Security News > 2020 > May > Debunking myths related to client-side security and Magecart attacks

Debunking myths related to client-side security and Magecart attacks
2020-05-14 05:30

The client-side landscape has been overrun by third-party script attacks executed by malicious attackers utilizing formjacking or other methods made famous by the Magecart attack group.

As third parties change their behavior from user to user, DAST is largely ineffective in detecting attacks on large production networks and completely ineffective at preventing these types of attacks.

Myth #4 - CSP and other page headers will stop Magecart attacks.

CSP is often being suggested as the solution for Magecart attacks.

Myth #6 - You can detect all Magecart attacks from the outside without implementing code to your website.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/j6147wtoRe4/