Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
Third-party session replay scripts provide analytics that gives website owners insight into user behavior and how people interact with different parts of their site. These scripts capture and playback browsing sessions—every click, scroll, and input—and send this data to a third-party server. This data can even be linked to a user’s real identity.
Data from session replay scripts proves incredibly valuable to companies that want to optimize their site based on the way people interact with it, which has driven a massive popularity of the scripts—a study published by researchers at Princeton University reported that 482 of the 50,000 most trafficked websites use them, many without clear disclosure to users. In fact, almost 100,000 websites in total use the scripts, the most popular ones from companies such as FullStory, SessionCam, Clicktale, Smartlook, UserReplay, Hotjar, and Yandex.
While great for marketing purposes, using these scripts can be a big problem. On May 25, 2018, the General Data Protection Regulation (GDPR) goes into effect, which applies to any organization that collects, stores, and uses personal information about an EU citizen. As part of the regulation’s fairness and transparency guidelines, organizations must clearly state at the point of capture how they’ll be using an individual’s data. Permission to use their data must be explicit and demonstrated through an action such as ticking a box, a significant departure to the ‘opt out’ process most organizations have in place today. Evidence of violations and negligence serves as cause for significant fines.
Since the Princeton researchers released their research, two of the prominent companies they found using session replay scripts—Bonobos and Walgreens—said they would stop using them until they could evaluate their use for themselves. With two major online retailers needing some introspection vis-à-vis their data collection to make sure their marketing strategies align with the GDPR, many more could find themselves flat-footed on May 25th.
In fact, querying our own data, RiskIQ uncovered that the domains of 38 of the top 50 U.S. online retailers contain session replay scripts.
To support GDPR specifications, organizations need a comprehensive understanding of their digital footprint—all of the various internet-exposed assets that belong to them. They must be able to discover which external assets collect personally identifiable information (PII), including a user’s name, phone number, address, social media presence, photos, lifestyle preferences, location data, and even their IP address.
It sounds straightforward, but for multinational companies with expansive web infrastructure, merely compiling and assessing site details is often fraught with gaps and inaccuracies. When looking at 25 of the 50 largest banks in the U.S. (2017), the RiskIQ Threat Research team discovered that 68% of the banks had significant security gaps in PII collection.
RiskIQ Digital Footprint PII/GDPR Analytics feature helps expedite GDPR compliance during the initial discovery and subsequent audit processes by helping organizations identify websites belonging to them, as well as specific pages on those websites that collect PII insecurely.
With PII/GDPR Analytics applied to the Digital Footprint inventory, RiskIQ will automatically tag an organization’s internet-facing assets that have login forms, collect PII, or have cookies, and flag potential GDPR violations. Assets in this inventory can be filtered by tags, allowing for easy compliance evaluation and analysis. Organizations will also receive a detailed, quarterly point-in-time GDPR assessment in a PDF format for convenient analysis, reporting, and sharing, as well as a CSV file of external assets that collect PII.
Register for our upcoming webinar to learn more about RiskIQ GDPR Analytics and investigate assets running session replay scripts in our RiskIQ Community Public Project.
For today's executives, protecting your organization means protecting yourself—and knowing that personal security sits at the confluence of the physical and digital worlds. https://t.co/HShORi3X6j #ExecutiveProtection #ExecutiveSecurity
Overlap in RiskIQ's unique data sets uncovered a massive threat campaign using popular marketing and analytics tools to target gift card retailers, distributors, and processors. Here's what you need to know https://t.co/GkHsPFwkkd #ThreatIntelligence
Magecart group compromises 17,000 domains by overwriting Amazon S3 buckets l https://t.co/WeyMpruitk @RiskIQ
You can think of Magecart as the ATM skimmers of the web. Thanks to poor security hygiene, they’ve managed to hit 17,000 domains and counting, including some of the 2,000 biggest sites in the world. https://t.co/Gjf5MbnZMa