Blog

As the end of 2020 is approaching, we see more evidence of the rising risks relating to installed third-party apps running on websites. In this month’s top 3 events we will review the 102-day Warner Music Group breach, how web skimmers were able to use Telegram, and the most interesting UltraRank ...

The shopping season which begins on Black Friday rolling over to Cyber Monday, is actually one of the most critical times for online retailers. During this period promotions are offered, new products are launched, and the shopping websites themselves invest all their resources to increase the volume of purchases. Unfortunately, ...

You might have recently heard that eBay is performing port scanning, while online shoppers are visiting their website. At first glance, it will probably sound a bit strange, as port scanning is an internal network action. As such, it is designed to detect services and should not be related to ...

Version 2.8 Goes LIVE!  Almost any organization today uses dozens of websites and subdomains. Each provides essential functions and uses dozens of third-party apps and tags to produce its capabilities. Those assets are managed by multiple teams on the enterprise level and medium-large organizations, requiring different conduct and high-level attention. ...

Fourth party apps on websites are commonly referred to as “the vendor’s vendor code”. Fourth-party apps may offer additional benefits, but at the same time they also carry a set of threats while running on your websites. For your users, they are all, first-parties. In this article, we will refer ...

3 Web Third-Party Related Events You Don’t Want to Miss from May-June 2020  As always, we are working day and night to bring you the top 3 news picks related to third-party risks on websites. In this post we will review the “new trend” of ongoing attacks that remain undiscovered. ...

Meet the Next Generation of Website Threats: The Hidden Risks of Third-Party Apps  Learn everything you need to know about the invisible dangers of third-party apps on websites. We’ll take you all the way from detection to effective mitigation. You will meet Magecart attacks, learn why you are accountable for ...

Can You Spot the Difference Between Gocgle and the Real Thing? Read our special report about Gocgle malicious campaign.  A new web skimming campaign, starting from the end of 2019, is impersonating Google web products in order to collect sensitive information from users on eCommerce websites. During the last few ...

A guest whitepaper publication by Reflectiz’ Dutch partner Cert2Connect It has been our privilege to partner with Cert2Connect over the last 12 months. We have discovered that they are one of the most proficient organizations in the cyber-security market. So, it didn’t come to us as a surprise that they ...