Cybersecurity Insights

Benjamin Hosack

Magento Malware: Credit Card Hijack – Malicious Javascript Alert

23/11/15 16:39

Our forensic team have just wrapped up a forensic investigation on an e-commerce business that has had a considerable number of customer data stolen – including credit card data. This latest Magento malware attack involved a malicious Javascript – recently announced by Magento on the 16th November 2015.

Read More
Kirsty Trainer

New Magento Patch: SUPEE-6788

10/11/15 10:54

Magento Update: Magento has announced a new patch available for Magento Community versions older than 1.9.2.2 and Magento Enterprise versions older than 1.14.2.2.

Read More
Anthony Cacchio

Build a Cyber Security Starter Kit

09/11/15 08:44

As a qualified PFI with the largest Forensic team in Europe, we are continually honing our skills and expertise in tackling the ever-evolving cybercrime world on the front line. Cybercrime heavily affects everyone involved, be it the company getting hacked or the user’s details being stolen.

Read More
Benjamin Hosack

Top 5 Questions about FGX-Web and Website Security

12/10/15 12:11

In our day-to-day deployments of FGX-Web Alert and FGX-Web Protect we often get questions from the website developers about the functionality and capabilities of FGX-Web. We’ve summarized the top 5 questions and answers for you:

Read More
Benjamin Hosack

Magento Malware Alert: Is your website being Brute Force Attacked?

15/09/15 12:04

Magento Security: The Forensic Team at Foregenix has identified a number of cases concerning the same method of Brute Force attack.

Attackers were able to gain access to the Magento Connect Manager of multiple Magento websites, through Brute Force Attack, due to a combination of weak passwords, open access to the website’s Magento extension download page (www./downloader/.cache/community), and open access to the Magento Connect Manager login page itself (www./downloader/index.php), neither of which should be publicly available.

Read More
Benjamin Hosack

Magento Malware: Credit Card Hijack – Malicious Javascript Alert

23/11/15 16:39

Our forensic team have just wrapped up a forensic investigation on an e-commerce business that has had a considerable number of customer data stolen – including credit card data. This latest Magento malware attack involved a malicious Javascript – recently announced by Magento on the 16th November 2015.

Read More
Kirsty Trainer

New Magento Patch: SUPEE-6788

10/11/15 10:54

Magento Update: Magento has announced a new patch available for Magento Community versions older than 1.9.2.2 and Magento Enterprise versions older than 1.14.2.2.

Read More
Anthony Cacchio

Build a Cyber Security Starter Kit

09/11/15 08:44

As a qualified PFI with the largest Forensic team in Europe, we are continually honing our skills and expertise in tackling the ever-evolving cybercrime world on the front line. Cybercrime heavily affects everyone involved, be it the company getting hacked or the user’s details being stolen.

Read More
Benjamin Hosack

Top 5 Questions about FGX-Web and Website Security

12/10/15 12:11

In our day-to-day deployments of FGX-Web Alert and FGX-Web Protect we often get questions from the website developers about the functionality and capabilities of FGX-Web. We’ve summarized the top 5 questions and answers for you:

Read More
Benjamin Hosack

Magento Malware Alert: Is your website being Brute Force Attacked?

15/09/15 12:04

Magento Security: The Forensic Team at Foregenix has identified a number of cases concerning the same method of Brute Force attack.

Attackers were able to gain access to the Magento Connect Manager of multiple Magento websites, through Brute Force Attack, due to a combination of weak passwords, open access to the website’s Magento extension download page (www./downloader/.cache/community), and open access to the Magento Connect Manager login page itself (www./downloader/index.php), neither of which should be publicly available.

Read More