Dee Young, CISO, UNC Health; and
Kim Peretti, partner and co-chair, cybersecurity preparedness & response, Alston & Bird.
In this panel discussion hosted by Information Security Media Group and CyberTheory, these executives discuss: Asset discovery and its impact on cybersecurity exposure;
Misconfiguration and risk;
The importance of context. Hindawi co-founded Tanium in 2007 and serves as its CEO. He leads the product strategy and development of the Tanium platform, in addition to all customer-facing technical operations and management functions. Hindawi has led the development of enterprise-scale endpoint security and management platforms for the past 18 years at BigFix (acquired by IBM in 2010) and Tanium. He holds software patents in the areas of network communications and systems management.
Get Permission
Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a bulletproof hosting service called Media Land, according to a report from security firm RiskIQ.
During their investigation, the RiskIQ researchers found that thousands of domains used for JavaScript skimmers, phishing domains and other malicious infrastructure have been registered with Media Land since 2018 using at least two email addresses and other aliases.
The use of these so-called bulletproof hosting services helps to keep the malicious infrastructure used by cybercriminal groups and fraudsters hidden from law enforcement agencies, the report notes.
Jordan Herman, a threat researcher at RiskIQ and one of the authors of the report, notes that bulletproof hosting services, along with other underground services, support a robust ecosystem that allows Magecart groups to thrive.