A special interest for web threats.
June 27, 2019 - We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.
June 26, 2019 - The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.
June 4, 2019 - Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.
May 21, 2019 - Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something's not right when they are redirected to the real (and external) payment form.