The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned

The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned

Ticketmaster UK, a leading ticketing company and part of Ticketmaster, has been fined £ 1.25 million by the Information Commissioner’s Office (ICO) as it failed to protect customer data during the infamous February 2018 data breach. The company is still not taking ownership of the breach, caused by a third-party ...

Content Security Policy (CSP): Not Exactly a Magecart Vaccine

Content Security Policy (CSP): Not Exactly a Magecart Vaccine

With millions of buyers escalating their online activity ahead of Black Friday and the holiday season, it’s important for eCommerce websites and online businesses to combat Magecart and web-skimming issues in a proactive and relentless manner. Can the proven and tested Content Security Policy (CSP) get the job done? Without ...

How Black Friday and Cyber Monday Can Go From a Retailer’s Dream Into a CiSO’s Worst Nightmare

How Black Friday and Cyber Monday Can Go From a Retailer’s Dream Into a CiSO’s Worst Nightmare

The shopping season which begins on Black Friday rolling over to Cyber Monday, is actually one of the most critical times for online retailers. During this period promotions are offered, new products are launched, and the shopping websites themselves invest all their resources to increase the volume of purchases. Unfortunately, ...

The Cybersecurity Effects of Fourth-Parties on Websites

The Cybersecurity Effects of Fourth-Parties on Websites

Fourth party apps on websites are commonly referred to as “the vendor’s vendor code”. Fourth-party apps may offer additional benefits, but at the same time they also carry a set of threats while running on your websites. For your users, they are all, first-parties. In this article, we will refer ...

The Gocgle Malicious Campaign

The Gocgle Malicious Campaign

Can You Spot the Difference Between Gocgle and the Real Thing? Read our special report about Gocgle malicious campaign.  A new web skimming campaign, starting from the end of 2019, is impersonating Google web products in order to collect sensitive information from users on eCommerce websites. During the last few ...

Compliance for Third-Party scripts on your website and how to ensure it

Compliance for Third-Party scripts on your website and how to ensure it

A guest whitepaper publication by Reflectiz’ Dutch partner Cert2Connect It has been our privilege to partner with Cert2Connect over the last 12 months. We have discovered that they are one of the most proficient organizations in the cyber-security market. So, it didn’t come to us as a surprise that they ...

The Risks of Ex-Domain Re-use on Websites and How to Stay Protected Against It

The Risks of Ex-Domain Re-use on Websites and How to Stay Protected Against It

This article seeks to address a serious issue that has been detected by our platform, including in major enterprises. It concerns the risk of using an undetected “Ex-Domain” (expired domain) on websites, demonstrating the many threats that lurk as a result of this situation. The Challenges of Using Third-Party Domains ...

The Coronavirus Impacts on Cybersecurity

The Coronavirus Impacts on Cybersecurity

Protecting Your Website Against Major Threats, Supply-Chain Attacks and Client’s Side Risks During Coronavirus Times The Coronavirus (Covid-19) outbreak has now officially been declared a global pandemic by the World Health Organization (WHO). As well as causing unexpected health problems, it is also impacting the economies. Hackers are already knocking ...

Pipka: A New Breed of Anti-Forensic Malicious JavaScript

Pipka: A New Breed of Anti-Forensic Malicious JavaScript

Pipka is one of the most interesting and notorious types of JavaScript skimmers we’ve seen so far. It brings higher level of sophistication, creativity and boldness like never before, as well as putting harder challenges to website security practices. In November 2019 the Visa Payment Fraud Disruption (PFD) team exposed ...