Expert(s):
Security Evangelist feature_status*/ ?>
PerimeterX

Comments Dotted : 28
January 14, 2021

Expert Insight On Critical “Orbit Fox” WordPress Plugin Vulnerability
Attackers can plant malware, steal data and hijack users to nefarious sites.

With more than 30 percent of the web currently powered by WordPress, it remains an attractive target for attackers. These two vulnerabilities in the Orbit Fox plugin —a cross-site scripting flaw and a privilege-escalation bug with a CVSS bug-severity score of 9.9— together could allow attackers the ability to inject malicious Javascript code into exposed websites with the goal of taking over control of them. Attackers can then plant malware, steal data and hijack users to nefarious sites.

.....Read More

With more than 30 percent of the web currently powered by WordPress, it remains an attractive target for attackers. These two vulnerabilities in the Orbit Fox plugin —a cross-site scripting flaw and a privilege-escalation bug with a CVSS bug-severity score of 9.9— together could allow attackers the ability to inject malicious Javascript code into exposed websites with the goal of taking over control of them. Attackers can then plant malware, steal data and hijack users to nefarious sites. Such techniques have been used to launch Magecart attacks against thousands of e-commerce sites resulting in the theft of millions of credit card numbers.

  Read Less
December 04, 2020

Payment Skimmer Hides In Social Media Buttons
Digital skimmers are constantly evolving new methods to evade detection by scanners.
Digital skimmers are constantly evolving new methods to evade detection by scanners. PerimeterX researchers have seen code obfuscation tool kits like Caesar+ used to hide the logic, and thus the true intent of malicious code, as well as the use of steganography where code is hidden in images and other innocuous resources. While scanners are a useful tool for analyzing a website for vulnerabilities, attacks such as these can fly under the radar, leading to weeks-long infections that leak.....Read More
Digital skimmers are constantly evolving new methods to evade detection by scanners. PerimeterX researchers have seen code obfuscation tool kits like Caesar+ used to hide the logic, and thus the true intent of malicious code, as well as the use of steganography where code is hidden in images and other innocuous resources. While scanners are a useful tool for analyzing a website for vulnerabilities, attacks such as these can fly under the radar, leading to weeks-long infections that leak thousands of credit card numbers from e-commerce sites. These credit card numbers are sold on the dark web, fueling an endless cycle of payment fraud with costs ultimately borne by the online merchants. Businesses need full runtime visibility into their customer-facing websites to detect and stop such attacks. Client-side application security solutions can provide continuous visibility into all script activity on a website, making it near impossible for digital skimming attacks to hide. Consumers must continue to monitor their credit card transactions and immediately report any suspicious activity to their card issuer.  Read Less
November 24, 2020

Hoard Of Spotify User Data Exposed By Hackers’ Careless Security Practices – Experts Reaction
Businesses need to protect their login pages from ATO attacks using bot management solutions.
Hackers can profit enormously from credentials present in large database leaks such as these. Since a large number of users reuse their passwords across multiple services, hackers run credential stuffing attacks to check the validity of these credentials against multiple services. These automated attacks, also known as Account Takeover (ATO) are growing in size and scope, up 72 percent over the prior year. Businesses need to protect their login pages from ATO attacks using bot management.....Read More
Hackers can profit enormously from credentials present in large database leaks such as these. Since a large number of users reuse their passwords across multiple services, hackers run credential stuffing attacks to check the validity of these credentials against multiple services. These automated attacks, also known as Account Takeover (ATO) are growing in size and scope, up 72 percent over the prior year. Businesses need to protect their login pages from ATO attacks using bot management solutions. Users must use strong, unique passwords on each service and use multi-factor authentication where possible.  Read Less
November 20, 2020

