The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Back To Schedule
Thursday, May 30 • 3:10pm - 3:40pm
Magecart - a growing threat to e-commerce sites

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In the last two years, we’ve observed a growing threat for e-commerce sites: Magecart. By using a cocktail of 0-days and known de-serialization bugs in the Magento platform and Magento extensions it managed to impact major web sites such as British Airways, TicketMaster and NewEgg as well many thousands online shops. Attackers compromised third-party servers that hosted JavaScript code that major websites “re-used”, leading the malicious code to run on client computers and skim data directly back to the bad guys.  This talk will describe the techniques used by these cybercriminals, discuss the nature of vulnerabilities that allowed these attacks and present possible defense and detection measures.

avatar for Simon Kenin

Simon Kenin

Security Researcher, Trustwave Spider Labs
Simon Kenin is a security researcher in Trustwave SpiderLabs. He’s responsible for vulnerability analysis, malware analysis and developing detection logic for web-based attacks both for server and client sides, as well as keeping track of the exploit kit market and the world of... Read More →
avatar for Ziv Mador

Ziv Mador

VP, Security Research, Trustwave SpiderLabs
Ziv manages the global security research team at Trustwave, covering research areas such as vulnerability assessment and scanning, analysis of attacks against Web servers and Web clients, malware reverse engineering, IDS/IPS research, SIEM correlation and reporting, spam and phishing... Read More →

Thursday May 30, 2019 3:10pm - 3:40pm IDT
Hall B