Event Details

CYBER THURSDAY: Web Session Attacks – Exploring the Mitigation Options for Addressing the Acceleration of Magecart and Formjacking

April 25: 3:00 – 4:00 p.m. EST // 2:00 – 3:00 p.m. CST // noon – 1:00 p.m. PST

Magecart and formjacking attacks are quite possibly one of the single biggest threats facing digital commerce today.

Recent evidence points to nearly 5,000 websites being compromised per month. The problem is that 3rd party JavaScript tools, integrated onto every website, provide the 3rd party, or an attacker who has compromised the website supply chain, with nearly unlimited access to every element of a web page during a customer browser session. Websites typically integrate dozens of these 3rd party services to deliver rich experiences, features and analytics that result in a more compelling website. These attacks are attractive to threat actors since they scale very effectively allowing the attacker to impact every website served the 3rd party code.

This comprehensive mitigation approaches overview is intended to assist security teams with evaluating the various options they have for addressing this pervasive threat from attackers like the Magecart group and attack types like formjacking.

In this session, Source Defense’s U.S. Office General Manager and Chief Revenue Officer Ross Hogan and Senior Researcher and Analyst Matt McGuirk will discuss:

  • Introduction to web session attacks (Magecart/Formjacking)
  • Discussion of the universal client-side flaw introduced via the website supply chain
  • Examination of the various mitigation options
  • Tools and consultation available to assist organizations with understanding risk specific to their owned web properties

Webinar eligibility: open to RH-ISAC Core members and non-member retail and hospitality cybersecurity practitioners who are eligible for membership. Email events@rhisac.org for more information on registering today!