FEATURED

The Potential Risks Of Exposed Admin Login Panels

Among many of our forensic clients we are noticing that fairly often the login panel for administration of the sites is left publicly and easily accessible, either through easy to guess URLs or ...

READ STORY

FEATURED

Introduction of new requirements (6.4.3 and 11.6.1) for PCI DSS v4.0

This guidance is designed for any organisation seeking to comply with the new requirement 11.6.1 and 6.4.3 introduced in PCI DSS v4.0 while implementing PCI DSS in their environment. The suggestions ...

READ STORY

FEATURED

Threat Alert: Magento Intercept Backdoor and Re-Infection

Our Threat Intelligence Group recently identified an attack through our FGX-Web solution that upon investigation revealed very clever techniques implemented to both breach and reinfect the target ...

READ STORY

FEATURED

Anatomy Of A Magento Attack: Froghopper

Magento is the most popular eCommerce web application in the world for advanced/fast growing eCommerce businesses, with an estimated 200,000+ live websites using the Content Management System ...

READ STORY

FEATURED

"Key" to Secure Data - P2PE - Derived Unique Key Per Transaction (DUKPT)

Written by Andrew McKenna, PCI QSA, PCIP at Foregenix The encryption key infrastructure usually used in PCI P2PE solutions is based on the DUKPT (pronounced duck-putt) model. This key hierarchy was ...

READ STORY

FEATURED

An Overview on Purple Fox

Introduction The trojan known as Purple Fox was first discovered by 360 Total Security on September 25th 2018. At the time of publishing, the statistics they had gathered estimated that over ...

READ STORY