Foregenix Blog

Recently our security experts have been busy overhauling our free external scanning tool. Having done some fine tuning, added a plethora of new scanning capabilities and given it a lick of new paint, it's now ready for the public! 

Those of you familiar with our older scanning tool will notice a big difference. The traffic light risk system has been expanded to include a score as well as a new graph so that you can track your results over time (or, have one of our security team email results to you weekly, at no cost). Our scanner is now able to present even more information about Magento based websites, making it - we believe - the most comprehensive Magento malware scanner available. It also checks for valid SSL certificates; if a website isn't 'https' it's flagged as unsafe.

 

Alongside changes to the initial results, we've also added some handy tabs underneath the results so that you can gain a deeper insight into any potential vulnerabilities the scanner may flag up.

 

 

As industry leaders in cybersecurity, we take an active interest in the threat landscape. In a bid to learn more about what the current state of play was for Magento, we put our new scanner to good use.  We ran it against 217,946 Magento websites and found that 5% were hacked and harbouring credit card harvesting malware, subsequently leaking cardholder data to third party attackers.

Foregenix is disclosing six vulnerabilities which were identified in Dell EMC RecoverPoint products during a recent engagement.

Foregenix is proud to announce the launch of its Blockchain & Cryptocurrency Security Practice. Building upon years of experience in the Payment Card Industry (PCI) helping organisations secure their people, processes and technology, and in response to constantly increasing cybersecurity attacks, Foregenix is once again extending its portfolio of services.

The Techie Awards 2018 are a Business Exchange initiative, created to celebrate the innovation and entrepreneurship of the IT community in Swindon & Wiltshire. We were named as finalists among 12 other companies and were lucky enough to come away with the accolade of ‘Best Tech Security’.

When looking for new websites to target, a typical hacker will try to find sites which will require as little effort as possible for them to breach. Ideally they are looking for sites that are running outdated versions of frameworks such as Magento and WordPress, which may be missing critical security patches. Once they have identified a site like this they can usually use a pre-made exploit instead of having to craft their own code to gain access to the server.