Misconfiguration Errors Are A Magecart Delight

As Originally published in Forbes

Magecart Attacks & Digital Skimming

Ido Safruti is the Founder and CTO at PerimeterX, a provider of behavior-based threat protection for the web, cloud and mobile.

Harried SREs and DevOps teams are tasked with managing increasingly complex web applications. This means, more and more, a growing thicket of cloud services, third-party software and third-party libraries, all of which must be configured or managed to some degree. So it’s no surprise that Verizon’s 2020 DBIR highlighted misconfiguration errors as the fastest-growing source of data breaches.

This trend has been duly noted by multiple Magecart gangs, in particular with regard to Amazon S3 storage buckets. In truth, though, S3 is but one of many types of shared resources that Magecart gangs could potentially target in future attacks. More broadly, shared resources within an organization are becoming premium targets for bad actors seeking to do damage to more than one web application and leverage internal efficiency efforts at app companies for broader economies of scale in Magecart attacks. These attacks on shared resources can scale widely (some of the S3 attacks have been “spray and pray”) and result in millions of dollars in damages per instance of compromise.

Why Magecart Gangs Target S3 And Other Common Services

Magecart gangs are a loose collection of malicious hacker groups that compromise front-end code on websites and insert malicious code specifically to skim valuable and sensitive data from site visitors (also called formjacking). That data could be credit card or bank account numbers, or it could be email and password combinations. Magecart includes two types of attacks. The first is by directly altering code on a website or cloud service that provides code to a website. The second is by attacking third-party JavaScript libraries and services that website operators embed on their websites to add functionality.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at:

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)