On April 19, 2024, Datadog’s US5 website (app.us5.datadoghq.com) started experiencing elevated error rates, though they were low enough that most of our users didn’t notice them. For the next few days, we worked around the clock responding to multiple episodes of this mysterious attack, which gradually unfolded as we investigated. We also implemented several measures to reduce the impact on our customers.

Formjacking is a cyberattack where attackers inject malicious JavaScript code into webpages containing form fields, usually on login pages or payment forms. The objective is to steal sensitive information, such as credit card details, passwords, and other personal data, directly from users as they enter it into the compromised forms. Formjacking attack occurs entirely on the client side—within the user’s browser—making it particularly challenging to detect.

To further raise awareness on threat actor activity in the dark web and hacking communities, today we are introducing the Cato CTRL Threat Actor Profile. This will be a blog series that profiles various threat actors and documents notable activity that we are observing. Our inaugural Cato CTRL Threat Actor Profile is on Yashechka.

You can mitigate the risk of ransomware attacks by regularly backing up your data, updating your device with the latest software, implementing least-privilege access, using a business password manager and educating employees about security awareness, among other things. Ransomware attacks occur when organizations are prevented from accessing files and data until they’ve paid a ransom to the cybercriminal who infected their devices with malware.

Magecart attacks are a form of digital skimming that targets insecure websites to steal payment information. These attacks involve injecting malicious JavaScript code into e-commerce websites to steal sensitive information such as credit card details during the checkout process. The term “Magecart” originates from the attackers’ initial focus on Magento, a popular e-commerce platform, though their methods have since expanded to target various other platforms.

On a Friday afternoon at 5 PM, you’re cruising along the backroads in your car, listening to your favorite music. You’re on vacation and making excellent time to your destination until you notice the long stream of red tail lights a few miles ahead. After sitting in standstill traffic for over an hour, you realize that highway construction created a detour to the two-lane backroad that you were using to skip the rush hour traffic.

Estimating the potential impact of a successful cyber attack may seem impossible, especially given the rapid expansion of organizations’ digital footprint (and, consequently, their attack surface). One example are attacks which pertain to the contact points between businesses and clients, such as websites and mobile apps. In particular, these assets can be cloned and used for phishing attacks.

Your organization’s most vulnerable points of attack are no longer desktops — they’re in the pockets of your employees. Virtually everyone has a mobile device. And, even on the job, we use them for a multitude of tasks. As a result, our devices are packed with critical information, making them rich targets for cybercrime. That crime comes at a high cost.

You can protect yourself from identity theft by safeguarding your Social Security number and other sensitive documents, regularly reviewing your credit reports, using a dark web monitoring tool and not oversharing online. Identity theft occurs when someone steals and uses your sensitive documents unbeknownst to you to gain money or access to your confidential information. Examples of sensitive documents include Social Security numbers, credit card numbers, bank account information and passport numbers.

A Web Application Firewall (WAF) is your first line of defense against internet traffic that can be both legitimate and malicious. It helps protect your web applications, websites, and servers from various cyber-attacks by filtering out harmful traffic. WAF (WAAP) is essential for web security as it quickly identifies and addresses vulnerabilities in applications and servers.