Hackers Are Using Google Analytics to Steal Your Credit Card Information

Search Engine Journal | June 29, 2020

Hackers are using Google Analytics to steal credit cards, passwords, IP addresses... basically everything shared with a hacked site. An investigation by Kaspersky Lab has uncovered a new hacking technique that uses Google Analytics to steal credit card numbers, user agents, IP addresses, passwords… basically everything. This isn’t an exploit in Google Analytics itself. Hackers are exploiting the trusted status given to Google Analytics by all browsers in order to steal information from hacked sites by using Google Analytics as a way to transfer that data. Kaspersky’s report noted that the exploit is stealing everything that is shared with the affected website, including credit card information but presumably that means password information as well. The exploit apparently steals “everything” from passwords, name and address, credit cards and even the personal information of the person sharing their information.

Spotlight

Learn why the right endpoint technology is critical to a successful security strategy, and see the 4 key elements to consider.

Spotlight

Learn why the right endpoint technology is critical to a successful security strategy, and see the 4 key elements to consider.

Related News

SOFTWARE SECURITY

Cybersecurity Company Lumu Raises $8M, Signs Partnership with KnowBe4, the World's Largest Integrated Platform for Security Awareness Training

Lumu | August 08, 2022

Lumu, creators of the Continuous Compromise Assessment cybersecurity model that empowers organizations to measure compromise in real time, today announced it has closed an $8 million investment round, bringing total funding to $15.5 million. Led by Panoramic Ventures, the investment will serve as growth capital for sales and marketing initiatives to further Lumu's mission of helping organizations operate cybersecurity proficiently. Other investors include KnowBe4 Ventures, Lane Bess, former Zscaler and Palo Alto Networks executive, and Tom Noonan, former CEO at Internet Security Systems and the SoftBank Group's SB Opportunity Fund. "We are excited to continue to support Lumu through this phase of hypergrowth, as organizations across all verticals are realizing the value of measuring compromise within their networks and acting on this factual data immediately," said Paul Judge, Managing Partner of Panoramic Ventures. "The innovation Lumu is bringing to the market is evident and a true game-changer for cybersecurity operations." Lumu's Continuous Compromise Assessment model enables any organization to measure and understand compromise to close the breach detection gap from months to minutes continuously and intentionally. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem. The company has experienced hyper-growth in 2021 and 2022 and now has more than 3,100 organizations using its technology. The Lumu platform has analyzed more than 1 trillion metadata and detected more than 345 million adversarial contacts. "With today's economy, hiring constraints and the non-stop cyber threats, companies need tools that enable an accurate understanding of, and swift response to, potential attacks. "Our platform provides context at the granular level to understand each and every incident and the specific techniques used by attackers so that cybersecurity operators can mitigate malicious incidents and overall improve their cybersecurity stack. With cybercriminals quick to take advantage of economic downturns, this funding round emphasizes just how critical of a time it is for enterprises to prioritize protection and defense mechanisms." Ricardo Villadiego, Founder and CEO of Lumu The capital will also be used to scale the company's initiative to consistently attract exceptional talent to amplify the reach of Lumu's cyber industry-leading resilience message and to build credibility with target audiences to help companies of all sizes and verticals proficiently operate cybersecurity functions. KnowBe4 is one of the key investors joining Lumu's funding round. The companies will join forces to further their missions of enabling employees and security teams to make smarter security decisions every day. Miami-based Lumu is founded and led by Ricardo Villadiego, a successful second-time founder who is part of the SB Opportunity Fund's community of visionary Black, Latinx, and Native American entrepreneurs. About Lumu Headquartered in Miami, Florida, Lumu is a cybersecurity company focused on helping enterprise organizations illuminate threats and isolate confirmed instances of compromise. Applying principles of Continuous Compromise Assessment, Lumu has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection, gain real-time visibility across their infrastructure, and close the breach detection gap from months to minutes.

