Hacker Intelligence Initiative (HII)
Issued approximately six times a year, the Imperva Hacker Intelligence Initiative (HII) reports go inside the cyber-underground to provide in-depth, forward-looking analysis at trending hacking techniques and interesting attack campaigns. These provocative, creative and innovative research papers aim not to solely understand what has happened in the past, but to deep dive into what is ahead and what’s needed to proactively stay ahead of hackers’ next moves.
The Secret Behind CryptoWall’s Success
Our Imperva Defense Center team peeled back the layers in the financial transactions to see how far we could trace the money trail behind one of the most successful Ransomware—CryptoWall 3.0—with information available in the open. Are there many criminals behind this ruthless ransomware or just a handful of very organized gangs? Read the report to find the surprising answer.
Phishing Trip to Brazil
This report offers a detailed look at a cyber attack targeting consumers, a banking Trojan, and shows how consumer-centric cyber crimes can compromise the enterprise. The report also demonstrates that despite potential anti-malware defenses, attacks that direct individual employees can easily enter the enterprise network.
Man in the Cloud (MITC) Attacks
In this report, we demonstrate a new type of attack we call “Man in the Cloud” (MITC). These MITC attacks rely on common file synchronization services (such as GoogleDrive and Dropbox) as their infrastructure for command and control (C&C), data exfiltration, and remote access. Without using any exploits, we show how simple re-configuration of these services can turn them into a devastating attack tool that is not easily detected by common security measures.
Since most organizations either allow their users to use file synchronization services, or even rely on these services as part of their business toolbox, we think that MITC attacks will become prevalent in the wild. As a result, we encourage enterprises to shift the focus of their security effort from preventing infections and endpoint protection to securing their business data and applications at the source.