500 e-commerce sites were implanted with credit card theft programs

2022-05-05 0 By

This article from the “East tower network security academy” summed up the east tower security news, 10 minutes to take you to understand the latest network security events, drink more water, sleep more, dig more holes, and the most important is, don’t forget to see the east tower weekly news on time oh!Many people think that cyber security is nothing to do with them, but it’s not.In our daily life, all cell-phone-related content, such as chat, Douyin, wechat pay and so on, is closely related to network security.With the development of 5G technology and the penetration rate of Mobile Internet in China, network security has been completely inseparable from the interests of the country, enterprises and ordinary users. If we do not pay attention to network security, it may bring us some trouble at a small level, and may make us lose money at a large level.Security firm Sansec reports that about 500 e-commerce sites have been infiltrated by hackers with credit card theft programs that steal sensitive payment information when visitors try to make purchases on the site.According to security researchers, all of the compromised sites loaded malicious scripts hosted on the domain naturalFreshmall [.]com, which brought up fake payment pages and sent all payment information to the site.The hacker combination exploited an SQL injection vulnerability and a PHP object injection attack from the Quickview plugin to execute malicious code directly on the website server.The hacked site was running a version of Magento 1, which was discontinued in June 2020.Websites are advised to upgrade to the latest version or install the Magento 1 open source patch provided by the OpenMage project.Source: Geek Solidot02:Jay Freeman, a white-hat hacker and developer of iOS jailbreak software Cydia, has announced on Twitter that he has been awarded a $2 million bonus for discovering a key flaw in Ethereum.Source: IT Home 03:A security researcher speaking at the Free and Open Source Software Developer Europe (FOSDEM) conference this weekend on mitigating processor vulnerabilities like Spectre and Meltdown proposed an approach that aims to make the performance costs negligible.The content of this article is reproduced elsewhere and represents the author’s personal views. This article is for reference only and does not constitute any investment or application advice.(If you have any content, copyright or other problems, please contact us to deal with them.) Tip: Big data is a high-tech product of today’s era. It is characterized by high speed, large quantity and diversity, and is very important for the complicated and rapidly developing society.In the context of big data, network security is related to the development of the industry and the core competitiveness of enterprises, and many threats to network security, such as virus invasion and information leakage, will infringe on the rights and interests of users and enterprises, but also affect the order of the network, and even cause more serious consequences.Therefore, network security risks are becoming more and more complex, serious and hidden phenomenon, we need to keep alert!