Read More

SOFTWARE SECURITY

Palo Alto Networks Unit 42 Helps Customers Better Address Cybersecurity Threats Through New Managed Detection and Response Service

Palo Alto Networks | August 05, 2022

The need for managed detection and response (MDR) is soaring as attack surfaces grow, cloud usage skyrockets and the cybersecurity skills gap widens. Palo Alto Networks, the global cybersecurity leader, today introduced Unit 42 Managed Detection and Response (Unit 42 MDR) to address this need with a new service that can offer continuous 24/7 threat detection, investigation and response. This offering brings together Palo Alto Networks acclaimed Cortex XDR with Unit 42's industry-leading threat intelligence, which includes insights from incident response cases. Because Unit 42 MDR is built on Cortex XDR, it is optimized to not just prioritize alerts but also to massively reduce the number of alerts customers receive. This helps customers detect more suspicious activity than they would have otherwise. "As cyberattacks continue to rise, many organizations are being asked to handle advanced threats with limited resources and without the right expertise. This will not lead to good results. "Palo Alto Networks Unit 42 brings a unique combination of innovative cybersecurity technologies and a world-class threat intelligence team which allows us to provide customers with rapid detection and response to critical cyberthreats." Wendi Whitmore, senior vice president, Palo Alto Networks Unit 42 The new Unit 42 MDR service offers customers cybersecurity experts to help identify and respond to security alerts and potential threats in real time, enabling businesses to focus security operations (SecOps) personnel on other organizational security priorities. The service provides organizations with monitoring, threat hunting and response/remediation capabilities, including: Continuous Monitoring & Response: Security experts monitor alerts, events and indicators 24x7x365. The Unit 42 MDR team uses a mix of proprietary processes, infrastructure and enrichment to accelerate detection, response and threat hunting to help quickly stop malicious activity most likely to impact your organization. Proactive Threat Hunting: World-class threat hunters search environments for complex attacks using deep knowledge of XDR data sources and the latest threat intelligence from Palo Alto Networks. This helps organizations stay ahead of emerging attack campaigns, malware and vulnerabilities. Security Posture Optimization: Experts provide periodic health checks of an organization's posture and detailed recommendations on policy changes to help facilitate addressing risks before they become issues. "Cyberattacks are emerging and evolving faster than ever," said Tom Osteen, CIO, Enloe Medical Center. "Intervening and addressing threats at the earliest stage is crucial. With Unit 42 MDR we have confidence that we can quickly identify and stop malicious activity to help keep our organization safe and secure." In a recent report, IDC said, "It is not a surprise to state that organizations continue to struggle with persistent security talent shortages and the rising costs to retain these scarce security resources. Security teams with already limited resources are overwhelmed by the heavy workload and responsibility." The report also stated, "Organizations are analyzing their current risks and accelerating their security services investments to ease pressure on their teams and strengthen their overall security posture to meet the growing cyberthreats."* About Cortex XDR Cortex XDR® is the world's first detection and response solution that natively integrates network, endpoint and cloud data to stop sophisticated attacks. It is designed to stop attacks with the power of AI and comprehensive data. XDR is critical to effective security. The latest Palo Alto Networks 2022 Unit 42 Incident Response Report highlights that when a breach occurs, 44% of the cases involved a business that did not have or did not fully deploy an endpoint detection and response or XDR security solution. About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

SOFTWARE SECURITY

Turing AI Launches Search Attribute in Video Security Platform

Turing AI | June 16, 2022

Turing AI has added people attribute search, a game changing feature in AI Security, to their flagship AI-powered video security platform Turing Vision. Whereas other camera-based security system depends on facial recognition and object detection alone to safeguard facilities and locate events, people attribute search adds several factors to identification, enhancing speed and accuracy of finding and recognizing people at the scene of events. With the inclusion of individuals attribute search, customers can now search for a people inside Turing Vision based on: Object detection of people Identity detections based on facial recognition* Attribute detection* based on: Clothing color, long or short sleeve shirts; pants vs. shorts Bags Hats Weiwei Chen, VP of Engineering at Turing AI said that, “Security is the number one priority for our clients. With the addition of people attribute search, we now have three algorithms: object detection, identity recognition and attribute detection to improve both the speed and accuracy of evidence collection significantly, allowing our clients to streamline their security workflow.” Turing AI is committed to guarantee its platform comply with applicable regulations. Activation depends on state regulations and the compliance with Biometric Information Protection Act (BIPA) (BIPA). Please refer to our privacy policy, and compliance available. Ron Rothman, President of Turing AI emphasized on “I truly believe this is where the industry is heading when it comes to AI security and Turing AI is proud to be among the leaders implementing this technology.” Ron broke it down this way, “People are more likely to accurately remember clothing and accessories rather than the physical description of a person. People attribute Search broadens the spectrum of elements when it comes to identification. For example, if someone suspicious near the scene was wearing a short-sleeved red shirt and a hat, clients can search for those attributes rather than relying solely on remembering race, eye color or hair color, which can be challenging when someone is wearing a hat.”

Read More