Researchers from cybersecurity company Palo Alto Networks warn that cyberattacks are launched on the supply chain of software to hack sites with high traffic.On real estate websites, cybercriminals place a malicious script (skimmer) that steals data entered by visitors. In cyberattacks on supply chains, cybercriminals use cloud-based video hosting.
For example, an online booking form may ask for the personal data of a website user and billing information. If this site was vulnerable to skimming attacks, attackers could intercept the data.
In total, Unit42 researchers reportedly found more than 100 web resources compromised by the campaign.
All websites in question were owned by the same parent company, whose name was not disclosed. Unit 42 researchers briefed the organization and helped remove the malware.
As these types of attacks continue to evolve, becoming more sophisticated and intelligent, Palo Alto Networks invites enterprises to focus on the basics: develop a defence strategy that includes more than just perimeter-based security. assume that cloud services are inherently secure without due diligence, and prioritize new data-centric security techniques such as tokenization and format-preserving encryption that can apply protection directly to sensitive data that attackers hunt.
You may also be interested to know that Attackers use Google Analytics for web skimming, and also that Attackers abusing Google Apps Script to steal bank card details.
User Review( votes)