December 10 - 12, 2018
The Ritz-Carlton, Amelia Island, FL

Joshua Jones


Senior Director, Technical Solutions
Source Defense


9:55 AM Ignite: Defend Against Magecart-Style Website Supply Chain Attacks

We’ve seen an acceleration of client-side attacks from threat actors leveraging JavaScript vulnerabilities to launch credit card and personal information skimming attacks. In the past 3 months many large E-Commerce vendors including Ticketmaster, British Airways, Feedify, Newegg, Shopper Approved and Umbra have revealed that they have been compromised by Magecart.
This threat vector leverages a universal vulnerability to launch attacks that affect websites and consumers on a massive scale. Compromised third party JavaScript code is used by threat actors to modify, read or extract any information entered or rendered on a webpage. This includes personal and financial data. In addition to introducing elevated website security risk, third party JavaScript introduces significant compliance and data privacy concerns since JavaScript grants access and privileges to third parties that operate entirely outside of the security controls that website owners can implement and monitor.


Check out the incredible speaker line-up to see who will be joining Joshua.

Download The Latest Agenda