Magento Credit Card Hack

Magento Credit Card Hack

Yes once again Magento is being targetted for credit card fraud. According to Flashpoint, “attackers who are using brute-force password attacks to access administration panels to scrape credit card numbers and install malware that mines cryptocurrency.”

Why you ask?  Well the stealing credit card is obvious but the mining?  Well  Magento has a big footprint in terms of hosting needs and so does cryptocurrency mining.  So what better way than to steal that power from someone else.  Bit like “sharing”  your neighbor’s cable TV link. But not as innocuous.

But don’t worry too much.  Their efforts are simply brute-force attacks using common and known […] Read more

osCommerce Then and Now

osCommerce Then and Now

osCommerce, once the light of open source eCommerce, has been dogged with rumors of its demise which started with the initial release of Magento. A clever marketing campaign, perhaps on the part of Varien to steal market share, it has re-emerged from time to time. No having release every couple of months was actually a good thing. It meant there were no defects. However with the announcement of the development of 2.4 and the passing of the original release date of August 2017, the question arises again albeit this time legitimately. Is there a future in osCommerce? […] Read more

WordPress Gutenberg

WordPress Gutenberg

WordPress Gutenberg is a new editor for WordPress that, according to WordPress “A new publishing experience for WordPress is in the works: get ready to make your words, pictures, and layout look as good on screen as they do in your imagination, without any code.”

It treats sections of the content (Headings, paragraphs, lists etc) as “blocks” allowing for individual formatting.  Unlike the current editor, where you have a visual and text (html) view, under Gutenberg, there is one visual view and the text view is handled at block level.

Gutenberg will be of great assistance to those with little to no […] Read more

Authorize.net  TLS 1.2 D Day

Authorize.net TLS 1.2 D Day

Authorize.net will no longer allow TLS 1.0 or 1.1 as of is February 28, 2018.

This means the server your site runs on must be using TLS 1.2 by that date. To check you can use SSL Labs tool.  If you don’t see TLS 1.2 enabled contact your hosting company immediately!

You can read more about TLS FAQs for additional information regarding TLS disablement.

It will also affect what browers you and your customers can use and you can find a list of acceptable ones here.   Some older ones like Safari for Windows will stop working for https:// pages.

NOTE: PayPal and other merchant account gateways […] Read more