logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

Stop the looters: a method to detect digital skimming attacks

Conference:  OWASP 20th Anniversary Event
Authors: Nikolaos Alexiou
2021-09-24

tldr - powered by Generative AI

The presentation discusses the importance of detecting digital scheming attacks and presents a method to do so using one-way hash functions. It also highlights the challenges in implementing detection methods and suggests ways to make it harder for attackers to exploit vulnerabilities.
  • Digital scheming attacks often happen through JavaScript and can exploit vulnerabilities in third-party components or infrastructure.
  • Patching and keeping third-party components up to date is important for security hygiene.
  • Content security policies and script integrity checks can make it harder for attackers to exploit vulnerabilities.
  • One-way hash functions can be used to detect changes in source code and alert security teams.
  • Implementing detection methods can be challenging for development teams, especially in smaller companies with limited resources.
  • Automated tools like Suricata JS can help detect digital scheming attacks and alert security teams.
Tags:
Magecart
British Airways
Ticketmaster
Forbes
Newegg