HackDig : Dig high-quality web security articles for hackers

Demystifying two common misconceptions with e-commerce security

Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out of visiting physical stores. Such a phenomenon does not go unnoticed or without additional consequences. During the same time period, we have seen an increase in the usual scams but also digital skimming, the online equivalent of credit
Publish At:2020-11-20 12:42 | Read:150 | Comments:0 | Tags:Cybercrime e-commerce HTTPS iframe Magecart merchant padlock

E-commerce platform X-Cart hit by a ransomware attack

The e-commerce software platform X-Cart suffered a ransomware attack at the end of October, e-stores hosted by the company went down. At the end of October, the e-commerce software platform X-Cart suffered a ransomware attack, the infection brought down customers’ e-stores hosted by the company on its platform. The software and services company
Publish At:2020-11-09 07:50 | Read:210 | Comments:0 | Tags:Breaking News Cyber Crime Malware e-commerce Hacking hacking

Magento 1.x EOL is set on June 30, 75% of installs potentially impacted

Adobe, Mastercard, Visa are warning the owners of the online store running Magento 1.x of updating their installs because it will reach EOL by June 30 Adobe, Mastercard, Visa are warning the owners of online store running Magento 1.x of updating their installs because it will reach the end-of-life (EOL) by June 30 After June 30, Adobe will no more offe
Publish At:2020-06-28 08:35 | Read:1046 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security e-commerce hackin

eBay staff charged with cyberstalking, sending fetal pig and spiders

byLisa VaasThis is a Halloween mask depicting the face of a bloody pig: IMAGE: Court documentsIt’s not pretty, but at least it doesn’t scurry. You can’t say the same for the other packages sent in a cyberstalking campaign allegedly orchestrated by eBay management and targeted at a Natick, Massachusetts couple who run an online e-commerce n
Publish At:2020-06-17 06:15 | Read:786 | Comments:0 | Tags:Law & order bloody pig mask Brian Gilbert cockroaches conspi

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:998 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:990 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

A Proposed New Trust Framework for Physical and Digital Identity Interactions

Identity is a difficult term to define in the cybersecurity world. The range of personal information that can be associated with an identity interaction is highly dependent on the situational context of the interaction. The definition of identity also depends on the context of the medium within which it is exchanged. In the physical world, when we talk about
Publish At:2020-03-13 07:59 | Read:1300 | Comments:0 | Tags:Identity & Access Collaboration Compliance Customer Experien

The Evolution of Digital Certificates

In the early days of the internet, one of the first functional problems users faced was how to verify that entities on the other end of a connection were who they said they were. At first, the nebulous nature of online transactions inhibited e-commerce, since buyers feared that their payment information might be hijacked. This lack of trust precipitated the
Publish At:2017-07-25 11:50 | Read:4306 | Comments:0 | Tags:Fraud Protection Identity & Access Authentication Certificat

How to Protect Your E-commerce Business from Cyber Attacks

Just as traditional brick-and-mortar businesses are targeted by anarchists during protests or times of unrest, e-commerce businesses are targeted by cyber criminals, except they don’t wait for particular season or reason.Whether small, medium or large, every business is, sadly, at the mercy of hackers who will exploit every opportunity they get to breach sen
Publish At:2017-03-23 16:10 | Read:6804 | Comments:11 | Tags:Cyber Security Featured Articles cyber attack E-commerce SSL

Crooks hijack Magento Realex Payments extension to steal payment card data

Cybercriminals hijack Magento Realex Payments extension to steal payment card data. Experts at Sucuri are observing massive attacks. Cybercriminals continue to target Magento platform to steal credit card data. Crooks have been abusing a payment module to steal payment card data from online shops running on Magento e-commerce platform. According to experts a
Publish At:2017-03-14 12:30 | Read:3452 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime e-commerce Mage

Did Your Developer Leave a Website Backdoor?

The Dutch police recently arrested a developer for crimes he committed by writing a website backdoor into e-commerce sites he created and using credentials retained after the engagement concluded. This backdoor provided the malicious insider with sufficient access to perpetrate a number of crimes by leveraging 20,000 users’ credentials. The Crime The d
Publish At:2017-02-09 18:45 | Read:3735 | Comments:0 | Tags:Data Protection Identity & Access E-commerce Insider Threat

Experts discovered a number of flaws in the Avactis PHP Shopping Cart

A group of experts at VoidSec used a Grey Box approach to assess the security posture of some important aspects of Avactis PHP Shopping Cart. Avactis is an open source ecommerce Shopping Cart platform most used in US and UK. Security experts from VoidSec analyzed the e-commerce software discovered an impressive number of vulnerabilities. The group of experts
Publish At:2016-04-18 06:50 | Read:5313 | Comments:0 | Tags:Breaking News Hacking Avactis e-commerce vulnerability asses

Flaw in Magento exposes millions of websites at risk of takeover

A stored cross-site scripting vulnerability in Magento exposes millions of e-commerce websites at risk of takeover, update your platform as soon as possible Once again a vulnerability in the popular Magento e-commerce platform opens at risk of hijacking attacks millions of online merchants. According to the experts at Sucuri,
Publish At:2016-01-26 12:15 | Read:4604 | Comments:0 | Tags:Breaking News Hacking e-commerce Magento Pierluigi Paganini

Holiday Online Shopping a Challenge for Enterprise Security

Online Shopping Rules the Holidays ‘Tis the season for online holiday shopping. Unfortunately, cybercriminals know that this is also the best season for retail-related crimes. Holiday shopping can be frenetic, and online shopping is no exception. Consumers are making more purchases, are busier and are more distracted, which can lead to making security
Publish At:2015-12-02 11:05 | Read:3995 | Comments:0 | Tags:Fraud Protection Mobile Security Cybercrime E-commerce Enter

Another Magento Remote Code Execution Vulnerability

The security expert Ebrahim Hegazy has published an interesting post detailing his discovery of a new Magento Remote Code Execution Vulnerability. The popular hacker Ebrahim Hegazy (Aka Zigoo) has discovered a Remote Code Execution Vulnerability that affects the widely adopted application Magento. The experts was analyzing the
Publish At:2015-10-30 10:30 | Read:4507 | Comments:0 | Tags:Breaking News Hacking e-commerce Magento RCE vulnerability R