• Internet users struggled to access websites on Friday after a cyber attack on a key piece of internet infrastructure disrupted access to sites including Twitter, the Financial Times, the New York Times, Spotify and Airbnb. How did one attack cause so many sites to go down? “DNS infrastructure is a key component of making the internet work, and large DNS providers have invested heavily in protecting their systems from such attacks,” said Marc Gaffan, vice-president at Imperva, a Silicon Valley-based cyber security company.
  • Some companies lose tens of thousands of dollars for every minute of a DDoS attack. For more than one-third of companies, a single hour of a DDoS attack can cost up to $20,000, according to a 2014 report by the security firm Imperva Incapsula.
  • The impact goes beyond the direct target to the end users who are unable to reach popular sites and also to the sites themselves, which rely on traffic to provide ad revenue, says Tim Matthews, vice president of marketing at Imperva for the IIncapsula product line. The attacker doesn’t need vast resources, given the availability of relatively inexpensive DDoS for hire services.
  • One way to distribute a bot to many computers is via a virus, or malware, according to Incapsula, one of many providers of Internet security and DDoS defense. Such malware can operate in the background and the infected computer user isn't even aware of what's happening.
  • Hackers have hit Weebly and Foursquare and millions of user accounts are believed to have been stolen. Deepak Patel, director of security strategy for Imperva, told IBTimes UK: "The ease of getting millions of stolen credentials, with the fact that users will always continue to reuse passwords simply because they are human, makes brute force attacks more effective than ever and forces application providers to take proper measures to protect their users."
  • Web design platform, Weebly, has informed customers of a data breach that happened eight months ago. Deepak Patel, director of security strategy for Imperva told SCMagazineUK.com that the ease of getting millions of stolen credentials, with the fact that users will always continue to reuse passwords simply because they are human, makes brute force attacks more effective than ever and forces application providers to take proper measures to protect their users.
  • Weebly confirms hack, while Foursquare is denying claims that millions of accounts have been stolen.
  • Presidential hopeful Donald Trump’s Twitter support was over-exaggerated due to significant bot activity on the site four times as great as that of his rival Hillary Clinton, according to new research. Imperva vice president, Tim Matthews, warned that web admins and pollsters must take more care when appraising raw traffic numbers.
  • A survey published last month by Imperva suggested that one in 50 employees could turn out to be a malicious insider. This means that even in an SME, stocked with no more than 250 employees, five people are well placed to do a lot of damage.
  • Last week Sierra Wireless warned that some of its wireless gateway devices might be vulnerable to the Mirai botnet. Tim Matthews, vice president of Marketing at Imperva: “Given that the manufacturer has issued a CERT alert, with detailed behavioral analysis of how Mirai behaves on their devices, this appears quite legitimate.
  • There is a growing number of vendors providing technology to differentiate bots from human users and good-bots from bad-bots; they put in place policies about what bots are allowed and not allowed to do.
  • The Internet of Things (IoT) has the opportunity to reinvent how we visualize the internet, but it also comes with a variety of challenges, including the threat of hackers devastating lives or destroying a business’s assets. This chaotic future may already be upon us, according to researchers at Imperva.
  • It is now feared more than ever that the presidential elections might be influenced or compromised by nation-states such as Russia. Igal Zeifman, director of marketing at Imperva Incapsula, referring to the type of attack that would take down servers and machines by overloading them with remote requests said, “consider what would happen if the attack was used to take down the voting system itself or even one of the local election agencies. The result could be catastrophic.”
  • Researchers at Imperva have uncovered evidence of several low-level distributed denial of service attacks likely perpetrated by new users testing out this suddenly accessible DDoS tool. Ben Herzberg, security group research manager with Imperva Incapsula, told SCMagazine.com in a phone interview that the Marai's author may have truncated the complete blacklist before publishing it – possibly because such information could offer a clue as to the attacker's identity.
  • Cellular gateways made by Sierra Wireless may be susceptible to the Mirai malware, the Department of Homeland Security warned on Wednesday. Analysis by the firm Imperva found that Mirai is purpose-built to infect Internet of Things devices and enlist them in distributed denial of service (DDoS) attacks.
