Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
The browser has become one of the most vulnerable and frequently targeted attack vectors for businesses.
Browser-based attacks—Web skimming, Cryptocurrency Miners, Fingerprinters, and Waterholing (including exploitation) encounters—are responsible for some of the most high-profile breaches in recent history, such as the hack of British Airways.
Given the frequency by which RiskIQ researchers now encounter these attacks, they should be taken just as seriously by businesses as threat mainstays like phishing and ransomware. When it comes to browser-based attack vectors, RiskIQ researchers encounter them in a variety of flavors.
For the rest of the techniques, download the complete report and infographic below
Browser-based attacks are poised to carve out a significant portion of the threat landscape for years to come, so it’s essential to understand what makes them tick. And the first step to doing so is understanding what they all have in common: malicious injects.
Browser-based threats need malicious injects to execute their code, so that is where all these browser based attacks begin. With RiskIQ telemetry data, we determined the six most common and interesting injection techniques that lead to these browser threats:
3. Supply Chain
4. Executable Scope
5. Function Inlining
6. RFC Edge Cases
For a high-level, illustrated look at these six injection techniques or comprehensive analysis of each, download the infographic or full report here.
Going forward, combating browser threats will be one of the most critical security endeavors organizations undertake. Having visibility into your web-facing assets will be vital to detecting these malicious injects.
A key feature of RiskIQ’s integrated digital threat platform is our worldwide network of web crawlers that continuously crawl the internet, collecting not just rendered pages but also the entire sequence of requests and responses that make up a web page—headers, dependent requests, certificates, and more. These crawls give our customers insight into what’s happening on a web server at any given point in time, and how that server would interact with a real user.
Through these capabilities, RiskIQ allows customers to defend themselves from this whole class of browser-based attacks.
The #Magecart supply-chain attack frenzy continues with AppLixir, RYVIU, OmniKick, eGain, AdMaxim, CloudCMS, and Picreel falling victim https://t.co/b7UWqL2PzW #BrowserThreats
Regarding Forbes: the skimmer was customized for Forbes, it wasn't an automated attack. Here's the rest of the infrastructure (not just for Forbes) they've been setting it up since January:
Fascinating learning about the cyber attacker's playbook from Yonathan Klijnsma: step 1: gain entry. 2. more reconnaissance 3. Theft, then profit #transportsecurity #TSC
Today at the #TransportSecurityCongress, RiskIQ's
@ydklijnsma spoke about the #Magecart breach of British Airways, which you can read more about here: https://t.co/cPqEqVVllj (Photo credit @SmartRailNews)
Context is everything! Here's how using Tags and Classifications in @RiskIQ PassiveTotal can get your team aligned and supercharge your investigations https://t.co/Wk5OfBZPu2 #ThreatHunting