The Cyber Threat Intelligence Blog | RiskIQ

Try Community Edition Contact Us

Blog

Recent Posts

Executives can be Data-Breached: How Safe is your CEO?

January 8, 2019

Dan Schoenbaum

External Threat Management

Traditional Security is Dead. Long Live Attack Surface Management

December 27, 2018

Dan Schoenbaum

External Threat Management

New RiskIQ Research Highlights the Dangers of Downloading Malicious Mobile Apps this Holiday Season

December 13, 2018

Team RiskIQ

External Threat Management

PHP Version 5 End of Life: Millions of Websites are About to Become Vulnerable

December 12, 2018

Team RiskIQ

External Threat Management

In Latest Magecart Evolution, Group 11 Stole More Than Just Card Data From Vision Direct

December 4, 2018

Yonathan Klijnsma and Jordan Herman

Labs

Looking Ahead: RiskIQ’s 2019 Cybercrime and Cybersecurity Predictions

November 29, 2018

Team RiskIQ

External Threat Management

RiskIQ’s 2018 Black Friday E-commerce Blacklist: Key Online Threat Intel for This Year’s Mega Shopping Weekend

November 15, 2018

Team RiskIQ

External Threat Management

Inside Magecart: RiskIQ and Flashpoint Release Comprehensive Report on Cybercrime and the Assault on E-Commerce

November 13, 2018

Team RiskIQ

External Threat Management

CBS News: A Look Behind the Magecart Assault on E-commerce

November 1, 2018

Team RiskIQ

External Threat Management

Treat or Trick? Six Dangerous Digital Threats Dressed up As Irresistible Treats

October 30, 2018

Team RiskIQ

External Threat Management

Previous
1
2
3
4
5
…
34
35
Next

Search

Categories

External Threat Management (216)

Labs (81)

Analyst (75)

Magecart (14)

Interesting Crawls (6)

Connect with us

Featured Post

Inside the Magecart Breach of British Airways: How 22 Lines of Code Claimed 380,000 Victims

September 11, 2018

Yonathan Klijnsma

Tweets by @riskiq

RiskIQFollow

RiskIQ @RiskIQ·

The #Magecart supply-chain attack frenzy continues with AppLixir, RYVIU, OmniKick, eGain, AdMaxim, CloudCMS, and Picreel falling victim https://t.co/b7UWqL2PzW #BrowserThreats

Reply on Twitter Retweet on Twitter3 Like on Twitter6 Twitter

Retweet on Twitter RiskIQ Retweeted

Yᴏɴᴀᴛʜᴀɴ Kʟɪᴊɴsᴍᴀ@ydklijnsma·

Regarding Forbes: the skimmer was customized for Forbes, it wasn't an automated attack. Here's the rest of the infrastructure (not just for Forbes) they've been setting it up since January:

fontsawesome[.]ga
fontsawesome[.]cf
fontsawesome[.]tk
fontsawesome[.]ml
fontsawesome[.]gq

Reply on Twitter Retweet on Twitter6 Like on Twitter18 Twitter

Retweet on Twitter RiskIQ Retweeted

SmartRail News @SmartRailNews·

Fascinating learning about the cyber attacker's playbook from Yonathan Klijnsma: step 1: gain entry. 2. more reconnaissance 3. Theft, then profit #transportsecurity #TSC

Reply on Twitter Retweet on Twitter1 Like on Twitter5 Twitter

RiskIQ @RiskIQ·

Today at the #TransportSecurityCongress, RiskIQ's
@ydklijnsma spoke about the #Magecart breach of British Airways, which you can read more about here: https://t.co/cPqEqVVllj (Photo credit @SmartRailNews)

Reply on Twitter Retweet on Twitter1 Like on Twitter3 Twitter

Retweet on Twitter RiskIQ Retweeted

RiskIQ Community @PassiveTotal·

Context is everything! Here's how using Tags and Classifications in @RiskIQ PassiveTotal can get your team aligned and supercharge your investigations https://t.co/Wk5OfBZPu2 #ThreatHunting

Reply on Twitter Retweet on Twitter2 Like on Twitter2 Twitter