  • A recent hacking incident involving as many as one million Chinese made security cameras and digital video recorders highlights the fact that internet-connected cameras—without proper safeguarding—face the potential of being compromised. Tim Matthews, vice president of marketing for the Incapsula product line at Imperva—a company that specializes in web security and mitigating DDoS attacks—notes that last year, his company revealed major vulnerabilities in CCTV cameras as a result of not taking the proper steps to protect against threats.
  • Now that its source code has been released you can expect more attacks from Mirai, the malware behind the largest DDoS attack on record, which was powered by hijacked IoT devices. “Likely, these are signs of things to come and we expect to deal with Mirai-powered attacks in the near future,” security researchers at Imperva said in their blog post.
  • “Something in the way we treat and mandate information protection needs to be changed,” said Amichai Shulman, co-founder and chief technology officer of cybersecurity company Imperva Inc. “The fact that we have incidents like this in an organization like the NSA just highlights the bigger problem for the entire industry.”
  • If you were surprised the IT department let you [download Pokemon Go], don't be - many companies have absolutely no idea what their staff are up to it seems. Terry Ray, Imperva's chief product strategist, says: "Staff often don't think about security or know what is or isn't sensitive data.And the risks of a data breach are massively exacerbated by the cloud, even though cloud-based apps, such as Microsoft's Office 365, are proving increasingly popular because they dramatically reduce IT costs."
  • In a new blog post Imperva researchers analyse the Mirai botnet which was responsible for a huge DDoS attack against security researcher Brian Krebs in September. The blog studies the locations of the IP addresses that make up the botnet, examines the botnet’s source code in order to understand more about how it operates, studies what IP addresses Mirai is programmed to avoid and reveals new data which shows that Russian hackers may be behind the huge botnet.
  • Imperva, a company that provides protection to websites against Distributed Denial of Service (DDoS) attacks, is among the ones who have been busy investigating Mirai. According to their tally, the botnet made of Mirai-infected devices has reached a total of 164 countries.
  • The malware that powered one of the worst denial of service cyberattacks of the last few years has infected internet-connected devices all over the world, reaching as many as 177 countries, according to security researchers. Imperva, a company that provides protection to websites against DDoS attacks, is among the ones who have been busy investigating Mirai. According to their tally, the botnet made of Mirai-infected devices has reached a total of 164 countries.
  • "A woman has been arrested on suspicion of fraud in connection with a data breach at accounting software firm Sage. Most organisations still focus on securing their borders, according to Morgan Gerhart, vice-president at security firm Imperva."
  • “'The real goal is to expand the relationships with our channel partners around the globe and support our growth and the growth of our partners,” Soderlund, senior vice president of worldwide channels and alliances, said in an interview with CRN.'
  • Luring attacks are mounted by a competing dating site to lure users from the victim site to the attacker site. Most luring attacks target multiple dating services and send spam messages to a large number of users, inviting them to different dating sites, probably all controlled by the same hacker. According to Imperva, the motivation for the attacker is clear—to divert customers away from the competitor’s site and lure them to the attacker’s site.
  • Slowly but surely, the internet is becoming a hostile place. As wondrous as the internet is – with its three billion global users – increasingly, danger lurks. Armies of hackers maraud for personal data. Unknown forces invade privacy, installing hidden bugs. Nations engage in low-grade versions of cyber warfare. For many users, the risks appear remote when weighed with the benefits.
  • This feature on Botnet trends quotes Imperv's Igal Zeifman in regards to the Imperv CCTV blog and the 2014 DDoS report.
  • "Think beyond passwords: 'It's not enough to rely on password policies, which are of no use when the credentials are stolen,' said Itsik Mantin, Director of Security Research at Imperva Inc. 'Those in charge of web applications should be mindful to take specific detection measures to validate the authenticity of login to the system, treating with caution login from unexpected countries or anonymous networks, or logins from a web bot and rate limiting login attempts, in particular, those using credentials known to be stolen.'
