Nadav Avital, Author at Blog | Imperva

Home
Blog
Articles by: Nadav Avital

Nadav Avital Technical Application Security Research, Imperva Defense Center

Drupalgeddon-2-Are-Hackers-Slacking-Off

Drupalgeddon 2.0: Are Hackers Slacking Off?

Ever since March 28th, when Drupal published a patch for a RCE named Drupalgeddon 2.0 (SA-CORE-2018-002/CVE-2018-7600), Imperva has been monitoring our cloud looking for hackers’ attempts to exploit the vulnerability,...

iStock-671382716

RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits

Recently cryptojacking attacks have been spreading like wildfire. This week we saw a new generation of cryptojacking attacks aimed at both database servers and application servers. We dubbed one of these attacks RedisWannaMine. Read on.

iStock-901416838

New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks

It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining...

Insecure-deserialization-header-IM

Deserialization Attacks Surge Motivated by Illegal Crypto-mining

Imperva’s research group is constantly monitoring new web application vulnerabilities. In doing so, we’ve noticed at least four major insecure deserialization vulnerabilities that were published in the past year. Our...

State-of-web-application-vulnerabilities-2017

The State of Web Application Vulnerabilities in 2017

As a web application firewall provider, part of our job at Imperva is constantly monitoring new security vulnerabilities. To do this, we use internal software that collects information from various...

CVE-2017-9805-Analysis-of-Apache-Struts-RCE-Vulnerability-in-REST-Plugin

CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin

Just two months ago we published an analysis of a critical remote code execution (RCE) security vulnerability in Apache Struts. Now Apache Struts has published a new version fixing yet...

Live Chat Agents Unavailable