In Retrospect: The SolarWinds Attack

In Retrospect: The SolarWinds Attack

The recently exposed SolarWinds supply chain attack is one of the biggest cybersecurity events in recent memory. It created a ripple effect that will be felt for years to come on a ...
3 Web Third-Party Related Events You Don’t Want to Miss from December 2020

3 Web Third-Party Security Related Events You Don’t Want to Miss: January 2021

| | attacks, Blog, Insights, Magecart
2020 concluded with a flurry of cybersecurity incidents and developments that are making companies rethink their third-party application security strategy. The legal consequences of regulatory hiccups, financial implications of data breaches, and ...
3 Web Third-Party Related Events You Don’t Want to Miss from October - December 2020

3 Web Third-Party Related Events You Don’t Want to Miss From October-December 2020

With COVID-19 still very much amongst us, online activity is continuing its global ascend. The security implications are also clear. Third-party applications running on websites are creating numerous risks and blind-spots that ...
The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned

The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned

Ticketmaster UK, a leading ticketing company and part of Ticketmaster, has been fined £ 1.25 million by the Information Commissioner’s Office (ICO) as it failed to protect customer data during the infamous ...
Content Security Policy (CSP): Not Exactly a Magecart Vaccine

Content Security Policy (CSP): Not Exactly a Magecart Vaccine

With millions of buyers escalating their online activity ahead of Black Friday and the holiday season, it’s important for eCommerce websites and online businesses to combat Magecart and web-skimming issues in a ...
WebSocketsBlog1v3_11.10.png

A new skimmer uses WebSockets and a fake credit card form to steal sensitive data

A new skimmer attack was discovered this week, targeting various online e-commerce sites built with different frameworks. As of the writing of this blog post, the attack is still active and exfiltrating ...
Cyber Security Roundup for November 2020

Cyber Security Roundup for November 2020

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, October 2020.London's Hackney Borough Council has been tight-lipped about "a ...
ClientSideProtectionBlog1, 11.3.png

Client-Side Protection is Key to Web Application Security

The Open Web Application Security Project (OWASP) Foundation defines script attacks as a "type of injection in which malicious scripts are injected into otherwise benign and trusted websites." From the perspective of ...