3 Web Third-Party Related Events from the Web You Don’t Want to Miss – December 2019
Welcome to Reflectiz team news pick from November and December 2019. These months were particularly busy for us. Our team participated in 2 important conferences – InfoSecurity North-America and e-Crime & Cybersecurity Benelux, presenting to CiSOs and cyber-security teams the next generation of web third-party risk mitigation solution. Busy as it can be, our staff still got you the best highlighted news pieces about third-party risks, Magecart attacks and other must-read cybersecurity updates. Read on!
“A decade of hacking: The most notable cyber-security events of the 2010s”
The second one refers to the fact that the Magecart cybercrime group went mainstream. This is surely one of the most important wakeup calls that every security team member must take into account from now on.
Read the original article by Catalin Cimpanu, ZDNet: A decade of hacking: The most notable cyber-security events of the 2010s
“7 Alarming Signs That Magecart Attacks Are Here to Stay”
Read the original article by Syed Hassan, HackerNoon: 7 Alarming Signs That Magecart Attacks Are Here to Stay
“Macy’s Customer Payment Info Stolen in Magecart Data Breach”
In mid-November 2019 Macy’s officials announced the following statement: “On October 15, 2019, we were alerted to a suspicious connection between macys.com and another website. Our security teams immediately began an investigation. Based on our investigation, we believe that on October 7, 2019 an unauthorized third party added unauthorized computer code to two (2) pages on macys.com.”
According to the announced the data breach involved malicious scripts that stole customer’s payment information. Unsurprisingly, the breach was identified as another Magecart attack and as in previous attacks, the breach was discovered only after few days. This incident adds Macy’s to a long list of high-profile companies such as British-Airways, NewEgg, Ticketmaster and Forbes that were hit by the Magecart cybercrime group.
Read the original article by Lawrence Abrams, Bleepingcomputer: Macy’s Customer Payment Info Stolen in Magecart Data Breach