Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
The digital revolution has caused businesses to venture outside the safety of corporate perimeters into the expanses of the open internet where they can make more frequent and more meaningful touchpoints with employees, prospects, and customers. Unfortunately, this also makes them a target for a new breed of attackers that level internet-scale threats at their digital attack surface, a varied collection of client-facing assets outside the firewall that hackers can and will discover as they research their next threat campaigns.
A significant portion of this digital attack surface is the mobile channel.
To highlight the mobile threat landscape in the third quarter of 2018, RiskIQ applied its crawling platform, which monitors 300+ mobile app stores around the world and leveraged our daily scans of nearly 2 billion resources to look for mobile apps in the wild.
Q3 showed a nearly 220 percent increase in blacklisted apps over Q2—apps matching against at least one blacklist such as VirusTotal, which, per its website, inspects files or web pages with over 70 antivirus products and other tools. A blacklist hit from VirusTotal shows that at least one vendor has flagged the file as suspicious or malicious. However, due to a surge in total apps observed, the percentage of blacklisted apps dropped from 4% in Q2 to 3% in Q3.
Fig-1 Q3 saw a spike in blacklisted mobile apps
With a proactive, store-first scanning mentality, RiskIQ observes and categorizes the threat landscape as a user would see it. Every app we encounter is downloaded, analyzed, and stored. RiskIQ also records changes and new versions of apps as they evolve. In this report, we’ll give an overview of these mobile threats, as well as emerging trends we anticipate will be prevalent in the future, to help you protect yourself and your customers.
Download RiskIQ’s Q3 Mobile Landscape Report for key mobile threat insights including;
RiskIQ automatically runs all mobile applications encountered through a variety of blacklists, including VirusTotal. We differ from other monitoring systems that rely on end users employing their virus scanning tools and/or manual sample submissions. RiskIQ provides discovery across all major app stores as well as more than 150 others, including focused coverage of high-risk stores and regions for brand impersonation, malware, and fraud.
In addition to comprehensive coverage of third-party app stores worldwide, RiskIQ incorporates a unique source of “feral app” binaries, or mobile apps collected outside of dedicated mobile app stores, via drive-by download for example.
To read more about how RiskIQ can help with your mobile security, click here.
Webcast: Learn how #webskimming attacks work and what organizations can do to protect themselves with @RiskIQ | 4/18 @ 3:30PM ET | https://t.co/1Qe36D9NW1
Today is the deadline to file your taxes, but threat actors didn’t procrastinate. Download @RiskIQ’s 2019 #TaxSeason Threat Roundup for data and analysis around the threat landscape facing taxpayers this year https://t.co/ALAepevk15 #phishing #mobilethreats
Tax Hacks: How Seasonal Scams Cause Yearlong Problems https://t.co/QuqeibM9Xl by @kellymsheridan #taxday #taxtips #fraud #cybercrime
This #phishing page is a copy of an online IRS form for updating electronic #tax information.
A new report found 1,235 instances of similar phishing sites targeting online tax filers, and 468 suspicious URLs.
Via @forbes: Before, cyber security was practiced within the confines of the firewall, but should now traverse the entire internet https://t.co/Bg1vwGhwpp #AttackSurfaceManagement #Infosec