Welcome to the first edition of the Source Defense Research Intelligence News, where we share the latest attack findings from our research team—keeping you informed and protected against emerging threats. NEW THREAT: ABUSE OF STRIPE’S DEPRECATED API March 4, 2025 Sophisticated campaign conceals skimming from cybercrime researchers At Source Defense, we have uncovered a novel| Source Defense
Source Defense has officially joined the PCI Security Standards Council’s Board of Advisors for the 2025 to 2027 term.| Source Defense
Source Defense Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2022 Source Defense Wins Next Gen Web Application Security in 10th Annual Global InfoSec Awards at #RSAC 2022 SAN FRANCISCO (BUSINESSWIRE) JUNE 6, 2022 – Source Defense is proud to announce we have won the following award(s) from Cyber Defense Magazine (CDM),| Source Defense
Source Defense provides an entirely new solution, leveraging a fully automated, machine-learning-assisted set of policies that ensure 3rd party JavaScript integrations operating on your website maximize user experience and eliminate the threat of such integrations being leveraged for malicious website activity.| Source Defense
In a recent attack spotted by the Source Defense Cyber Research team, a compromised first-party script on a payment page stored sensitive data in a cookie named csp_f_y. The exfiltration didn’t happen immediately—it was triggered on the next page load using location.href, slipping past content security policies (CSP) that would have otherwise blocked malicious outbound requests.| Source Defense
A new report by Recorded Future's Insikt Group reveals a concerning rise in Magecart attacks and e-skimming activity targeting online retailers. The research highlights how cybercriminals are evolving their tactics to bypass traditional, rather antiquated client-side security measures such as Content Security Policy (CSP) and compromise e-commerce platforms at an alarming rate.| Source Defense
A new report by Recorded Future's Insikt Group reveals a concerning rise in Magecart attacks and e-skimming activity targeting online retailers. The research highlights how cybercriminals are evolving their tactics to bypass traditional, rather antiquated client-side security measures such as Content Security Policy (CSP) and compromise e-commerce platforms at an alarming rate.| Source Defense
A new report by Recorded Future's Insikt Group reveals a concerning rise in Magecart attacks and e-skimming activity targeting online retailers. The research highlights how cybercriminals are evolving their tactics to bypass traditional, rather antiquated client-side security measures such as Content Security Policy (CSP) and compromise e-commerce platforms at an alarming rate.| Source Defense
by Source Defense The landscape of payment security is at a critical turning point. As we approach the March 31, 2025 PCI compliance deadline for implementing new e-skimming controls, organizations face mounting pressure to address what has become the predominant vector for payment fraud. This isn’t just another compliance checkbox – it represents a fundamental| Source Defense
Payment card security faces new challenges as merchants and service providers prepare for the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements on eSkimming prevention. With the March 2025 deadline approaching, organizations must act quickly to implement these new mandates.| Source Defense
With less than four months until the compliance deadline for new eSkimming security controls in PCI DSS, Source Defense, a pioneer in client-side security, hosted a critical roundtable discussion featuring leading Qualified Security Assessors (QSAs). The webinar brought together top industry experts to address requirements 6.4.3 and 11.6.1, which organizations must implement by Q1 2025.| Source Defense
Webinar Replay: eSkimming Security and PCI Compliance Watch the webinar, then CLICK HERE to visit our PCI DSS 4.0 Resource Center Download the CoalFire whitepaper below [Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1 Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0. The most talked about and concerning new| Source Defense
Webinar Replay: Understanding PCI DSS 4.0 Watch the webinar, then CLICK HERE to visit our PCI DSS 4.0 Resource Center Download the CoalFire whitepaper below [Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1 Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0. The most talked about and concerning new requirements| Source Defense
Webinar Replay: Community Enablement Watch the webinar, then CLICK HERE to visit our PCI DSS 4.0 Resource Center Download the CoalFire whitepaper below [Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1 Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0. The most talked about and concerning new requirements in PCI| Source Defense
With the March 2025 deadline for PCI DSS v4.0 compliance looming, businesses face the challenge of adapting to over 50 new security requirements. Among these, eSkimming protections are crucial for safeguarding online transactions. Time is running out—begin your compliance efforts today to stay ahead of the curve and secure your payment systems.| Source Defense
With the March 2025 PCI DSS 4.0 deadline looming, organizations face new challenges, particularly in securing against eSkimming threats. At a recent Source Defense roundtable, industry experts shared crucial insights on navigating these changes. Learn how to prepare for compliance and protect your organization from emerging client-side security risks.| Source Defense
With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data. At a recent roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes.| Source Defense
Webinar Replay: Community Enablement Watch the webinar, then CLICK HERE to visit our PCI DSS 4.0 Resource Center Download the CoalFire whitepaper below [Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1 Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0. The most talked about and concerning new requirements in PCI| Source Defense
Beware of digital skimming attacks! According to Visa's Spring 2023 Biannual Threats Report, digital skimming attacks targeting customer data on eCommerce checkout pages increased by 174% in the last half of 2022.| Source Defense
Security vendor: “You want to buy some detect-and-alert?” You: “You don’t want to sell me detect-and-alert.” Security vendor (mind suddenly weakened): “I . . . I don’t want to sell you detect-and-alert.” You: “You want to go home and rethink your approach to 3rd party client-side risk.” Security vendor: “I want to go home and| Source Defense
There aren’t many small problems in cybersecurity. Most of them are big. Things like client-side attacks, ransomware, denial of service, zero-days and phishing cause you long days, sleepless nights and represent major risks to your organization. And when you set out to protect your organization from attacks, you discover that there aren’t many small solutions| Source Defense