News

eBay Fixes Security Gap In Magento eCommerce Platform

It’s not the first time eBay has had to patch security holes on its eCommerce platform, Magento, but the online marketplace company has once again cleaned up vulnerabilities that could have provided hackers the opportunity to steal data.

This time around, three security vulnerabilities were discovered by Vulnerability Lab’s Security Researcher Hadji Samir, according to a ZDnet report, which identified the security flaws that were used on the platform eBay uses to enable online shopping and transactions. The researcher deemed the vulnerabilities to be “medium” flaws, the report said.

Magento, which is used and owned by eBay, is an eCommerce software and platform used by many leading brands.

Among the three security vulnerabilities includes a CSRF flaw, which allows hackers to conduct “client-side account theft by hijacking, client-side phishing, client-side external redirects and the non-persistent manipulation of affected or connected service modules,” Samir said.

Data released in April by Check Point Software Technology showed that there may have been a “massive vulnerability” in the Magento eCommerce Platform that could have a significant impact on the security of the eCommerce Market. eBay had fixed the flaw before it was publicly reported on, but that didn’t stop the research group from reporting on the impact of that security flaw.

In April, Check Point said that their Malware and Vulnerability Research Group discovered gaps in eBay’s Magento eCommerce platform that could impact as many as 200,000 online shops.

“As online shopping continues to overpower in-store shopping, eCommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information,” said Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies. “The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores – which represents about 30 percent of the eCommerce market.”

To check out what else is HOT in the world of payments, click here.

——————————–

Latest Insights: 

Facebook is a giant in the ad game, with 2.3 billion active monthly users and $16.6 billion in quarterly advertising revenue. However, its omnipresence makes it a honeypot for fraudsters. In this month’s Digital Fraud Report, PYMNTS talks with Rob Leathern, Facebook’s director of product management, on how the site deploys automated systems and thorough advertiser vetting to close the lid on fraudster attempts.

1 Comment

TRENDING RIGHT NOW

To Top