Search results for: Magecart

online shopping

1 in 5 merchants compromised by Magecart get reinfected

The Magecart threat looms large for online retailers and their customers, as the criminal groups that have been assigned this collective name are constantly trying out new tricks for stealthily compromising the shops and achieving persistence. According to security researcher Willem de Groot, the Magecart attackers have become so adept at the latter that many online merchants end up having to clean their shops many times. “In the last quarter, 1 out of 5 breached … More

online shop owned

Protecting applications from malicious scripts

In 2018, malicious client-side scripts are still posing a problem for large organizations. This year, British Airways revealed that they suffered a data breach in which 380,000 records were exfiltrated. Now, NewEgg has been hit with a similar data breach. This follows a string of attacks from a group known as Magecart, who were also responsible for publicized data breaches of Ticketmaster and Feedlify. Any time malicious Javascript is loaded onto a critical page– for … More

corporate cloud

Week in review: Enterprise cybersecurity PKIs, keeping your cloud malware-free

Here’s an overview of some of last week’s most interesting news and articles: Researchers link Industroyer to NotPetya ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts throughout the country: a backdoor dubbed Exaramel. Four critical KPIs for securing your IT environment What should you be measuring when it comes to your security program? Serious lack of infosec … More

payment card

Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites

The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as many online shops as possible. The latest target of Magecart Group 5, as it has been dubbed by RiskIQ researcher Yonathan Klijnsma, is Shopper Approved, an organization that provides rating seals for online stores. The Shopper Approved compromise The attackers have managed to compromise the Shopper Approved … More


Week in review: Shifting security priorities, phishing manipulation tactics, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Why identity verification needs to be a part of your digital transformation strategy Here are three key reasons why identity verification needs to be part of your company’s digital transformation strategy. (IN)SECURE Magazine issue 59 released (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Manipulation tactics that you fall for in phishing attacks No … More

online shop owned

New Magecart victims ABS-CBN and Newegg are just the tip of the iceberg

With the Magecart attackers compromising web shops left and right, online shopping is becoming a risky proposition. After Ticketmaster, British Airways and Feedify, two new Magecart victims have been identified: the broadcasting giant ABS-CBN and online retailer Newegg. Compromised shops Security researcher Willem de Groot flagged the ABS-CBN compromise a few days ago and he believes the attackers added the payment card skimming script on or before August 16th. RiskIQ and Volexity researchers shared details … More


Week in review: API security, malware-less email attacks, reversing the cybersecurity skills shortage

Here’s an overview of some of last week’s most interesting news and articles: What can we do to reverse the cybersecurity skills shortage? Having a strong pipeline of talent coming through is vital to help organizations and individuals protect themselves. How do you feed that pipeline, though? Verizon details breaches they were called in to investigate Last year, Verizon Enterprise Solutions released a Data Breach Digest that gathered 16 cybercrime case studies. This year, each … More


Magecart compromises Feedify to get to hundreds of e-commerce sites

Customer engagement service Feedify has been hit by Magecart attackers, who repeatedly modified a script that it serves to a few hundred websites to include payment card skimming code. The current situation The compromise was first flagged by someone who goes by Placebo on Twitter and duly reported to the company. Feedify reacted by nuking the offending script – which was apparently modified on August 17 – but the attackers still had access to the … More

British Airways

British Airways breach was effected by Magecart attackers

The British Airways breach was the work of a well-known criminal group dubbed Magecart, which managed to put payment card skimming code on the company’s website, says RiskIQ researcher Yonathan Klijnsma. The group has been compromising online shops left and right for years and its most recent known target before British Airways was Ticketmaster. They use the stolen information to perform card-not-present fraud and employ mules to reship thusly bought high-priced goods to addresses in … More

general virtual digital

Week in review: Zero-login, Magecart threat, cybersecurity expert shortage

Here’s an overview of some of last week’s most interesting news and articles: Dealing with a system launch: It requires more than just testing Rolling out new IT systems or software can be a challenge and fraught with issues from day one – and the recent IT crisis with TSB has shown how damaging these can be if managed poorly. Only 65% of organizations have a cybersecurity expert Despite 95 percent of CIOs expecting cyberthreats … More

shop online

Magecart presents an unprecedented threat: Here’s what you can do

Recently we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit card skimming operation that impacted over 800 ecommerce sites around the world. On the surface, even an attack of this size isn’t necessarily out of the norm in today’s threat landscape of highly sophisticated actors. However, if we consider the true impact of this event it … More


Week in review: The OT/ICS landscape for cyber professionals, putting the Sec into DevSecOps

Here’s an overview of some of last week’s most interesting news: How to allocate budget for a well-rounded cybersecurity portfolio What should a well-rounded cybersecurity portfolio look like? Android devices with pre-installed malware sold in developing markets New low-end Android smartphone devices being sold to consumers in developing markets, many of whom are coming online for the first time, contain pre-installed malware, according to Upstream. An overview of the OT/ICS landscape for cyber professionals Most … More