With the growing popularity of ecommerce platforms like Magento, Drupal, OS Commerce and others, online businesses have the ability to quickly scale up their online business with a great degree of flexibility and functionality.

Security vulnerabilities within these platforms are being detected on a regular basis and all credit to these organisations for rapidly putting out security patches to enable their clients to keep their websites secure.

Unfortunately MANY websites are not updated regularly, if at all.  While they may have their functionality, design etc regularly updated, their developers are not implementing the important security patches. This means that when a serious security issue is detected, they remain vulnerable and it is a matter of time before a criminal finds out and begins to steal their customer payment data.

Most malware - harvesting scripts, webshells, backdoors - and harvesting files are not easily detected externally, or indeed internally, without the right tools to do so.

WebScan from Foregenix is a free, external scan that we believe is one of the best detectors of malware available for websites.  It also identifies websites currently At Risk of compromise.

With 12% of websites, who have scanned themselves with WebScan, exhibiting signs of compromise and 53% currently At Risk, we're concerned that the issue is potentially larger than expected.  

In any case, we will continue to monitor the threat levels, while updating WebScan to detect the latest issues being seen by our forensic team. 

Is your website secure? 

if you haven't checked the security of your website you can do so at: