Search results for: Magecart


Is the enterprise on the brink of a global web supply chain attack?

Ever since the Web development ecosystem evolved to the current paradigm of code reuse, companies have placed themselves too close to the abyss. Web supply chain attacks are a real security threat – and one which the enterprise is vastly unprepared for. The security threats of relying on third-party code are mostly known within the scope of Magecart attacks – which consist of attackers injecting malicious code in third-party scripts to skim credit card details … More


Week in review: IE zero-day, S3 bucket security, rise of RDP as a target vector

Here’s an overview of some of last week’s most interesting news, articles and podcasts: Cybersecurity automation? Yes, wherever possible Automated systems are invaluable when it comes to performing asset discovery, evaluation and vulnerability remediation, sifting through mountains of data, detecting anomalous activity and, consequently, alleviating the everyday burdens of security teams. How can we thwart email-based social engineering attacks? More than 99 percent of cyberattacks rely on human interaction to work, Proofpoint recently shared. More … More


Cybercriminals plan to make L7 routers serve card stealing code

One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 routers. What is Magecart? Magecart is an umbrella label for a growing number of cybercriminals groups that perform JavaScript-based credit card skimming attacks, usually by: Compromising individual e-commerce sites Compromising third-party sources of scripts that online shop owners use to add various functionalities or serve ads … More


How data breaches forced Amazon to update S3 bucket security

Amazon launched its Simple Storage Service (better known as S3) back in 2006 as a platform for storing just about any type of data under the sun. Since then, S3 buckets have become one of the most commonly used cloud storage tools for everything from server logs to customer data, with prominent users including Netflix, Reddit, and GE Healthcare. While S3 rolled out of the gate with good security principals in mind, it hasn’t all … More


Week in review: CISO do’s and don’ts, Windows Defender scan fail, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news, articles and podcasts: CISO do’s and don’ts: Lessons learned Keeping a business safe from cyber threats while allowing it to thrive is every CISO’s goal. The task is not easy: a CISO has to keep many balls in the air while being buffeted by an increasingly complex and always shifting threat landscape. Consequently, the importance of a good CISO should not be underestimated. Security … More


Old Magecart domains are finding new life in fresh threat campaigns

Magecart has so radically changed the threat landscape, victimizing hundreds of thousands of sites and millions of users, that other cybercriminals are building campaigns to monetize their handiwork, a RiskIQ research reveals. These secondary actors know that websites breached by Magecart are likely still making calls to domains once used for skimming and exfiltrating credit card data. Once registrars bring these campaigns back online after they were sinkholed or otherwise deactivated, these scavengers buy them … More


When will the GDPR pot boil over? It’s sooner (and different) than you think

There’s an old saying that a watched pot never boils. In reality, the sauce in that pot is heating up in a way we can’t quite see yet. After the major compliance ramp by companies in 2018, a lot of us thought the impact of GDPR would be instant and boiling over, so to speak. Instead we watch, and hear complaints that one year out from its effective date, the GDPR is barely bubbling with … More

online shop owned

Online skimming: An emerging threat that requires urgent awareness and attention

A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect, according to PCI Security Standards Council and the Retail & Hospitality ISAC. Once a website is infected, payment card information is “skimmed” during a transaction without the merchant or consumer being aware that the information has … More

RiskIQ JavaScript Threats Module protects orgs’ high-traffic payment pages from JavaScript attacks

RiskIQ, the global leader in attack surface management, announced the launch of RiskIQ JavaScript Threats Module to ensure customer trust in e-commerce by protecting organizations’ high-traffic payment pages from JavaScript attacks. The module is part of a comprehensive platform for reducing threats to organizations’ internet attack surfaces. JavaScript Threats is the only enterprise-scale product trusted by the largest financial and e-commerce companies and powered by the threat intelligence of industry-leading experts on Magecart JavaScript attacks. … More


Every minute, $2.9 million is lost to cybercrime

Cybercriminals cost the global economy $2.9 million every minute last year, a total of $1.5 trillion, according to RiskIQ. Top companies pay $25 per minute due to security breaches. Additional malicious activity includes: $1,930: the cost of hacks on cryptocurrency exchanges every minute $17,700: lost from phishing attacks per minute $22,184: the projected by-the-minute cost of global ransomware events in 2019 8,100: identifier records compromised every minute 7: malicious redirectors detected each minute 2.4: phish … More


Week in review: Fileless malware, usable cybersecurity, Magecart goes after S3 buckets

Here’s an overview of some of last week’s most interesting news and articles: Inside the NIST team working to make cybersecurity more user-friendly Cybersecurity is usually not a user’s primary duty, yet they suffer an increasing burden to respond to security warnings, maintain many complex passwords, and make security decisions for which they are not equipped. This is the main reason why security needs to be usable and why the National Institute of Standards and … More


Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been exploiting them to inject payment card skimming scripts into websites. The problem with unsecured Amazon S3 buckets “Amazon Simple Storage Service (S3) provides the ability to store and serve static content from Amazon’s cloud. Businesses use S3 to store server backups, company documents, web logs, and publicly visible content such as web … More