Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

News Commentary: Adobe ends support for Magento

July 2020 by Satnam Narang, Staff Research Engineer at Tenable

As of yesterday, Adobe ended support for its popular e-commerce platform, Magento 1, just as attackers are exploiting an old vulnerability in Magento sites to steal payment card data. A recent FBI alert revealed this vulnerability was used to “successfully retrieve environment credentials”.

The commentary from Satnam Narang, Staff Research Engineer at Tenable, on how site owners should prepare to migrate their stores immediately and protect their sites from further attacks:

"It’s been nearly two years since Magento, one of the most popular e-commerce solutions, announced that Magento 1, both the Community and Commerce versions, would reach end of life at the end of June 2020. This lead time gave site owners an opportunity to prepare and, hopefully, transition to Magento 2, which is supported. Cybercriminals have routinely targeted Magento sites as part of Magecart attacks, where they inject malicious code into the sites in order to steal payment card information from victims’ customers. With Magento releasing its final batch of security fixes on June 22, attackers are likely chomping at the bit to exploit any undisclosed vulnerabilities in Magento 1. It is imperative that Magento site owners upgrade to Magento 2 for continued security updates or transition to another eCommerce solution that is still supported."




See previous articles

    

See next articles