Foregenix are warning all their partners this morning about a vulnerability discovered in the popular
database administration tool Adminer, affecting versions up to and including v4.6.2. The vulnerability
was discovered by security researchers Yashar Shahinzadeh and more recently Willem de Groot,
who publicised the potential impact to eCommerce sites using the software.
Magento is the most popular eCommerce web application in the world, with an estimated 236,000 live websites using the Content Management System (CMS)[1]. Available in both paid-for “enterprise” versions and free “community” versions, it powers some of the world's most popular websites including Huawai[2], Land Rover[3] and Helly Hansen[4]. However, common eCommerce platforms make popular targets for hackers and thieves looking to steal payment card information.
Like any web application, attackers will always look to exploit vulnerabilities in the underlying code before researchers can identify them and developers can fix them, but even an up-to-date and fully patched system can be left vulnerable if it is not configured properly or merchants do not follow information security best practice.
What does May 25th 2017 mean to you? The 40th anniversary of Star Wars being released in cinemas? The 78th birthday of celebrated actor Sir Ian McKellan? National Tap Dance Day in the US? If you do business in Europe and collect personal data, your answer should be that it marked the day when you had exactly a year left to prepare for GDPR.
Foregenix are warning all their partners this morning about a vulnerability discovered in the popular
database administration tool Adminer, affecting versions up to and including v4.6.2. The vulnerability
was discovered by security researchers Yashar Shahinzadeh and more recently Willem de Groot,
who publicised the potential impact to eCommerce sites using the software.
Magento is the most popular eCommerce web application in the world, with an estimated 236,000 live websites using the Content Management System (CMS)[1]. Available in both paid-for “enterprise” versions and free “community” versions, it powers some of the world's most popular websites including Huawai[2], Land Rover[3] and Helly Hansen[4]. However, common eCommerce platforms make popular targets for hackers and thieves looking to steal payment card information.
Like any web application, attackers will always look to exploit vulnerabilities in the underlying code before researchers can identify them and developers can fix them, but even an up-to-date and fully patched system can be left vulnerable if it is not configured properly or merchants do not follow information security best practice.
What does May 25th 2017 mean to you? The 40th anniversary of Star Wars being released in cinemas? The 78th birthday of celebrated actor Sir Ian McKellan? National Tap Dance Day in the US? If you do business in Europe and collect personal data, your answer should be that it marked the day when you had exactly a year left to prepare for GDPR.
