Let us maintain your Magento 2 webshop, and together we will take your online platform to the next level. Magento 2 is a powerful open-source e-commerce system that, with the right care and attention, can reach great heights. Our affordable maintenance ensures that you not only have a secure webshop but also room for beautiful expansions.
With a Magento 2 webshop, you are using an open-source platform. One of the many benefits is that thousands of developers worldwide work daily to keep the platform secure. Our shared goal is to provide Magento 2 users with the safest possible future. Since Magento 2 is open source, new updates are released regularly. If we maintain your webshop, you will benefit from the following:
✓ Active development with the Open Source community;
✓ Periodic updates to the latest version;
✓ No unexpected high costs;
✓ Critical updates implemented quickly;
✓ A secure webshop for you and your customers;
Due to the ongoing development of the Magento 2 platform, approximately four updates are released each year. It is advisable to always install the latest updates for your store, even if they do not directly impact your security.
The open-source community, active around the clock worldwide, also regularly releases patch notes (detailed descriptions of the updates). These patch notes are valuable, but they also present an opportunity for malicious actors. A hacker with ill intentions can use these updates as a manual to target unpatched webshops.
Our developers are Magento certified developers. We also place great importance on personal development. With our expertise, you can always rely on us to provide the highest quality.
If you haven’t heard from your developer about an update or patch by mid-June, you should start to worry.
CosmicSting (also known as CVE-2024-34102) is the worst bug to hit Magento and Adobe Commerce stores in two years. On its own, it allows anyone to read private files (such as those with passwords). However, when combined with the recent iconv bug in Linux, it becomes the security nightmare of remote code execution. This deadly bug gives full control to attackers and the attack can be automated, leading to mass hacks on a global scale. (Update July 1: this is happening right now!)
With a score of 9.8 on the Common Vulnerability Scoring System, Adobe issued the following statement: “This is a serious matter, and you need to apply a patch. It is likely only a matter of time before someone publishes an analysis and reproduction steps.”
Adobe released a patch for CosmicSting attacks last week. Although Adobe (of course) did not share details of the attack, partner Sansec was able to reproduce the attack based on the patch code. We believe malicious actors are already doing the same.
For context: similar critical security issues have occurred only three times in Magento’s history: 2015: Shoplift attack, 2019: Ambionics attack, 2022: Trojan Order attack.
On each of these occasions, tens of thousands of stores were hacked, sometimes within hours. It is therefore crucial to upgrade your stores as quickly as possible.
