• A dive taken by an online security company Incapsula into the depths of a botnet behind Viagra spam emails revealed a major problem, one that seemingly has no ties to the polite maple syrup lovers of the north…When Incapsula intercepted encoded communications from a botnet, they found themselves with the opportunity to take a behind the scenes look at the botnet’s operations.

  • "With so many medical devices connected to the internet, it’s not surprising to know that some of these devices were rendered useless by WannaCry," says Terry Ray, chief product strategist for Imperva.

  • Terry Ray, chief product strategist for Imperva, noted that the healthcare industry continues to be a top target for cybercriminals, because of the large quantity of valuable data they manage and the potential to negatively impact critical patient care. “With so many medical devices connected to the internet, it’s not surprising to know that some of these devices were rendered useless by WannaCry,” Ray told Infosecurity.

  • In a survey by Imperva, carried out at the RSA 2017 security conference, 59% of those questioned said downtime was the largest business impact of a ransomware attack.

  • "As we see in this attack, even the most tech savvy companies and users can fall victim to phishing," he said. "It just takes one well-crafted email to be clicked by one person. Therefore, we must not be complacent when it comes to user training and awareness." "And remember, if you are not 100 percent sure an email is genuine -- no matter how urgent it sounds -- it is always better to check with your IT team first," Ajay Uggirala added.

  • Ransomware’s popularity continues to skyrocket, due to its successful business model and the significant profit paid by its victims. Unlike other malware business models, based on Darknet sales, hackers who utilize ransomware as their attack vector receive payment directly from their victims.

  • A survey of IT executives and managers at the RSA conference by data security company Imperva found 11% were unsure whether the EU’s European General Data Protection Regulation would affect their organization, while 29% said their company wasn’t preparing for the coming rules and 28% were unsure if preparations were under way.

  • According to an Imperva survey of 170 security professionals conducted at this year’s RSA Conference, 51 percent of respondents admitted that the GDPR would impact their companies, IT Briefcase reported. Additionally, 43 percent indicated that they were “evaluating or implementing change in preparation for GDPR,” while 29 percent said they were not preparing. A separate 28 percent indicated that they were unaware of specific preparations for the GDPR.

  • O2 has admitted that thieves exploited flaws in SS7 to steal money from victim's bank accounts. Amichai Shulman, CTO and co-founder at Imperva, told SC Media UK that the existence of an unsecure telco network in some countries was enough for bypassing this specific type of 2FA.

  • Morgan Gerhart, vice president of marketing at Imperva, warned that a major component of the cost of ransomware isn't the ransom, "It's the disruption and downtime." "Theoretically, if you can recover your data in real time, the backup is effective. Most people can't. And even a few hours of downtime is hugely disruptive to an enterprise," Gerhart told SearchSecurity. "We believe the most effective solution is to monitor the data in real time to detect when it's being accessed by ransomware so you can stop the attack."

  • The director of network and infrastructure at inland Southern California's largest school district reflects on his experiences and provides recommendations for preventing cyber attacks. CNUSD needed a solution that was simple to use and not overly technical. We also didn’t want it to require a tremendous amount of professional services or a steep learning curve. It also had to be easy to implement and maintain. We reached out to a security analyst who recommended the Imperva Incapsula website protection service.

  • GDPR will affect all EU-based companies, and all US companies that have any trade with the EU. Despite the threat of hefty non-compliance fines, Gartner is not alone in finding a lack of preparatory urgency among organizations. "The Gartner data aligns with a survey Imperva recently conducted of IT security professionals at RSA," Imperva's chief product strategist Terry Ray told SecurityWeek. "Our data showed an overall lack of urgency among the IT professionals surveyed, with only 43 percent of respondents indicating that they are evaluating or implementing change in preparation for GDPR."

  • Featured article by Terry Ray, Chief Product Strategist for Imperva, Inc. Well-talked about in international circles, the European General Data Protection Regulation (GDPR) is a new regulation to protect the privacy of European citizens – however, many people may not realize that it applies to all businesses that hold and process personal data collected in the European Union, regardless of their industry or location. It becomes effective on May 25, 2018, so there is just over a year to prepare. It sounds like a long way off, but will there be enough time for your company to comply?

  • “Fundamental to digital transformation is that enterprises are simply generating more data than ever before. It’s part and parcel of a knowledge-driven economy and how enterprises create and deliver value. All of this data—stored in an ever-shifting array of locations and repositories—simply presents more opportunity to the cybercrime industry.”

  • A fat-fingered human accidentally broke a transatlantic internet backbone that knackered Cloudflare's content delivery network in the US. Incapsula shows some transit issues around 0926 PT, hours after Cloudflare's stumble.

  • What is the current state of company preparedness for the European General Data Protection Regulation (GDPR)? An Imperva survey has sought to answer this question. The survey of 170 security professionals was taken at RSA 2017, the world’s largest security conference. “US companies should be evaluating the impact GDPR will have on their data practices, given the major fines for non-compliance,” said Terry Ray, chief product strategist at Imperva.

