Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
In today’s threat landscape, falling victim to attacks only takes a minute.
With businesses expanding their online presence to create more touchpoints with customers, employees, and partners, the boundaries between what’s inside the firewall and what’s outside become less and less discernible, opening a whole new front in the battle between attackers and security teams. These attackers target brands and consumers on the open web with tactics like phishing, spinning up malicious mobile apps, hacking third-party suppliers, and directly compromising websites.
Security teams must now protect both their organization’s internal network, as well as its presence across the entire internet. But just how vulnerable is this internet-facing attack surface and what is the material cost of defending—and not defending—it?
To find out, RiskIQ created our first annual “The Evil Internet Minute” last summer, which summarized the cyber threats organizations and Internet users face every minute. Because it gave an entirely new perspective on the threats targeting organizations outside their firewalls, it proved to be very popular with both the press and security champions in organizations, helping raise awareness of the scale of attacks leveled against them. As things have only gotten worse in the past year, we repeated the exercise and created a 2018 infographic that breaks down the cyber stats of the past year into an average Internet minute.
Click to download
We tap the best third-party research from around the world, and conduct our own by deploying our web-crawling infrastructure, which each day executes and analyzes more than two billion HTTP requests, takes in terabytes of passive DNS data, collects millions of SSL Certificates, and monitors millions of mobile apps to gather our own. When viewed as a whole, this data shows that as organizations continue to roll out new digital strategies and initiatives, the new digital assets they create are subject to scores of malware, malvertising, phishing and crypto mining efforts on a massive scale, while rogue apps, domain and brand infringement, and social impersonation cause business disruption and material loss.
On top of that, vulnerable third-party code, which many organizations may not even know they’re running, is a central narrative in recent security events, namely the rise in cryptocurrency mining and RiskIQ’s research into Magecart, the threat group responsible for the hack of Ticketmaster.
In almost all instances the numbers look worse than they did last year:
When brands understand what they look like from the outside-in, they can begin developing a digital threat management strategy that allows them to discover everything associated with their organization on the internet, both legitimate and malicious, and monitor it for potentially devastating cyber attacks. However, bringing the massive scope of an organization’s attack surface into focus is no easy task.
Click here to see RiskIQ’s 2018 “Evil Internet Minute” infographic and find out what you and your organization are up against:
For today's executives, protecting your organization means protecting yourself—and knowing that personal security sits at the confluence of the physical and digital worlds. https://t.co/HShORi3X6j #ExecutiveProtection #ExecutiveSecurity
Overlap in RiskIQ's unique data sets uncovered a massive threat campaign using popular marketing and analytics tools to target gift card retailers, distributors, and processors. Here's what you need to know https://t.co/GkHsPFwkkd #ThreatIntelligence
Magecart group compromises 17,000 domains by overwriting Amazon S3 buckets l https://t.co/WeyMpruitk @RiskIQ
You can think of Magecart as the ATM skimmers of the web. Thanks to poor security hygiene, they’ve managed to hit 17,000 domains and counting, including some of the 2,000 biggest sites in the world. https://t.co/Gjf5MbnZMa