Save 40% on Coursera Plus Annual
The Bad Guys Win - Analysis of Magecart Vulnerabilities

The Bad Guys Win - Analysis of Magecart Vulnerabilities

Black Hat via YouTube Direct link

Scriptless Magecart attack

20 of 22
Previous
Next

20 of 22

Scriptless Magecart attack

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

The Bad Guys Win - Analysis of Magecart Vulnerabilities

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 Background - Script Inclusion diagram
  3. 3 Magecart: Digital supply-chain attack
  4. 4 Statistics - The data
  5. 5 30,000+ vulnerable assets
  6. 6 Popularity of affected sites
  7. 7 Cross-sector
  8. 8 Steal information
  9. 9 Active abuse
  10. 10 Threat model - Careful hacker
  11. 11 The enterprise challenges
  12. 12 Anti-Magecart solutions
  13. 13 General notes about the careful hacker
  14. 14 General things that careful hackers do
  15. 15 Bypass script monitoring
  16. 16 Bypass client-side solutions
  17. 17 Use browser native mechanisms
  18. 18 Enterprise use of browser native mechanisms
  19. 19 The Trusted-Source Injection (TSI) attack
  20. 20 Scriptless Magecart attack
  21. 21 Summary table: Enterprise vs. Hackers
  22. 22 What could be done?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.