Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
It’s now been a year since the E.U. General Data Protection Regulation (GDPR) went into effect, and RiskIQ has found that one in 10 PII-capturing websites belonging to the top-ten U.K. financial services organizations are still doing so without adequate security measures.
Most of these organizations are continuing to expand their web presence. However, with penalties up to 4 percent of annual global turnover for breaching GDPR guidelines, it’s vital that they maintain a complete inventory of their websites and the PII-collecting pages they contain. Given the material damages of non-compliance, not doing so is a dangerous game of chicken.
A PII capturing website is one which accepts user input that can identify an individual. Examples of PII include input data such as name, address, date of birth, email address and login credentials. In addition to web pages with data entry fields, the research also extends to pages with iframes and pop-up windows that populate during a browser session and accept data. RiskIQ identifies these by referencing the Document Object Model (DOM) of each page of a website. This method is language agnostic and identifies PII capture regardless of the site language.
While these numbers are down from the 27 percent of sites we identified a year ago, it is still far from the required 0 percent. This demonstrates that while organizations are continuing to make progress in ensuring that personal data entered online is collected securely, there’s a lot of work to be done. Across 48,949 active websites, RiskIQ research found that out of 4,512 sites capturing PII through data entry points accessible by site visitors, 11.5 percent of these sites (522 sites) are capturing PII insecurely, equating to an average of 52 sites per organization.
Insecure sites are defined as those websites that capture data in clear text using the HTTP protocol, or sites with certificate issues, such as expired certificates, misconfigured certificates or using old and untrusted certificates. The findings highlight one of the key challenges businesses face in the protection of PII, as required by GDPR.
While many organizations see this as an EU-only regulation, in reality, the onus is on any organization that collects, stores, and uses personal information about an E.U. citizen. To avoid penalties, you need a comprehensive understanding of your digital footprint—all of the various internet-exposed assets that belong to your organization. You must also be able to discover which external assets collect PII, including a user’s name, phone number, address, social media presence, photos, lifestyle preferences, location data, and even their I.P. address.
Sounds straightforward, but for multinational companies with extensive web infrastructure, just compiling and assessing site details is often fraught with gaps and inaccuracies. For example, when looking at 25 of the 50 largest banks in the U.S. (2017), the RiskIQ Threat Research team discovered that 68 percent of the banks had significant security gaps in PII collection.
RiskIQ Digital Footprint can help with GDPR compliance by identifying websites within an organization’s footprint that collect and process PII. Digital Footprint’s PII/GDPR Analytics provides organizations with the capability to discover, inventory, and assess websites, apps, and infrastructure where PII is captured and processed, and identify and assess PII-collecting website exposures: notices, forms, SSL certificates, frameworks. It can also verify the security of PII-collecting websites with SSL certificates and encryption.
For more information about how RiskIQ can help with GDPR compliance, please download our white paper and datasheet.
The #Magecart supply-chain attack frenzy continues with AppLixir, RYVIU, OmniKick, eGain, AdMaxim, CloudCMS, and Picreel falling victim https://t.co/b7UWqL2PzW #BrowserThreats
Regarding Forbes: the skimmer was customized for Forbes, it wasn't an automated attack. Here's the rest of the infrastructure (not just for Forbes) they've been setting it up since January:
Fascinating learning about the cyber attacker's playbook from Yonathan Klijnsma: step 1: gain entry. 2. more reconnaissance 3. Theft, then profit #transportsecurity #TSC
Today at the #TransportSecurityCongress, RiskIQ's
@ydklijnsma spoke about the #Magecart breach of British Airways, which you can read more about here: https://t.co/cPqEqVVllj (Photo credit @SmartRailNews)
Context is everything! Here's how using Tags and Classifications in @RiskIQ PassiveTotal can get your team aligned and supercharge your investigations https://t.co/Wk5OfBZPu2 #ThreatHunting