Imperva Blog|Login|中文Deutsch日本語

ADC Hacker Intelligence Initiative

The Imperva Hacker Intelligence Initiative goes inside the cyber-underground and provides analysis of the trending hacking techniques and interesting attack campaigns.

Selected Tag: Web Application Attacks | Show All

Download Report

PHP SuperGlobals: Supersized Trouble


In the most recent Hacker Intelligence Initiative report, Imperva analyses vulnerabilities found in the SuperGlobal parameters of the PHP platform. Imperva finds that hackers are packaging higher levels of sophistication into simpler scripts and that a multi-step attack requires a multi-layered application security solution.

Tags: Application Security, SuperGlobals, PHP, Web Application Attacks


Download Report

Imperva's Web Application Attack Report (July 2013)


Examining today's application security threat landscape, Imperva finds that retailers suffer 2X as many SQL injection attacks as other industries. Report also shows that most applications are attacked more than four times a month, and the US retains its rank as the #1 source of web attacks in the world, among many other findings.

Tags: Application Security, SQL Injection, SQLi, Data Security, Web Application Attacks, Trends


Download Report

Denial of Service Attacks: A Comprehensive Guide to Trends, Techniques and Technologies


On hacker forums, denial of service remains the most discussed topic. Hackers continue to develop tools to optimize this attack method. Why? DDoS attacks do not seek to breach data integrity or privacy; they can be conducted without the requirement of identifying vulnerabilities to exploit the application. This report catalogs the latest trends, techniques and technologies deployed by hackers and gives security professionals specific steps to mitigate the threat.

Tags: Application Security, DDoS, DoS, Denial of Service, Web Application Attacks, Trends


Download Report

Imperva's Web Application Attack Report (July 2012)


Imperva's ADC finds that the median annual attack incidents was 274 times a year. The average attack incident for the observed Web applications lasted seven minutes and 42 seconds, but the longest attack incident lasted an hour and 19 minutes.

Tags: Application Security, SQL Injection, SQLi, Data Security, Web Application Attacks, Trends


Download Report

A CAPTCHA in the Rye


How effective are CAPTCHAs as a security mechanism against malicious automation? We report and analyze four case studies and draw conclusions as to the best ways to implement CAPTCHAs as an integrated part of a security strategy. Specifically, security teams should use novel CAPTCHA methods that make the CAPTCHA into something enjoyable, like a mini-game. Also, we help identify how to present a CAPTCHA only when users exhibit suspicious behavior by implementing various automation detection mechanisms.

Tags: CAPTCHA, Web Security, Web Application Attacks, Hacking


Download Report

Dissecting a Hacktivist Attack


The fundamental tenet of Web 2.0, user-generated content, is also the Achilles Heel from a security standpoint. Why? Allowing the upload of user-generated content to the website can be extremely dangerous as the server which is usually considered by other users and the application itself as "trusted" now hosts content that can be generated by a malicious source.

Tags: Hacktivist, Web Application Attacks, Hacking, Lulzsec, Remote File Inclusion, RFI, Passwords


Download Report

Automation of Attacks


How do hackers automate? What do they automate? And most importantly: How can security teams block automated attacks? The latest Hacker Intelligence Initiative from Imperva's Application Defense Center will help you answer these questions and many more.

Tags: Automated Web Application Attacks, Hacking, SQL Injection, SQLi, Remote File Inclusion, RFI, sqlmap, Havij, NetSparker, libwww-perl


Download Report

Remote and Local File Inclusion Vulnerabilities 101


Remote and local file inclusion (RFI/LFI) attacks are a favorite choice for hackers and many security professionals aren't noticing. RFI/LFI attacks enable hackers to execute malicious code and steal data through the manipulation of a company's web server. RFI was among the four most prevalent Web application attacks used by hackers in 2011. In fact, RFI/LFI was used most prominently by hacktivists. Most recently, a military dating website was breached using RFI/LFI by hacktivist group Lulzsec. RFI and LFI attacks take advantage of vulnerable PHP Web application parameters by including a URL reference to remotely hosted malicious code, enabling remote execution. PHP is a programming language designed for Web development and is in use across more than 77 percent of applications on the Internet.

Tags: File Inclusion, Remote File Inclusion, RFI, LFI, Web Application Attacks, Hacktivist, Hacking


Download Report

The Anatomy of an Anonymous Attack


This ADC report details the never-before-seen details on an attack by hacktivist group 'Anonymous' against a high-profile unnamed target during a 25 day period in 2011. The Hacker Intelligence Summary Report - The Anatomy of an Anonymous Attack offers a comprehensive analysis of the attack including a detailed timeline of activities from start to finish, an examination of the hacking methods utilized as well as insights on the use of social media to recruit participants and coordinate the attack.

Tags: Anonymous, Web Application Security, Web Application Attacks, SQL Injection, Data Security, Database Security, Hacktivist, Hacking


Download Report

Imperva's Web Application Attack Report (January 2012)


Imperva monitored and categorized attacks across the internet targeting 40 different enterprise and government web applications. The WAAR outlines the frequency, type and geography of origin of each attack to help security professionals better prioritize vulnerability remediation.

Tags: Application Security, Remote File Inclusion, RFI, SQL Injection, SQLi, Local File Inclusion, LFI, Cross Site Scripting, XSS, Directory Traversal, DT, Data Security, Web Application Attacks


Download Report

An Anatomy of a SQL Injection Attack (SQLi)


This month's report from Imperva's Hacker Intelligence Initiative (HII) focuses on the rise in SQL Injection (SQLi) attacks on the Web. Dominating headlines for the past year, SQLi has become a widely-known, even outside the circle of security professionals. And for good reason: SQL injection is probably the most expensive and costly attack since it is mainly used to steal data. Famous breaches, including Sony, Nokia, Heartland Payment Systems and even Lady Gaga's Web sites were compromised by hackers who used SQL injection to break-in to the application's backend database. LulzSec, the notorious hacktivist group, made SQLi a key part of their arsenal. This report details how prevalent SQL injection attacks have become, how attacks are executed and how hackers are innovating SQLi attacks to bypass security controls as well as increase potency.

Tags: SQLi, SQL Injection, LulzSec, Hacktivist, Web Application Attacks, Data Security


Download Report

Imperva's Web Application Attack Report (July 2011)


As a part of our ongoing Hacker Intelligence Initiative, the Imperva Application Defense Center (ADC) monitored and categorized individual attacks across the internet over a period of six months, December 2010 through May 2011. This research encompasses attacks witnessed via onion router (TOR) traffic as well as attacks targeting 30 different enterprise and government Web applications.

Tags: Application Security, SQL Injection, RFI, XSS, Cross-Site Scripting, Data Security, Web Application Attacks


Download Report

Remote File Inclusion


We begin our first report by describing an attack which usually flies under the radar – Remote File Inclusion (RFI). Although these attacks have the potential to cause as much damage as the more popular SQL Injection and Cross-Site Scripting (XSS) attacks, they are not widely discussed. HII has documented examples of automated attack campaigns launched in the wild. This report pinpoints their common traits and techniques, as well as the role blacklisting can play in mitigating them.

Tags: Google Hacking, Web Application Attacks, Buffer Overflow, CSRF, SQL Injection, Cross-Site Scripting, XSS, Search Engine Poisoning, SEP, Botnets, Remote File Inclusion, RFI

Selected Tag: Web Application Attacks | Show All