One of the biggest challenges we face while helping our customers mitigate third-party risks, is that not all incidents are clear cut, as in not everything is “good vs. evil”. Some vendors should have access to users’ data, while some should not. Some applications are managed by the marketing department, ... Read More

3 Web Third-Party Related Events You Don’t Want to Miss from May-June 2020  As always, we are working day and night to bring you the top 3 news picks related to third-party risks on websites. In this post we will review the “new trend” of ongoing attacks that remain undiscovered ... Read More

Can You Spot the Difference Between Gocgle and the Real Thing? Read Our Special Report About Gocgle Malicious Campaign A new web skimming campaign, starting from the end of 2019, is impersonating Google web products in order to collect sensitive information from users on eCommerce websites. During the last few ... Read More

A guest whitepaper publication by Reflectiz’ Dutch partner Cert2Connect It has been our privilege to partner with Cert2Connect over the last 12 months. We have discovered that they are one of the most proficient organizations in the cyber-security market. So, it didn’t come to us as a surprise that they ... Read More

Welcome to Reflectiz’ news picks from the first four months of 2020. The outbreak of Covid-19 is undoubtedly one of the most dramatic events in modern history. Unsurprisingly, this global crisis and even the universal solidarity, hasn’t stopped hackers and threat actors. Over this period, we have seen increased malicious ... Read More

This article seeks to address a serious issue that has been detected by our platform, including in major enterprises. It concerns the risk of using an undetected “Ex-Domain” (expired domain) on websites, demonstrating the many threats that lurk as a result of this situation. The Challenges of Using Third-Party Domains ... Read More

Crazy days. All of us are facing new and unfamiliar challenges. If you think about staying at home from an employment perspective, even the tiniest tasks become more complicated. For many, it is about the ability to contribute to their organization and bring essential value, but for cyber-security professionals, it ... Read More

Protecting Your Website Against Major Threats, Supply-Chain Attacks and Client’s Side Risks on Coronavirus Times The Coronavirus outbreak has now officially been declared as a global pandemic by the World Health Organization. Along with causing severe health and economic consequences. Clearly, hackers are already knocking on virtual gateways, looking for ... Read More

If You’re Going to San-Francisco… 😎 it’s time to meet us at RSA® Conference 2020! Visit Us, We’re at Booth 735M Stop by our booth 735M at RSA® Conference 2020 to meet the next generation of third-party application security and make sure you’re one step ahead of the next Magecart ... Read More

Pipka is one of the most interesting and notorious types of JavaScript skimmers we’ve seen so far. It brings higher level of sophistication, creativity and boldness like never before, as well as putting harder challenges to website security practices. In November 2019 the Visa Payment Fraud Disruption (PFD) team exposed ... Read More