  • Netflix has learned a valuable lesson about ransomware: that is that you should pay up if you really don't want to get burned. "Hackers are looking for the largest payday possible. Why target an individual and request a few hundred dollars, when you can put in almost the same effort and get tens of thousands of dollars or even millions from a major media organisation?," pondered Ajay Uggirala, director at security firm Imperva.

  • Security is really a means to an end, and that end is for the business to succeed. “A successful CISO needs to be both strategic — long-term plan, collaborate with teams, communicate to executive management and the board — and tactical. The devil is in the details,” said Imperva CISO Shahar Ben-Hador in a blog post. “As a CISO, I have to assess what’s going to be a fundamental technology over a longer period of time and what’s fundamental for our business.”

  • Amichai Shulman, co-founder and CTO of Imperva, offered further measures: “To prevent brute force attacks, security officers should not rely on password policies only, but should take specific detection measures like rate limiting login attempts, detecting login attempts from automated browsers, treat with caution logins from unexpected countries and anonymous sources, and compare login data to popular passwords and stolen credentials.”

  • State-sponsored hackers are targeting universities while criminal gangs hold hospitals to ransom by infecting their IT systems with viruses which they remove on payment, researchers say. Ajay Uggirala, Director of Imperva, a cybersecurity firm, said: ‘It makes sense that ransomware attacks are on the rise given the technical skill needed, and the associated cost with phishing campaigns has gone down, making it easier than ever to launch a campaign due to the availability inexpensive servers and DIY kits. These advances leave the hacker with more time to focus on identifying the target and crafting its bait’.

  • For companies with a larger budget, Incapsula offers a much bigger and faster network with enterprise-grade security for only $300/month (Business plan). If you’re an eCommerce business and need to secure highly valuable customer data while supercharging your site performance, Incapsula is your winner.

  • Customer information is in many ways now simply plunder, much as in ancient times soldiers were rewarded with whatever loot they could find after they'd won a battle. “In this case, after collecting the data on their political targets, which includes employees of commercial entities in transportation and financial services, the hackers were given free rein with the spoils — the data from 500 million Yahoo users,” said Tim Matthews, vice president of marketing for the computer security company Imperva.

  • Businesses believe they are more likely to be targeted by distributed denial of service (DDoS) attacks from rival firms than cyber criminals, according to Kaspersky Lab. DDoS attacks have quickly become a big concern for businesses. ... Imperva finished 2016 by fending off the largest attack ever recorded on its network.

  • Terry Ray, chief product strategist at Imperva, the cybersecurity software company based in Redwood Shores, Calif., said it may be "easy to villainize a company" for a data leak, but preventing this kind of forged cookie attack is harder than some might think. “The sad unfortunate truth about web applications is that most of them are not patched when they should be, almost all of them have components that rarely if ever get patched and cookie attacks don't get the same level [of] attention as more common attacks like SQL injection and cross-site scripting."

  • It's easy to villainize a company or an executive for having a data leak, Terry Ray, chief strategist at Imperva, told SC, but he believes it's worth noting that many companies would have been unable to prevent a forged cookie.

  • From around 9:30am Monday, the web servers of many state authorities and offices in Luxembourg were down or difficult to reach. Commenting on this, Ben Herzberg, Security Research Group Manager at Imperva Incapsula said “Organisations need to prepare for DDoS attacks, and know ahead of time what they will do when an attack will hit them (And DDoS is a family with different types of attacks, so the organisation need to know they have them all covered).”

  • As anyone with a website will know, app security is always a concern, whether it's your website being disrupted by a DDoS attack or a cyber criminal hacking into your system to steal sensitive data. With cloud services making this app security technology more affordable, all businesses with web applications are being encouraged to enlist the services of a dedicated WAF provider. Indeed, as explained by Incapsula, WAFs not only protect against OWASP’s Top 10 Threats, they also “prevent disruption to your application and improve website performance”.

  • “With the great increase of IoT devices, from teddy bears like the ones connecting with CloudPets to medical devices monitoring patients to connected refrigerators, our race for innovation brings a lot of cool stuff to life in a very short time, and this will continue in the next years, as there is a potential to revolutionize the way we're living,” said Ben Herzberg, security research group manager at Redwood Shores, Imperva.

  • Ben Herzberg, security group research manager at Imperva, says it's interesting that Necurs has now added a feature for DDoS attacks. But threat actors are likely to increasingly favor using IoT botnets such as Mirai because they are easier to infect and use than desktop botnets like Necurs, he said.

  • A botnet has never been a particularly nice thing. Even going all the way back to 2000 when GTbot was causing rudimentary denial of service attacks, botnets were designed for one thing and one thing only: malicious activity. Professional DDoS mitigation providers Imperva Incapsula found themselves staring down a 400 Gbps attack aimed at their network.

