Future Group's plan to boost online sales has encountered a cyber obstacle. Its flagship e-commerce portal, FutureBazaar, was hacked and has been non-functional for the past two days. FutureBazaar CEO Rajiv Prakash described the incident as a "denial of service attack." He stated, "The website has been down for the last couple of days and has been blocked to consumers." The company is addressing the issue internally and pursuing legal action against the hackers. "We have filed a complaint with the Cyber Crime Branch in Mumbai. Internally, we are working to get the site up and running, and it should be fine soon," Prakash assured. To minimize business losses, the company has kept its phone commerce active, allowing consumers to make purchases through this channel. Prakash did not comment on the potential daily losses due to the problem. However, the portal is one of the group's emerging business verticals. Future Group aims to have at least 10% of