Payments Industry Consulting

  • Consultancy
    • Payments >
      • Payment methods
      • US on-line Gambling News
    • Money license assistance
    • Security >
      • PCI SSC news
    • Anti-Money Laundering
    • Prevent Fraud
  • Dispute Chargeback
    • How to dispute a chargeback
  • About us
    • Founders
    • Clients
    • Partners
  • Contact us
    • Send request
  • Consultancy
    • Payments >
      • Payment methods
      • US on-line Gambling News
    • Money license assistance
    • Security >
      • PCI SSC news
    • Anti-Money Laundering
    • Prevent Fraud
  • Dispute Chargeback
    • How to dispute a chargeback
  • About us
    • Founders
    • Clients
    • Partners
  • Contact us
    • Send request

Magento vulnerabilities and PoSeidon POS malware

7/16/2016

0 Comments

 
Visa has highlighted two security issues regarding Magento vulnerabilities and PoSeidon POS malware in the attached data security alerts:
 
-      Magento is a popular open-source, e-commerce platform written in PHP. Several critical and high vulnerabilities were discovered and patched on the Magento platform in January 2016. Merchants who have not deployed security patch SUPEE-7405, as required by PCI standards, are vulnerable to remote exploits that can compromise account data.
-      In March 2016, the PoSeidon (point-of-sale) PoS malware was modified with the incorporation of a persistence monitoring capability. PoSeidon malware now actively monitors the PoS system processes in order to maintain the infection and malware functionality. If the malware is removed from the system, the monitor process waits two (2) minutes and re-infects the system.
 
The attached data security alerts may be disseminated to all payment system stakeholders.
0 Comments



Leave a Reply.

    Author

    Olga Bencini,
    ​PCI Payment Professional 

    Archives

    December 2021
    December 2017
    August 2016
    July 2016

    Categories

    All

 AcceptLocal Online Ltd                                                                                                                         PCI SSC News

©  2014-2024 ​AcceptLocal Online Ltd.  All rights Reserved.