  • Internet activity measuring duties fell to Imperva Incapsula, who harnessed the powers of their massive CDN to gain a clear picture of what was or was not going on online during each game of the Euros.
  • This article on the data breach of the Oracle MICROS payment terminals division features commentary from Imperva Director of Security Research, Itsik Mantin.
  • Russian hackers have compromised a customer support portal for Oracle's MICROS point-of-sale (POS) systems and accessed user names and passwords.
  • A new study from Imperva revealed that the basic materials that make up the entire World Wide Web, the HTTP/2 protocol, are flawed in four significant ways.
  • This podcast covers Oracle's MICROS point-of-sale systems breach (4:49) and quotes Imperva director of security research, Itsik Mantin.
  • Analysing the basics of an Advanced Persistent Threat (ATP), Imperva Incapsula breaks down a successful attack into three stages.
  • Tech-Savvy Fraud

    August 9, 2016
    A 2016 cyber-threat defence report by Cyberedge, sponsored by Imperva, demonstrated that no cyber-security training will overpower human curiosity.
  • "Imperva Incapsula explains, a botnet is a network of internet connected devices, like computers, tablets and smartphones, that have been hijacked with malware which allows it to be controlled by the botnet owner from a remote location, generally without the device owner ever even knowing it."
  • An analysis of five separate manufacturers' web servers running on the new HTTP/2 protocol, cybersecurity firm Imperva found that all five were vulnerable to at least one of four high-profile denial-of-service vulnerabilities. The company announced its findings at Black Hat, where SCMagazine.com caught up with Imperva's director of security research Itsik Mantin.
  • Cyber-security specialist Imperva released its latest "Hacker Intelligence Initiative (HII) Report" this week, which highlights the four major vulnerabilities in HTTP/2 -- the new version of the HTTP protocol that serves as one of the main building blocks of the internet.
  • Imperva presented a report at Black Hat describing four attack vectors in the HTTP/2 web protocol that enabled vulnerabilities in five HTTP/2 server implementations, including Microsoft IIS, Apache, Nginx, Jetty and nghttpd.
  • "On Wednesday at Black Hat USA, cybersecurity firm Imperva released new research into a number of high-profile flaws found within the latest version of HTTP, HTTP/2, which underpins the worldwide web's underlying protocols and communication systems."
  • "The HTTP/2 standard was approved some time ago, but it is yet to be widely adopted. Before the standard can become widespread, however, there are four serious vulnerabilities that need to be addressed."
  • "Security researchers from data center security vendor Imperva today at Black Hat conference revealed details on at least four high-profile vulnerabilities in HTTP/2 – a major revision of the HTTP network protocol that the today’s web is based on."
  • The next version of the network protocol that holds up the web, HTTP/2, has four major security vulnerabilities according to cyber security leader, Imperva.
  • "Researchers at Black Hat describe finding four flaws – now fixed - in the way the major server vendors implemented HTTP/2, but warn that the year-old Web protocol remains fertile ground for hackers seeking weaknesses in the way it’s rolled out."
  • The Imperva Hacker Intelligence Initiative (HII) Report provides an in-depth analysis of the four vulnerabilities in HTTP/2, a next-generation protocol expected to address many of the shortcomings of HTTP/1.x. HTTP/2 brings along new mechanisms that increase the attack surface of web infrastructure, rendering it vulnerable to new types of attacks.
  • Jason Bourne, the latest installment of a now-five movie series, was built around a theme of cyberwarfare that wasn't all movie magic. This article takes a look at the technology depicted in the movie with analysis from leading experts.
  • In this option piece on ransomware, the author established that the wholesale collection of data and its storage presents an enormous problem for businesses as it opens the door for criminals to collect information for corporate espionage, fraudulent activity or resale.
  • Two Imperva researchers have worked closely with major Web server makers to plug four security vulnerabilities in the HTTP/2 protocol implementation that launched a year ago. This article also includes Imperva’s infographic for the report.
