Benjamin Hosack
2 min read

If you run a Magento website and you are concerned about the critical vulnerability released via Check Point Technologies today, you are not alone.

With 15% of e-commerce websites being affected by the critical Magento Remote code execution vulnerability (also known as Magento Shoplift (SUPEE-5344)), any Magento website owner would be highly recommended to take immediate action to protect their online business.

magentologoAll FGX-Web Protect clients are protected from this issue.

All FGX-Web Alert clients will be alerted via our tamperproof seal, which alerts on any un-authorised changes made on the website – such as the loading of PHP shells, malware and other un-welcome changes.

If you don’t use our FGX-Web technology, here are the top 3 steps you can take to protect your website:

  • Install a Web Application Firewall immediately.
  • Check your website for any web shells/malware (our 30 day free trial of FGX-Web Alert will do this for you for free).
  • Monitor your site for any changes – if they are changes that you made, that’s fine. If they are not your changes, then it is highly likely that your website has been compromised.  Call us for help.

Magento is not the only platform to have had an issue like this – Drupal had an alert at the back end of 2014 for a significant issue.  These issues are bound to come up now and then with any e-commerce platform or framework, so to protect your online business from this kind of threat, you would be highly recommended to follow the 3 steps outlined above.

If you suspect your website may have been hacked, call us or contact us using the form below – we’re happy to help and have the knowledge, experience and technology to help you very quickly.

Protect your site with FGX-Web Protect

 

Subscribe to our Blog

Contact Us

Access cybersecurity advisory services

 

TAGS:

Magento

Benjamin Hosack
Benjamin Hosack

Benj Hosack is a Director and co-Founder of Foregenix Limited. Foregenix is a specialist information security business delivering services in Forensics, PCI DSS, PCI P2PE, PA-DSS and information security solutions within the Payment Card Industry. Our technologies are designed to simplify security and PCI Compliance. Specialties: Cardholder Data Discovery - defining and reducing PCI DSS Scope / PA-DSS / PCI DSS / P2PE / Account Data Compromise Investigations. We are specialists in the Payment Card Industry and work with all types of companies in the payment chain (Acquiring banks, Processors, hosting providers, web designers, merchants, systems integrators etc).

See All Articles
SUBSCRIBE

Subscribe to our blog

Security never stops. Get the most up-to-date information by subscribing to the Foregenix blog.