November 1, 2018 CBS News: A Look Behind the Magecart Assault on E-commerce Magecart, an umbrella term given to at least seven cybercriminal groups that are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate, is responsible for recent high-profile breaches of global brands Ticketmaster, British Airways, and Newegg. Over the past few years, Magecart operatives intercepted thousands of consumer credit card records, and […]
October 30, 2018 Treat or Trick? Six Dangerous Digital Threats Dressed up As Irresistible Treats With Halloween right around the corner, we’re diving into the “tricks” and “treats” of digital threats. We’ll show you recent instances we’ve observed of threat actors using bait, or “treats” to lure victims to their ‘tricks,” malicious campaigns that harm customers, employees, and brands. In this blog, we’ll cover six recent scenarios involving tasty treats […]
October 25, 2018 5 Common Visibility Gaps Your Enterprise Security Plan Can’t Afford Today’s cybersecurity challenges are unlike anything we’ve seen before. Your organization’s IT infrastructures now consist of the traditional network—employee laptops, desktops, various operating software, storage platforms and servers, cloud storage—plus an entirely new attack surface made up of a myriad of assets that exist outside the firewall. As your enterprise adapts to an ever-changing IT […]
October 2, 2018 Cyber Threat Landscape: How it’s Evolving & How to Respond Like many of the conflicts that we see in the world today, the number of cyber threats has grown exponentially in size and scope, from within the confines of the firewall to traversing the whole internet. Despite this sprawl, CISOs still spend significant money securing their perimeter, employing an average of 35 tools to do […]
September 18, 2018 Q2 2018 Mobile Threat Landscape Report: Blacklisted Apps on the Rise as Scams Get Mobile The mobile threat landscape is big, complex, and always changing. The number of mobile apps, both legitimate and malicious, and the stores that host them fluctuate from quarter to quarter—as do the tactics used by attackers to target brands and end-users. For the second year in a row, there was a sharp increase in blacklisted […]
September 11, 2018 Inside the Magecart Breach of British Airways: How 22 Lines of Code Claimed 380,000 Victims On September 6th, British Airways announced it had suffered a breach resulting in the theft of customer data. In interviews with the BBC, the company noted that around 380,000 customers could have been affected and that the stolen information included personal and payment information but not passport information. On its website, British Airways placed an […]
August 27, 2018 The RiskIQ Internship Program Series: Henrik Over the ten-week RiskIQ internship program, I have been interning in the product management department at RiskIQ. The program combines practical experience from RiskIQ, a successful startup company and leader in its space, with lessons in innovation and entrepreneurship at UC Berkeley. RiskIQ supports this program to inspire young professionals and give them the confidence […]
August 21, 2018 What’s in an Evil Internet Minute? Even More Evil than Before In today’s threat landscape, falling victim to attacks only takes a minute. With businesses expanding their online presence to create more touchpoints with customers, employees, and partners, the boundaries between what’s inside the firewall and what’s outside become less and less discernible, opening a whole new front in the battle between attackers and security teams. […]
August 14, 2018 Are you Addressing Domain Infringement Attacks Against Your Organization Before they Strike? Unfortunately, all too often organizations are flooded with alerts regarding possible look-a-like domains, but can’t identify which are the most important or take action against dangerous instances of domain infringement until after an employee or customer notifies them that they’ve been victimized. By then the brand, reputational, and material damage has been done, and without […]
