Imperva Blog|Login|中文Deutsch日本語

ADC Hacker Intelligence Initiative

The Imperva Hacker Intelligence Initiative goes inside the cyber-underground and provides analysis of the trending hacking techniques and interesting attack campaigns.

Selected Tag: Lulzsec | Show All

Download Report

Dissecting a Hacktivist Attack

The fundamental tenet of Web 2.0, user-generated content, is also the Achilles Heel from a security standpoint. Why? Allowing the upload of user-generated content to the website can be extremely dangerous as the server which is usually considered by other users and the application itself as "trusted" now hosts content that can be generated by a malicious source.

Tags: Hacktivist, Web Application Attacks, Hacking, Lulzsec, Remote File Inclusion, RFI, Passwords

Download Report

Monitoring Hacker Forums

As a part of Imperva's hacker intelligence initiative, we monitor hacker forums to understand many of the technical aspects of hacking. Forums are the cornerstone of hacking - they are used by hackers for training, communications, collaboration, recruitment, commerce and even social interaction. Forums contain tutorials to help curious neophytes mature their skills. Chat rooms are filled with technical subjects ranging from advice on attack planning and solicitations for help with specific campaigns. Commercially, forums are a marketplace for selling of stolen data and attack software. Most surprisingly, forums build a sense of community where members can engage in discussions on religion, philosophy and relationships.

Tags: Hackers, Hacking, Trends, LulzSec, Hacktivist, DDoS, SQL Injection, Web Application Security, Database Security, Application Security

Download Report

An Anatomy of a SQL Injection Attack (SQLi)

This month's report from Imperva's Hacker Intelligence Initiative (HII) focuses on the rise in SQL Injection (SQLi) attacks on the Web. Dominating headlines for the past year, SQLi has become a widely-known, even outside the circle of security professionals. And for good reason: SQL injection is probably the most expensive and costly attack since it is mainly used to steal data. Famous breaches, including Sony, Nokia, Heartland Payment Systems and even Lady Gaga's Web sites were compromised by hackers who used SQL injection to break-in to the application's backend database. LulzSec, the notorious hacktivist group, made SQLi a key part of their arsenal. This report details how prevalent SQL injection attacks have become, how attacks are executed and how hackers are innovating SQLi attacks to bypass security controls as well as increase potency.

Tags: SQLi, SQL Injection, LulzSec, Hacktivist, Web Application Attacks, Data Security

Selected Tag: Lulzsec | Show All