Experts On New Grelos Skimmer Variant Reveals Overlap in Magecart Activities
Website owners must continue to protect their sites and their users’ data.
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given.....Read More
One of our predictions for 2021 is that cybercriminal communities will get stronger. The findings about the Grelos skimmer are indicative of the overlap and collaboration between underground communities sharing tools and knowledge. Earlier this year, PerimeterX researchers uncovered Magecart gangs offering skimming-as-a-service toolkits such as Inter, as well as multiple magecart attacks operating on websites simultaneously. It is no longer feasible or useful to identity specific groups given the extent of the overlap behind the scenes. Website owners must continue to protect their sites and their users’ data by securing their applications and using runtime client-side security solutions. Consumers shopping online must continue to be vigilant about credit card theft and regularly monitor their credit reports.  Read Less
November 19, 2020

Hackers Probing 1.5 Million WordPress Sites With Epsilon Framework Themes
Shadow Code introduced via third-party plugins and frameworks vastly expands the attack surface for websites.
The security flaws on WordPress websites in themes using the Epsilon Framework are just another example of this contact management system’s inherent security risks. Shadow Code introduced via third-party plugins and frameworks vastly expands the attack surface for websites. Website owners need to be vigilant about third-party plugins and framework and stay on top of security updates. Consumers must continue to be vigilant while shopping online, use multi-factor authentication where allowed.....Read More
The security flaws on WordPress websites in themes using the Epsilon Framework are just another example of this contact management system’s inherent security risks. Shadow Code introduced via third-party plugins and frameworks vastly expands the attack surface for websites. Website owners need to be vigilant about third-party plugins and framework and stay on top of security updates. Consumers must continue to be vigilant while shopping online, use multi-factor authentication where allowed and continue to monitor their credit reports for signs of identity theft.  Read Less
November 13, 2020

Experts Reacted On The North Face Credential Stuffing Attack
Businesses must protect their consumers’ accounts by requiring multi-factor authentication where possible.
Given the vast volume of stolen credentials out there, hackers launch credential stuffing attacks using automated bots. Compromised accounts can give hackers access to personal information, including usernames, passwords, and credit card numbers, which further fuel the cycle of attacks. Automated attacks such as these not only expose businesses to data breaches and compliance penalties but also increase operational costs. Businesses must protect their consumers’ accounts by requiring.....Read More
Given the vast volume of stolen credentials out there, hackers launch credential stuffing attacks using automated bots. Compromised accounts can give hackers access to personal information, including usernames, passwords, and credit card numbers, which further fuel the cycle of attacks. Automated attacks such as these not only expose businesses to data breaches and compliance penalties but also increase operational costs. Businesses must protect their consumers’ accounts by requiring multi-factor authentication where possible, for example by requiring biometrics on mobile devices, and by using bot management solutions to stop automated attacks. Consumers must ensure the use of strong passwords by using password managers and by turning on multi-factor authentication on their end as well. They must also continue to monitor their credit report for signs of identity theft.  Read Less
September 04, 2020

Warner Music Discloses Months-long Web Skimming Incident: Expert Commentary
Only 8% of organizations have complete insight into this Shadow Code, which creates a major security blind spot.
Digital skimming and Magecart attacks continue to be a lucrative source of revenue for hackers as they continue to seek large targets for maximum payouts. For example, data stolen from an attack on another e-commerce platform in 2019 was valued at $133M on the dark web. Third-party platforms, scripts and services are ideal targets for attackers because the techniques can be reused to steal data from multiple e-commerce sites. Only 8% of organizations have complete insight into this Shadow.....Read More
Digital skimming and Magecart attacks continue to be a lucrative source of revenue for hackers as they continue to seek large targets for maximum payouts. For example, data stolen from an attack on another e-commerce platform in 2019 was valued at $133M on the dark web. Third-party platforms, scripts and services are ideal targets for attackers because the techniques can be reused to steal data from multiple e-commerce sites. Only 8% of organizations have complete insight into this Shadow Code, which creates a major security blind spot. Hackers exploit this to carry out digital skimming attacks leading to client-side data breaches and compliance penalties. Businesses must take control of Shadow Code in their web and mobile applications by following basic security best practices and by leveraging runtime behavioral analysis to detect and stop hidden code from compromising their user data. Consumers must also continue to be vigilant about their personal data and monitor their credit reports for signs of fraudulent activity.  Read Less
September 01, 2020