  • Imperva Incapsula’s annual Bot Traffic Report reported that a total percentage of 48.5 was incoming online traffic from bots, good and bad in 2015.
  • Imperva Hacker Intelligence Initiative report (HII) details the discovery of four high profile vulnerabilities in HTTP/2
  • "HTTP/2 introduces new mechanisms that effectively increase the attack surface of business critical web infrastructure, according to a study by researchers at data centre security vendor Imperva and released at the Black Hat conference on Wednesday."
  • "Security researchers at Imperva have uncovered at least four flaws in the HTTP/2 protocol, the successor to HTTP."
  • Our team of researchers at the Imperva Defense Center describe the findings in a new Hacker Intelligence Initiative (HII) Report, entitled: “Black Hat SEO: A Detailed Analysis of Illegal SEO Tactics.” The report details a long-running and still active illegal attack that has been exploiting vulnerabilities in thousands of legitimate websites to increase the SEO results for illicit or harmful websites.
  • Following the high-profile hack of the Democratic National Committee's computer system, cyber-security experts emphasize the importance of secure email correspondence.
  • Imperva has announced the general availability of the Imperva SecureSphere Deployment Kit for the new Microsoft Azure Security Center.
  • Imperva has announced the availability of Imperva ThreatRadar IP Reputation for Imperva Skyfence, a new threat intelligence offering that helps Imperva customers detect threats to enterprise data in SaaS applications from known bad actors.
  • Westwing, an online retailer, switched to Imperva’s firewall technology, the Imperva Incapsula Web Application Firewall, which gives Westwing more insight into the vulnerability of its site.
  • Companies looking to recruit network engineering professionals with experience of dealing with DDoS attacks are facing an uphill struggle, according to new research from Imperva. The firm’s survey found that while companies across the globe are recognizing the importance of hiring skilled staff to help address security concerns threatening their online presence, a scarcity of qualified personnel is making this a difficult task.
  • Imperva Incapsula’s annual Bot Traffic Report reported that a total percentage of 48.5 was incoming online traffic from bots, good and bad in 2015.
  • Global demand for network engineers with distributed denial-of-service (DDoS) mitigation skills has grown, but there aren't enough qualified people to fill the available roles. That's one of the findings from recent research carried out by security firm Imperva, which said that demand for DDoS network engineering skills has grown 47 per cent in China and 30 per cent in the US in the past year.
  • Over the last six months, global demand for network engineers who have DDoS mitigation skills has continued to grow. China is seeing the most demand for these skills, with roughly 47 percent annual growth. According to new research from Imperva, the reason for this is a scarcity of qualified personnel and a rising demand for this specific experience. Companies in the UK, US and Canada are taking longer to fill these positions, as proven by the increase in average listing days for them.
  • Companies looking to recruit network engineering professionals with experience of dealing with DDoS attacks are facing an uphill struggle, according to new research from Imperva. The firm’s survey found that whilst companies across the globe are recognizing the importance of hiring skilled staff to help address security concerns threatening their online presence, a scarcity of qualified personnel is making this a difficult task.
  • Pokémon Go has apparently been DDoSed and two separate groups are claiming responsibility. PoodleCorp and OurMine have both claimed ‘the glory' for downing services on Pokémon Go over the July 16/17 weekend. Gaming platforms are particularly sensitive to DDoS, Ofer Gayer, product manager for DDoS at Imperva told SCMagazineUK.com
  • Security experts from Imperva Incapsula and Plixer offered some explanation and consolation. Ofer Gayer, product manager for DDoS at Imperva for the Incapsula product line noted that online games such as Pokémon GO are subject to latency and availability issues and therefore are ideal targets for DDoS attacks.
  • There are numerous tools and services for cloud DDoS protection, including those from Imperva.
  • Compiled by researchers at Imperva Defense Center, the report unveils a long-running blackhat SEO campaign in which hackers are exploiting vulnerabilities in thousands of legitimate websites in order to promote the search engine ranking of their clients’ websites.
