Detecting Magecart-Style attacks with Page Shield
During CIO week, the general availability of client-side security product Page Shield was announced. The product aims to protect websites' end users from client-side attacks that target vulnerable JavaScript dependencies in order to run malicious code in the victim's browser. One major threat is Magecart-style attacks, which involve compromising a website's scripts and exfiltrating sensitive user data to an attacker-controlled domain. Page Shield uses content security policies (CSP), static analysis, threat feeds, subresource integrity checks, and external connection checks to detect malicious scripts. The product currently leverages CSP reports, threat intelligence feeds, and ML-based static analysis for detection. Future developments will include expanding content-based risk scoring to cover other attack types like crypto-mining and adware.
Company
Cloudflare
Date published
Feb. 18, 2022
Author(s)
Oliver Cookman
Word count
1312
Language
English
Hacker News points
4