The Gocgle Malicious Campaign

The Gocgle Malicious Campaign

Can You Spot the Difference Between Gocgle and the Real Thing? Read our special report about Gocgle malicious campaign.  A new web skimming campaign, starting from the end of 2019, is impersonating Google web products in order to collect sensitive information from users on eCommerce websites. During the last few ...

3 Web Third-Party Related Events You Don’t Want to Miss from early 2020

3 Web Third-Party Related Events You Don’t Want to Miss from early 2020

Welcome to Reflectiz’ news picks from the first four months of 2020. The outbreak of Covid-19 is undoubtedly one of the most dramatic events in modern history. Unsurprisingly, this global crisis and even the universal solidarity, hasn’t stopped hackers and threat actors. Over this period, we have seen increased malicious ...

Immediate Free Website Protection Against Third-Party Risks During the Covid-19 Crisis 

Immediate Free Website Protection Against Third-Party Risks During the Covid-19 Crisis 

Supply-chain attacks, website third-party risks, client-side threats, Magecart attacks, foam-jacking…, It’s all there, threatening your most valuable asset. Today these threats become more crucial as more online services are added, in many cases without prior security controls. Don’t Stress! We have you covered during the Coronavirus crisis! So, what’s inside ...

The Coronavirus Impacts on Cybersecurity

The Coronavirus Impacts on Cybersecurity

Protecting Your Website Against Major Threats, Supply-Chain Attacks and Client’s Side Risks During Coronavirus Times The Coronavirus (Covid-19) outbreak has now officially been declared a global pandemic by the World Health Organization (WHO). As well as causing unexpected health problems, it is also impacting the economies. Hackers are already knocking ...

3 Third-Party Application Security Insights of the Last Years
January 16, 2020

3 Third-Party Application Security Insights of the Last Years

WOW, 2019 was a busy year, but if you look at the decade that ended recently, it was hectic! For the beginning of the 2020’s and to celebrate the end of the second decade, we’ve collected 3 of the most influential and interesting web third-party events. It was a hard ...

Pipka: A New Breed of Anti-Forensic Malicious JavaScript
December 23, 2019

Pipka: A New Breed of Anti-Forensic Malicious JavaScript

Pipka is one of the most interesting and notorious types of JavaScript skimmers we’ve seen so far. It brings higher level of sophistication, creativity and boldness like never before, as well as putting harder challenges to website security practices. In November 2019 the Visa Payment Fraud Disruption (PFD) team exposed ...

Magecart Hacking Groups: How They Are Expanding Their Limits Beyond the “Regular” E-Commerce Websites
September 15, 2019

Magecart Hacking Groups: How They Are Expanding Their Limits Beyond the “Regular” E-Commerce Websites

Magecart, the notorious e-commerce hacking group, has lately started targeting many other forms of online services and businesses. The adversaries have developed sophisticated tools and techniques, and are constantly evolving new and innovative ways to target business enterprises.   Magecart – The Notorious Skimming Groups Magecart today is a well-known ...

Magecart Executed Their Recent Attacks On The Amazon S3 Bucket: Why Do You Need To Worry If Your Website Uses Web-Third-Party Components?
July 21, 2019

Magecart Executed Their Recent Attacks On The Amazon S3 Bucket: Why Do You Need To Worry If Your Website Uses Web-Third-Party Components?

Magecart, a well-known hacking group was behind some of the highly targeted attacks on websites using web-third-party component; Know why do you need to be on high alert if your website or web app uses web-third-party components   About The Attack Magecart is a well-known hacking group that had mainly ...

British-Airways Magecart Third-party Breach Leads to a $230 Million GDPR Fine
July 9, 2019

British-Airways Magecart Third-party Breach Leads to a $230 Million GDPR Fine

According to the Information Commissioner Office in the UK (ICO) a notice has been issued to British-Airways of its intention to fine airliner $230 million (£183.39M) for “infringements of the General Data Protection Regulation (GDPR)”. The reason for the planned penalty is last year’s BA data breach of around 500 ...