  • Sports events, teams and individuals operate in an emotive, high-profile, well-known industry. Hackers looking to cause trouble, either for a feather in their cap or for revenge for their losing team, are becoming more and more common. It is this disruption which threatens the reputation of sports teams, individuals and athletes.
  • International pure-play retailer Westwing Home & Living is now using the Imperva Incapsula Web Application Firewall (WAF) service to protect the data of more than 26 million members.
  • International pure-play retailer Westwing Home & Living has deployed a new online security solution from Imperva to protect its e-commerce websites in 14 different markets worldwide. Westwing is now using the Imperva Incapsula Web Application Firewall (WAF) service to protect the data of more than 26 million members.
  • Imperva's fourth annual Bot Traffic Report reveals that bots account for almost half of all internet traffic (49 percent). Online traffic in 2015 consisted of humans (51.5 percent), ‘good' bots (19.5 percent) and ‘bad' bots (29 percent).
  • A solution for dynamic website security is Web Application Firewalls (WAF) such as Incapsula, one of the most versatile and effective cloud-based security tools that can protect your websites against the host of attacks that threaten them.
  • The Imperva report found that in 2015, 51 percent of web traffic, up from 44 percent in 2014, is human based, but the remaining 49 percent is all from “good” and “bad” bots traveling the internet.
  • Bots are ubiquitous in cyberspace. Like them or not, you can expect to keep coming across them. A lot of them are good bots, which, as Imperva reported, are there simply to gather information.
  • Cybercriminals are finally leveraging the thousands or millions of insecure devices in the so-called Internet of Things to launch cyberattacks.
  • This article covers four enterprise [security] trends to watch for 2016
  • "DDoS its first moment, this attack burst reached above 250 Gbps. It then slowly built up over the following hours, peaking at 470 Gbps at 19:32,” explained Imperva Incapsula in a blog post"
  • Vendor Excellence Awards names Imperva for Application Security
  • "The perpetrators' multi-vector approach reached a packet-per-second peak of 110 million, although the assault was quickly mitigated by a security firm."
  • "On June 14, Imperva mitigated a 470 gigabits per second (Gbps) DDoS attack targeting a Chinese gambling company. The attack lasted for over four hours and it is without a doubt one of, if not the, largest assault on record to date."
  • "Only days ago on 14 June, Imperva’s anti-DDoS wing Incapsula recorded a maximum 470Gbps “brute of an assault” designed to bring down a Chinese gambling firm."
  • "The unnamed company was attacked by DDoS that used nine vectors in a very rare bid to bypass Incapsula's mitigation services. "The assault was significantly complex by network layer standards, relying on a mix of nine different payload types," Incapsula researchers Ofer Gayer and Igal Zeifman say."
  • A recent report shows just how dangerous that lackadaisical attitude towards safeguarding IP cameras against hackers can be.
  • With so much at stake, are you giving the Board Members the information they need to support smart security strategies?
  • Noted author and blogger Cory Doctorow reports on Imperva research "DDoS for Hire".
  • The Times supplement, Raconteur, quotes Itsik Mantin, director of security research at Imperva, on cyber attacks with enormous impact.
  • BBC News quotes Amichai Shulman, CTO at Imperva, in an article on the safety of the cloud.
  • Imperva Ransomware as a Service analysis and CryptoWall Report cited by TechRepublic.
  • Network World New Product of the Week: Imperva CounterBreach
  • SC Magazine covers Imperva's March Hacker Intelligence Initiative report and quotes Amichai Shulman, CTO at Imperva.
  • Amichai Shulman quoted by Inc.
  • International Business Times quotes Amichai Shulman, CTO at Imperva, in an article on ransomware.
  • SC Magazine features the Imperva HII CryptoWall 3.0 Report in its February 10 issue. The article discusses how Cryptowall has been a cash bonanza for criminals, failure for cops.
  • BankInfoSecurity talks to Amichai Shulman.
  • The Register reports on Imperva's analysis of Bitcoin wallets linked to malware-wielding extortists.
  • BBC News reports on a destributed denial of service (DDoS) attack which took Ireland's National Lottery website offline.