Happy to announce that Maltrail has been (again) sponsored by Sansec

#Magento flaw exploited to deploy persistent #backdoor hidden in XML
securityaffairs.com/161534/hacking…
#securityaffairs #hacking #malware
Sansec

Does your system get reinfected whenever someone visits /checkout/cart? We found a persistent backdoor in a Magento XML layout handler.

sansec.io/research/magen…

Periodic reminder to set up an audit log for your critical database tables in 1 minute

sansec.io/kb/incident-re…

New #Magento versions appeared in the composer repository. No security bulletin or tags on GH yet.
Find the diffs here 👉
2.4.4-p6 => 2.4.4-p7:
gist.github.com/danslo/c945ebc…
2.4.5-p5 => 2.4.5-p6:
gist.github.com/danslo/f87014e…
2.4.6-p3 => 2.4.6-p4:
gist.github.com/danslo/ebab1ed…

Our API & signature server were down between 12:11 and 12:39. The issue has been resolved.

NB. eComscan in monitoring mode will pickup automatically on the next run.

We've created our Public Community channel on Telegram. Come join us to stay up to date on the latest cyber threats, discussions on malware analysis, and more! 👉 t.me/+Ma2x6wlzG7tkN…

🔒 What is digital skimming & how can you protect yourself & your business against it?

🚨 Check out our multilingual awareness guide:
europol.europa.eu/operations-ser…

🎅🏼is coming, and Magento wish lists are exploited. Our latest research 👇

sansec.io/research/magen…

Oops! We just released a new detection pattern which caused false alerts on frontpage GTM containers. The mistake has been reverted, apologies for any panic. 🫢

Introducing our new corporate logo

Welcoming our new agency partner MageCloud 🇬🇧🇺🇸🇺🇦🇩🇰, they are serious about securing your Magento, Shopify or WooCommerce store. 🙌

magecloud.agency

Spot on, ChatGPT!

Is your store's newsletter being used for phishing? We found a Magento store where it was 😱
sansec.io/research/is-yo…

Alexander Sibert There are more universal security scanners around, couple I had used in past are Sucuri and Foregenix.
But IMO for Magento Sansec is the best.

ICYMI: Critical security issue found in curl/libcurl, release scheduled for Wed 11 Oct 6:00 UTC. Plan some time for your server/container upgrades.

github.com/curl/curl/disc…

🎉 Major Announcement! 🚀 We're ecstatic to share that Sansec is joining forces with Meet Magento Netherlands as a sponsor! Prepare for a powerful and seamless event. Stay tuned for exciting developments! 🛒✨ #MM23NL #SansecSponsor #Ecommerce #Magento