ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones

Consumers don’t vet apps well enough to mitigate mobile threat risk, according to the latest mobile-threat report from RiskIQ Continue reading ThreatList: Sharp Increase in Fake Mobile Apps Impersonating Legit Ones

Magecart strikes more than 2 million websites as more groups get involved

Digital scammers have included malicious Magecart code on more than 2 million websites, according to new research that demonstrates how hackers exploit seemingly trivial website vulnerabilities to easily steal customer payment information. “Magecart” is an umbrella term that applies to hacks in which outsiders inject specific, malicious JavaScript code onto e-commerce websites to collect shoppers’ payment information. It’s a subtle fraud technique that RiskIQ has detected on 2,086,529 sites, the security company said in a report published Friday. Notable victims have included British Airways and Ticketmaster, though the number of organizations affected continues to grow because hackers now are leveraging cloud servers and other hard-to-detect methods to steal data. The average Magecart infection lasts for 22 days, RiskIQ said. The company did not disclose which sites were included in the 2 million hit, saying only that the list included sites in Alexa’s ranking of the top 2,000 pages online. Meanwhile, […]

The post Magecart strikes more than 2 million websites as more groups get involved appeared first on CyberScoop.

Continue reading Magecart strikes more than 2 million websites as more groups get involved

The 5 biggest examples of executive threats and how to prevent them

Many executives focus their security efforts and budgets solely on physical threats, but attacks targeting an executive’s digital presence can be just as dangerous. Criminals are looking to exploit the wealth of high-profile and high net-worth in… Continue reading The 5 biggest examples of executive threats and how to prevent them

Old Magecart domains are finding new life in fresh threat campaigns

Magecart has so radically changed the threat landscape, victimizing hundreds of thousands of sites and millions of users, that other cybercriminals are building campaigns to monetize their handiwork, a RiskIQ research reveals. These secondary actors kn… Continue reading Old Magecart domains are finding new life in fresh threat campaigns

New infosec products of the week: August 2, 2019

Qualys is making its Global IT Asset Discovery and Inventory app available to all businesses for free Qualys is making its Global IT Asset Discovery and Inventory app available to all businesses for free. In a world where connected devices are explodin… Continue reading New infosec products of the week: August 2, 2019

RiskIQ JavaScript Threats Module protects orgs’ high-traffic payment pages from JavaScript attacks

RiskIQ, the global leader in attack surface management, announced the launch of RiskIQ JavaScript Threats Module to ensure customer trust in e-commerce by protecting organizations’ high-traffic payment pages from JavaScript attacks. The module is part … Continue reading RiskIQ JavaScript Threats Module protects orgs’ high-traffic payment pages from JavaScript attacks

Every minute, $2.9 million is lost to cybercrime

Cybercriminals cost the global economy $2.9 million every minute last year, a total of $1.5 trillion, according to RiskIQ. Top companies pay $25 per minute due to security breaches. Additional malicious activity includes: $1,930: the cost of hacks on c… Continue reading Every minute, $2.9 million is lost to cybercrime

Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says

One of the most notorious e-commerce scams has expanded into a “mass compromise” that preys on vulnerable cloud infrastructure to skim data from thousands of websites, according researchers with security vendor RiskIQ. Hackers using so-called Magecart techniques have infiltrated more than 17,000 sites by sneaking into misconfigured cloud repositories, reports the San Francisco-based company. The crooks are automatically scanning the web for vulnerable Amazon Web Services S3 buckets and adding malicious code that captures financial information, the researchers say. While AWS does have automatic protections for S3 buckets, it’s common for the repositories to be misconfigured and thus vulnerable to outsiders. Many e-commerce sites use S3 buckets to store sensitive data. The thieves started compromising insecure buckets in April, RiskIQ says. This campaign, which RiskIQ says has affected websites in Alexa’s top 2,000 internet rankings, is the latest Magecart-style attack after previous incidents at British Airways, Ticketmaster, and other international shipping sites. “Magecart” doesn’t refer to a single cybercriminal gang, but a style […]

The post Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says appeared first on CyberScoop.

Continue reading Automated Magecart spree hit thousands of sites via misconfigured cloud servers, RiskIQ says

Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets

We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been exploiting them to inject payment card skimming scripts into websites. The problem… Continue reading Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets