Magento users advised to install latest update to thwart attacks exploiting remote code execution security flaw

clock
Magento has advised users to apply the latest security update to protect their stores from potential attacks
Image:

Magento has advised users to apply the latest security update to protect their stores from potential attacks

The security flaw enables attackers to inject a malicious payload into a merchant's website site

Magento has urged users to apply the latest security update to protect their ecommerce sites from potential attacks exploiting a remote code execution (RCE) security flaw. "Because most exploits...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

More on Threats and Risks

The exploit means anyone can potentially locate secret military bases by uploading fake running data - underscoring the importance of IoT protection and security

Strava fitness app used to spy on Israeli military officials

The flaw has also exposed the locations of a number of sensitive sites in the country.

clock 21 June 2022 • 3 min read
Hertzbleed vulnerabiity in AMD and Intel CPUs could leak cryptographic keys

Hertzbleed vulnerabiity in AMD and Intel CPUs could leak cryptographic keys

Intel says an attack probably wouldn't work outside a lab environment

John Leonard
clock 16 June 2022 • 2 min read
Ransomware gang deploys BlackCat to attack hotel and creates searchable website of hacked data

Ransomware gang deploys BlackCat to attack hotel and creates searchable website of hacked data

Cyber-criminal groups have recently ramped up their use of Ransomware-as-a-Service (RaaS) BlackCat/ALPHA-V, first identified by security researchers in November 2021, and upped the ante by publishing the hacked data on a dedicated website.

clock 15 June 2022 • 1 min read