Imperva: Protecting the Data that Drives Business Blog|Login|中文Deutsche日本語

ADC Hacker Intelligence Initiative

The Imperva Hacker Intelligence Initiative goes inside the cyber-underground and provides analysis of the trending hacking techniques and interesting attack campaigns.

Selected Tag: Data Security | Show All

Download Report

Report #15 -- Lessons Learned From the Yahoo! Hack


On December 2012, a hacker claimed to have breached Yahoo!'s security systems and acquired full access to certain Yahoo! databases, leading to full access on the server for that domain. Technically, we found that the hacker was able to determine the allegedly vulnerable Yahoo! application and the exact attack method, a SQL injection. This attack underscores the security problem posed by hosting third-party code – as is often done with cloud-based services. Our report explains:
  • How to protect third-party Web applications against SQL injection and other Web attacks.
  • Why security should always assume third-party code – coming from partners, vendors, mergers and acquisitions – contains serious vulnerabilities.
  • Putting in place legal requirements in a contract for what you will and will not accept from a security perspective and incorporating security due diligence for any merger or acquisition activity.


Tags: Data Security, Database Security, SQL Injection, Web Application Security


Download Report

Report #14 -- Assessing the Effectiveness of Antivirus Solutions


How good is antivirus? How should enterprises invest in endpoint protection? Imperva collected and analyzed more than 80 previously non-cataloged viruses against more than 40 antivirus solutions. Imperva found:
  • Antivirus solutions have a difficult time detecting newly created viruses – While antivirus vendors may constantly work to update their detection mechanisms, the initial rate of detection of new viruses by antivirus solutions in the study was less than 5%. Antivirus solutions in the study were unable to provide complete protection since they are unable to keep up with virus propagation on the Internet.
  • Antivirus solutions lag in updating signatures –In some cases in the study, it took anti-virus solutions up to four weeks following the initial scan to detect a virus.
  • Investment in antivirus is misaligned – In 2011, Gartner reported that consumers spent $4.5 billion on antivirus while enterprises spent $2.9 billion, a total of $7.4 billion or more than a third of the total of $17.7 billion spent on security software. In addition, certain freeware solutions in the study proved equally or more effective than paid solutions.


Tags: Antivirus, Honey Pots, Hacker Forums, Data Security, Database Security


Download Report

Edition #3 -- Imperva's Web Application Attack Report (July 2012)


Imperva's ADC finds that the median annual attack incidents was 274 times a year. The average attack incident for the observed Web applications lasted seven minutes and 42 seconds, but the longest attack incident lasted an hour and 19 minutes.

Tags: Application Security, SQL Injection, SQLi, Data Security, Web Application Attacks, Trends


Download Report

Summary Report -- The Anatomy of an Anonymous Attack


This ADC report details the never-before-seen details on an attack by hacktivist group 'Anonymous' against a high-profile unnamed target during a 25 day period in 2011. The Hacker Intelligence Summary Report - The Anatomy of an Anonymous Attack offers a comprehensive analysis of the attack including a detailed timeline of activities from start to finish, an examination of the hacking methods utilized as well as insights on the use of social media to recruit participants and coordinate the attack.

Tags: Anonymous, Web Application Security, Web Application Attacks, SQL Injection, Data Security, Database Security, Hacktivist, Hacking


Download Report

Edition #2 -- Imperva's Web Application Attack Report (January 2012)


Imperva monitored and categorized attacks across the internet targeting 40 different enterprise and government web applications. The WAAR outlines the frequency, type and geography of origin of each attack to help security professionals better prioritize vulnerability remediation.

Tags: Application Security, Remote File Inclusion, RFI, SQL Injection, SQLi, Local File Inclusion, LFI, Cross Site Scripting, XSS, Directory Traversal, DT, Data Security, Web Application Attacks


Download Report

Report #7 -- Enterprise Password Worst Practices


In 2009, Imperva published a report on 32 million breached passwords entitled "Consumer Password Worst Practices." Since then, successive breaches have highlighted consumers' inability to make sufficient password choices. Enterprises can no longer rely on employees, partners or consumers when it comes to password security. Instead, responsibility rests on enterprises to put in place proper password security policies and procedures as a part of a comprehensive data security discipline. Passwords should be viewed by security teams as highly valuable data - even if PCI or other security mandates don't apply. This paper guides enterprises to rectify poor password management practices.

Tags: Data Security, Passwords, Trends, Password Worst Practices


Download Report

Report #6 -- Security Trends 2012


Hacking is inherently innovative and constantly changing. As 2012 approaches, security team will need to adapt to a changing threatscape as cyber security remains one of the most dynamic and fluid disciplines worldwide. Imperva's Application Defense Center (ADC), led by Imperva CTO Amichai Shulman, is exclusively focused on advancing the practice of data security to help companies shield themselves from the threat of hackers and insiders. For 2012, the ADC has assembled a comprehensive set of predictions designed to help security professionals prepare for new threats and attacks in cyber space.

Tags: Data Security, Security Trends, DDoS, Social Media, Compliance, HTML 5, SSL, Database Security, Application Security, SQL


Download Report

Report #4 -- An Anatomy of a SQL Injection Attack (SQLi)


This month's report from Imperva's Hacker Intelligence Initiative (HII) focuses on the rise in SQL Injection (SQLi) attacks on the Web. Dominating headlines for the past year, SQLi has become a widely-known, even outside the circle of security professionals. And for good reason: SQL injection is probably the most expensive and costly attack since it is mainly used to steal data. Famous breaches, including Sony, Nokia, Heartland Payment Systems and even Lady Gaga's Web sites were compromised by hackers who used SQL injection to break-in to the application's backend database. LulzSec, the notorious hacktivist group, made SQLi a key part of their arsenal. This report details how prevalent SQL injection attacks have become, how attacks are executed and how hackers are innovating SQLi attacks to bypass security controls as well as increase potency.

Tags: SQLi, SQL Injection, LulzSec, Hacktivist, Web Application Attacks, Data Security


Download Report

Report #3 -- The Convergence of Google and Bots: Searching for Security Vulnerabilities using Automated Botnets


This Imperva's Hacker Intelligence Initiative (HII) report reveals that hackers are leveraging the power of search engines to conduct cyber reconnaissance. Hackers, armed with a browser and specially crafted search queries ("Dorks"), are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed. Automating the query and result parsing enables the attacker to issue a large number of queries, examine all the returned results and get a filtered list of potentially exploitable sites in a very short time and with minimal effort. As searches are conducted using botnets, and not the hacker's IP address, the attacker's identity remains concealed.

Tags: Google Hacking, Botnets, Bots, SQL Injection, Data Security


Download Report

Edition #1 -- Imperva's Web Application Attack Report (July 2011)


As a part of our ongoing Hacker Intelligence Initiative, the Imperva Application Defense Center (ADC) monitored and categorized individual attacks across the internet over a period of six months, December 2010 through May 2011. This research encompasses attacks witnessed via onion router (TOR) traffic as well as attacks targeting 30 different enterprise and government Web applications.

Tags: Application Security, SQL Injection, RFI, XSS, Cross-Site Scripting, Data Security, Web Application Attacks

Selected Tag: Data Security | Show All