Tag Archive for: ECommerce

Hackers Exploit Bug In Magento To Access Payment Data On Ecommerce Sites

/in


(MENAFN– Investor Brand Network) A critical flaw in the open-source e-commerce platform Magento has allowed hackers to make backdoors into e-commerce websites and
steal payment data . Computer software company Adobe Inc. describes the error,
CVE-2024-2072 ,
as the“improper neutralization of special elements” that could allow attackers to make arbitrary code executions without any user interaction.

Adobe addressed the vulnerability on Feb. 13, 2024, as part of a batch of security updates while e-commerce security company Sansec announced that it…

Read More>>

NOTE TO INVESTORS:
The latest news and updates relating to NextPlat Corp. (NASDAQ: NXPL, NXPLW) are available in the company’s newsroom at

About BioMedWire

BioMedWire
(“BMW”) is a specialized communications platform with a focus on the latest developments in the Biotechnology (BioTech), Biomedical Sciences (BioMed) and Life Sciences sectors. It is one of 60+ brands within the
Dynamic Brand Portfolio
@
IBN
that delivers :
(1) access to a vast network of wire solutions via
InvestorWire
to efficiently and effectively reach a myriad of target markets, demographics and diverse industries ;
(2) article and
editorial syndication to 5,000+ outlets ;
(3) enhanced
press release enhancement
to ensure maximum impact ;
(4)
social media distribution
via IBN to millions of social media followers ;
and (5) a full array of tailored
corporate communications solutions . With broad reach and a seasoned team of contributing journalists and writers, BMW is uniquely positioned to best serve private and public companies that want to reach a wide audience of investors, influencers, consumers, journalists and the general public. By cutting through the overload of information in today’s market, BMW brings its clients unparalleled recognition and brand awareness.

BMW is where breaking news, insightful content and actionable information converge.

To receive SMS alerts from BioMedWire,“Biotech” to 888-902-4192 (U.S. Mobile Phones Only)

For more information, please visit

Please see full terms of use and disclaimers on the BioMedWire website applicable to all content provided by BMW, wherever…

Source…

Ecommerce Cybersecurity: How to Enhance Protection in 2022

/in


Ecommerce is facing threats from all directions on the internet. Any business looking forward to ensuring the safety of their data and customer digital footprints should beware of some methods to enhance cybersecurity.  

They have to put in extra effort in making their information stores, sites, and data more secure. This is the most important thing that e-commerce sites that handle customer transaction information should be doing.

Once an e-commerce store goes live, creating a secure shopping experience is not a one-off.  Ensuring that your website is on and running involves regular inspection of any security loopholes and maintenance.

Addressing the critical security issues is one of the simplest ways to mitigate cybersecurity risk, protect customer data, and reduce potential losses that result from cybercrime.

In enhancing protection from cyber attacks and keeping customer data safe, here is what any ecommerce company should aim to do.

Photo by Jefferson Santos on Unsplash

1 – Monitor your passwords

One simple way of hackers getting into your accounts and stealing crucial data is when they gauze your passwords and log in easily.

In a survey by Harris Interactive, it has been established that at least 59% of brands admit to using a single password because it is not easy to remember all of them. Additionally, 54% of Americans admit that they have poor password habits and should change.

You should avoid using the same password across all the internal systems, especially on administrative accounts and public-facing logins. Make it a habit to generate a unique password for each system and regularly set up a schedule for updating your passwords.

You should use a password manager to generate passwords from an encrypted vault. Your website will only be accessed locally and by visitors having a master password. This will ensure that a unique password is generated for every site, every visitor to your e-commerce.

2 – Encrypt your website 

Using SSL encryption for the checkout process is still the oldest approach to securing your site. A lot of changes are being made to enhance cyber security on sites. For example, a recent update by Google Chrome seeks to make the…

Source…

AI in e-Commerce: How Artificial Intelligence is Being Leveraged in the Online Retail Space

/in


Vancouver, Kelowna, Delta, British Columbia–(Newsfile Corp. – March 22, 2022) – Investorideas.com, a global investor news source covering Artificial Intelligence, issues a report on how AI technology is accelerating e-Commerce revenue, featuring emerging tech company, GBT Technologies Inc. GTCH.

Read the full article on Investorideas.com
https://www.investorideas.com/news/2022/technology/03220AI-eCommerce.asp

It’s no secret that the adoption of e-commerce benefited enormously from the COVID-19 pandemic – when many people were less able or willing to shop at brick and mortar retailers – but it is also witnessing growth as a consequence of increasing convenience afforded by the use of new technologies, such as artificial intelligence. In fact, a report published by Vantage Market Research finds that the global AI in Retail market will grow from $2.93 billion USD in 2021 to $17.08 billion by 2028. While this report encompasses brick and mortar outlets as well, it is still indicative of the general trend toward AI adoption both on and offline.

Some of the principle ways AI is being leveraged in e-commerce, according to an article from betanews, is through the application of real-time data analytics, interactive experiences such as virtual shopping rooms, personalization based on demographics and search data, and enhanced customer service and customer relationship management (CRM) through the use of virtual assistants and chatbots.

GBT Technologies Inc. GTCH, a development-stage company which considers itself a native IoT creator, developing Internet of Things (IoT) and Artificial Intelligence (AI) enabled mobile technology platforms, recently announced that it had entered into a revenue sharing agreement with online retailer Mahaser LTD dba Ravenholm Electronics, commencing March 1, 2022. For the agreement, GBT is testing its AI platform – AVANT! AI – “to identify opportunities with respect to e-commerce sales through the world’s biggest online retail platform.”

Ravenholm Electronics itself is an e-commerce retailer with 5+ Best Seller Tags, specializing in video game products and accessories, and boasts over 2,000 active, profit-driving SKUs (stock-keeping units). Operating as it does in…

Source…

Malware Infiltrates 500 eCommerce Sites

/in


An estimated 500 eCommerce websites were infiltrated by MageCart attackers, who seemingly installed credit digital card skimmers to lift users’ personal data, including card numbers, email addresses, phone numbers and more.

MageCart is a blanket term to define rival cyber gangs that troll eCommerce sites with the sole purpose of slipping skimmers into unsuspecting sites, which then triggers malicious code, according to Sansec, an eCommerce malware and vulnerability detection firm.

Once the skimmer is in place, visitors entering payment information for a purchase unknowingly send a code that relays the data to the attacker-controlled servers.

See also: Managing Remote FinTech Risk: In Digital Payments We Trust, But Verify Continuously

Sansec discovered the latest slew of infiltrations and said the jeopardized sites had used malicious scripts hosted at the domain naturalfreshmall.com.

“The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form,” Sansec tweeted, adding that all payments were being directed to a naturalfreshmall payment domain.

Read more: Credit Card Skimmer Leads to Costco Data Breach

The hackers made changes to the existing files and/or inserted different files that offered “no fewer than 19 backdoors that the hackers could use to retain control over the sites in the event the malicious script was detected and removed and the vulnerable software was updated,” according to Sansec.

“It is essential to eliminate each and every one of them because leaving one in place means that your system will be hit again next week,” per a Sansec article.

The files that were infiltrated were entirely malicious, or part of the Magento code “but had malicious code added to them.”

Sansec said regardless of the method, they recommend eCommerce sites run a malware scanner to ensure all skimmers are discovered.

You may also enjoy: Ransomware Reaches Beyond Money With More…

Source…