American Payroll Association Breached – Expert Reaction
This Shadow Code, introduced without formal approvals or security validation.
Client-side data breaches are a major risk to organizations in the era of stronger data privacy regulations such as CCPA. This attack on the American Payroll Association’s websites affected not only the payment page but also the login page, resulting in theft of usernames and passwords. The APA is an attractive target for Magecart attackers since their members have access to tools and systems that contain payroll data for millions of individuals. The attackers can brute force other payroll.....Read More
Client-side data breaches are a major risk to organizations in the era of stronger data privacy regulations such as CCPA. This attack on the American Payroll Association’s websites affected not only the payment page but also the login page, resulting in theft of usernames and passwords. The APA is an attractive target for Magecart attackers since their members have access to tools and systems that contain payroll data for millions of individuals. The attackers can brute force other payroll systems using the same stolen credentials to find other account takeover targets. Digital skimming and Magecart attacks take advantage of Shadow Code in websites introduced via third-party scripts, open source libraries or third-party plugins for content management systems. This Shadow Code, introduced without formal approvals or security validation, can expose websites to client-side attacks leading to data breaches and compliance violations. Businesses must take steps to manage the Shadow Code risks by applying timely security patches and upgrading vulnerable open source libraries and third-party plugins. In addition, client-side application security solutions can provide full runtime visibility and control over all scripts and prevent client-side data breaches. Consumers must ensure that they use unique passwords and multi-factor authentication for different websites to minimize the risk of account takeover (ATO) attacks, and must continue to monitor their credit reports for signs of identity fraud.  Read Less
August 25, 2020

Popular iOS SDK Steals Click Revenue From Other Ad Networks – Expert Insight
This Shadow Code—introduced without proper approvals or security validation—vastly expands the attack surface for any organization.
Open source libraries and third-party SDKs are an inevitable reality for modern web and mobile applications. This Shadow Code—introduced without proper approvals or security validation—vastly expands the attack surface for any organization. While SDKs such as Mintegral can significantly cut down on development time and costs, they include hidden behaviors and with unexpected consequences. Along with ad fraud, this also exposes businesses to potential client-side data breaches, running afoul .....Read More
Open source libraries and third-party SDKs are an inevitable reality for modern web and mobile applications. This Shadow Code—introduced without proper approvals or security validation—vastly expands the attack surface for any organization. While SDKs such as Mintegral can significantly cut down on development time and costs, they include hidden behaviors and with unexpected consequences. Along with ad fraud, this also exposes businesses to potential client-side data breaches, running afoul of data privacy regulation such as CCPA and GDPR. Businesses must take control of Shadow Code in their web and mobile applications by following basic security best practices and by leveraging runtime behavioral analysis to detect and stop hidden code from compromising their user data. Consumers must continue to be vigilant about their personal data and monitor their credit reports for signs of fraudulent activity.  Read Less
August 24, 2020

Multiple Vulnerabilities In Discount Rules For WooCommerce Plugin – Comment
Consumers must also continue to safeguard their personal data and monitor their credit history for signs of fraud.
Third-party plugins are an attractive target for hackers seeking to compromise e-commerce sites. Attackers can use XSS vulnerabilities to gain privileged access to a website and plant malicious Shadow Code that can steal user data, spread malware or hijack users to nefarious sites. Such techniques have been used to take over and launch Magecart attacks against thousands of e-commerce sites, resulting in the theft of millions of credit card numbers. Website owners using platforms such as.....Read More
Third-party plugins are an attractive target for hackers seeking to compromise e-commerce sites. Attackers can use XSS vulnerabilities to gain privileged access to a website and plant malicious Shadow Code that can steal user data, spread malware or hijack users to nefarious sites. Such techniques have been used to take over and launch Magecart attacks against thousands of e-commerce sites, resulting in the theft of millions of credit card numbers. Website owners using platforms such as WooCommerce need to thoroughly review third-party plugins and ensure they upgrade to the latest versions to minimize the odds of such attacks. Consumers must also continue to safeguard their personal data and monitor their credit history for signs of fraud.  Read Less