Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
The RiskIQ PassiveTotal Engineering team has been busy over the past few weeks on the tool that concerns external threats, attackers, and their related infrastructure, and we are excited to announce some product enhancements that should improve the overall user experience and make conducting investigations and accessing RiskIQ intelligence even easier.
Fig-1 Performance loading data
You have hundreds of alerts to get through, and we know every second counts. That’s why we’ve focused on performance loading data as it streams into the platform for faster assessments of actor infrastructure and a more consistent experience every time.
Fig-2 New-look project
Projects have gotten a new look and feel that enables you to search across public research and your own private investigations quickly, featuring dedicated tabs to organize your investigations more efficiently.
Public Projects: Projects shared with and available to the entire community
My Projects: An analyst’s investigations
Team Projects: (Enterprise Only) – All enterprise organization projects
Shared Projects: Projects where you are listed as a collaborator
RiskIQ is also excited to announce the expansion of our Public Projects to allow non-registered users the ability to view a project and share public projects with the wider security community via our newly added social media and email sharing controls. Currently, this functionality is only available on RiskIQ featured projects and will look to grow this capability with our community and research partners.
Fig-3 Public Project inside RiskIQ Community Edition
Easily access Open Source and RiskIQ intelligence using our Global Tags. These tags are pushed to PassiveTotal in coordination with a featured project to provide the community with easy access to intelligence and context.
Fig-4 Global tags
Analysts can also search PassiveTotal using global tags, easily surfacing unknown intelligence or kicking off an investigation based on actor group, campaign, or malware.
Fig-5 Global tags inside a Public Project
All of these enhancements are designed to improve the analyst experience, reduce friction in accessing data, and speed analysis for our community. We hope you enjoy these changes and as always, we love to hear from our analyst community, if you have feedback about any of these new features, please let us know.
The #Magecart supply-chain attack frenzy continues with AppLixir, RYVIU, OmniKick, eGain, AdMaxim, CloudCMS, and Picreel falling victim https://t.co/b7UWqL2PzW #BrowserThreats
Regarding Forbes: the skimmer was customized for Forbes, it wasn't an automated attack. Here's the rest of the infrastructure (not just for Forbes) they've been setting it up since January:
Fascinating learning about the cyber attacker's playbook from Yonathan Klijnsma: step 1: gain entry. 2. more reconnaissance 3. Theft, then profit #transportsecurity #TSC
Today at the #TransportSecurityCongress, RiskIQ's
@ydklijnsma spoke about the #Magecart breach of British Airways, which you can read more about here: https://t.co/cPqEqVVllj (Photo credit @SmartRailNews)
Context is everything! Here's how using Tags and Classifications in @RiskIQ PassiveTotal can get your team aligned and supercharge your investigations https://t.co/Wk5OfBZPu2 #ThreatHunting