  • 'Smart' teddy bears that listened to the voices of children and parents have leaked 2 million recorded messages online - and hackers are now holding them for ransom. The company that makes the 'CloudPets' toys also leaked the user details of 800,000 accounts, including email addresses and passwords. Ben Herzberg, Security Research Group Manager at Imperva Incapsula, said: 'Internet of things' (IoT) devices have the potential to revolutionise the way we’re living. 'However, we’ve seen a lot of security glitches from these IoT companies, and they need to understand that Information Security is not a "good-to-have".

  • The past year has underscored the growing threat of cyberattacks. Security firm Incapsula identifies data breaches and DDoS attacks as among the top threats businesses encounter on a daily basis. Data breaches steal confidential information while DDoS – which stands for distributed denial of service – attacks render sites and services inaccessible, disrupting usage and operations.

  • There's still work to do, but it's great to see the DHS leading a coordinated effort because something needs to be done. Last year, DDoS protection provider Imperva Incapsula reported helping its customers fend off an average of 445 attacks every week. Their intensity increased dramatically, too, up from around 200Gbps in 2015 to 470Gbps in 2016.

  • The Internet is Mostly Bots

    January 31, 2017

    Overall, bots—good and bad—are responsible for 52 percent of web traffic, according to a new report by the security firm Imperva, which issues an annual assessment of bot activity online. The 52-percent stat is significant because it represents a tip of the scales since last year’s report, which found human traffic had overtaken bot traffic for the first time since at least 2012, when Imperva began tracking bot activity online.

  • Too many damned bots: Imperva Incapsula looked at 16.7 billion website visits from early August to early November 2016, and it found that 51.8 percent of traffic was created by bots. That means less than half of the content, according to the web-security player, was seen by humans.

  • Considering the internet was made by humans for humans you would, quite sensibly assume that the vast majority of all traffic on the internet does then come from humans. Well you’re wrong, so very wrong.A new report by Imperva has shown that not only are we not alone in using the internet, we’re actually in the minority. Over half of all internet traffic was in fact generated by bots.

  • Launching a DDoS attack against Whitehouse.gov? Definitely illegal. Staging a non-registered protest against Whitehouse.gov with the same intended outcome? That could very well be interpreted as illegal, too. Amichai Shulman, who is CTO of security at Imperva, told a reporter at Dark Reading "if you open a browser and constantly refresh, that's a legitimate protest by a human being." Courts may, however, disagree with his assessment.

  • Commenting on the year ahead, Igal Zeifman, director at Imperva Incapsula stated, "Mirai was responsible for many high-profile attacks in the second half of 2016. It safe to say that, in 2017, we will continue to see more evolutions of that specific malware type, which will exploit vulnerabilities in IoT devices. We will also witness the expansion of botnet-for-hire industry, facilitated by the existence of the aforementioned effective, easy to use, and widely available malware."

  • "Bots" - often just a few lines of code, a set of programmed instructions - scamper all around us as we journey through the internet.  According to research firm Incapsula, 61 per cent of internet traffic in 2013 came from bots, a rise of ten per cent in just 12 months.

  • On the vulnerability front, the total number of Web application vulnerabilities actually decreased in 2016. This stat comes by way of Imperva researchers who last week reported their findings in a technical analysis of vulnerability trends for 2016. While that might get those with rose-colored glasses to proclaim progress in Web app security, researchers Nadav Avital and Mia Joskowicz believe that corresponding attack data shoots that down as unlikely. Instead, they believe that there's only so many security researchers out there in the wide world and right now, they've got other fish to fry.

  • Amichai Shulman, CTO Imperva, explained that, “This Yahoo breach and others before it teach us a couple of things: Attackers are still ahead of enterprises, even the larger companies when it comes to covering their tracks. The alleged breaches were only detected once the leaked information surfaced on the web; and time is still a factor.” 

  • Security firm Imperva has analyzed web application vulnerability trends in 2016 and determined that while some types of flaws have declined, others have become more common. Data collected by the company shows that the total number of vulnerabilities found over the past two years has increased, but the number of flaws affecting web applications has actually dropped.

  • Web security firm Imperva was hit by a 650Gbps (Gigabit per second) distributed denial of service (DDoS) attack at the end of 2016, the largest ever recorded on its network. The Leet botnet attack, which occurred just four days before Christmas, targeted several anycasted IPs on the Imperva Incapsula network over two waves, both of which were effectively defended against.

  • Just 10 days before the end of 2016, researchers from Imperva uncovered a massive 650Gbps DDoS attack generated by a new internet of things (IoT) botnet, dubbed “Leet” after a character string in the payload. It’s the first that can rival Mirai. “Attacks that combine the use of small and large payloads have become increasingly common since we first reported them in the spread their odds by trying to both clog network pipes and bring down network switches,” researchers said in an analysis.

  • With the Mirai source code open sourced and its effectiveness proven, more people looking for a quick buck are getting into it. With more players in the market, the price will go down. Pros will start modifying the Mirai and other code bases and it will evolve. In fact, Imperva has already detected a new 650Gbps botnet cannonwhose signature differs from Mirai.