MEDIA ALERT: Check Point Discovers Massive Vulnerability in Magento eCommerce Platform
Vulnerability in Leading Online Retail Platform Leaves Millions of Credit Cards and Online Shoppers at Risk
(firmenpresse) - SAN CARLOS, CA -- (Marketwired) -- 04/20/15 -- . (NASDAQ: CHKP), the largest pure-play security vendor globally, today announced that their Malware and Vulnerability Research Group recently discovered a critical RCE (remote code execution) vulnerability in eBay's web ecommerce platform, affecting nearly two hundred thousand online shops.
If exploited, the vulnerability gives the attacker the ability to fully compromise any online store based on the Magento platform, including credit card information and other customer financial and personal data. The vulnerability allows any attacker to bypass all security mechanisms and gain control of the store and its complete database, allowing credit card theft or any other administrative access into the system.
"As online shopping continues to overpower in-store shopping, ecommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information," said Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies. "The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores -- which represents about 30% of the ecommerce market."
Check Point privately disclosed these vulnerabilities together with a list of suggested fixes to eBay prior to public disclosure. A patch to address the flaws was released on February 9, 2015 (SUPEE-5344 ). Store owners and administrators are urged to apply the patch immediately.
Check Point customers are already protected from exploitation attempts of this vulnerability through the IPS software blade. For more information, please visit our blog.
Check Point's Threat Intelligence & Research divisions regularly investigate attacks, vulnerabilities and breaches, and develop protections to secure Check Point's customers. For more information on other research findings from Check Point, visit: .
Twitter:
Facebook:
Blog:
YouTube:
Check Point Software Technologies Ltd. () is the largest pure-play security vendor globally, provides industry-leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises' networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes. At Check Point, we secure the future.
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 20.04.2015 - 13:30 Uhr
Sprache: Deutsch
News-ID 386926
Anzahl Zeichen: 0
contact information:
Town:
SAN CARLOS, CA
Kategorie:
Hardware
Diese Pressemitteilung wurde bisher 171 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"MEDIA ALERT: Check Point Discovers Massive Vulnerability in Magento eCommerce Platform"
steht unter der journalistisch-redaktionellen Verantwortung von
Check Point Software Technologies Ltd. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
