Lucene search

K
impervablogBruce LynchIMPERVABLOG:7CB37AC69862942C5D316E69A7815579
HistoryDec 29, 2021 - 12:03 p.m.

2021 in Review, Part 2: 5 Top Cybersecurity Stories

2021-12-2912:03:19
Bruce Lynch
www.imperva.com
165

0.976 High

EPSS

Percentile

100.0%

Ransomware may have dominated headlines in 2021, but it’s only one of many threats security teams must protect against. We’re taking a look back at 5 top cybersecurity stories of 2021 that practitioners wanted to learn more about.

5. The State of Security in eCommerce

Why you should learn more about this

The global pandemic has pushed more consumers online and forced the acceleration of growth in eCommerce. The threat landscape for eCommerce websites has never been larger or more complex, with bad bot traffic being the principal problem, accounting for 57% of all attacks on online retail websites in 2021. In addition to stopping ordinary eCommerce transactions, about a third of attacks on web applications on retail websites resulted in data leakage. And with 83% of retail websites running third-party JavaScript-based services executing on the client-side, application developers are creating blind spots in securing the services they need to protect.

What can eCommerce enterprises do?

In addition to Advanced Bot Protection, security practitioners may also consider Client-Side Protection that provides visibility into JavaScript services executing on a website at any given moment. This solution automatically scans for existing and newly added services, eliminating the risk of them being a blind spot for security. Client-Side Protection enables you to allow approved domains while blocking unapproved ones and ensures your customers’ sensitive information doesn’t end up being transferred to unauthorized locations and that no fraudsters are exploiting your visitors.

4. How Imperva Is Protecting Customers & Staying Ahead of CVE-2021-44228

Why you should learn more about this

CVE-2021-44228 allows for unauthenticated remote code execution and is having a big impact on all organizations running Java workloads. Security teams are scrambling to immediately patch their software and upgrade third-party components to meet SLAs. Initial attack peaks reached roughly 280K/hour and as with other CVEs in its class, we expect to see this number grow, especially as new variants are created and discovered over the coming days and weeks.

What can security practitioners do?

Runtime Application Self-Protection (RASP) offers a defense-in-depth strategy for enterprises to protect their applications and APIs on a broad front. Many Imperva customers that have deployed RASP have saved thousands of hours in emergency patching and made their secure software development lifecycle faster. Customers that have RASP deployed across their Java applications are protected from RCEs related to CVE-2021-44228.

3. The ad blocker that injects ads

Why you should learn more about this

Ad injection is the process of inserting unauthorized advertisements into a publisher’s web page with the intention of enticing the user to click on them. Ad injectors are often made by scammers trying to make money from application downloads. They can generate revenue for their creators by serving ads and stealing advertising impressions from other websites. With many people spending more time browsing the web, deceptive ad injection is a growing concern. Attackers are constantly refining their tactics, techniques, and procedures.

What can security practitioners do?

Malicious JavaScript files, including ad injection scripts, are still widespread on the Internet despite worldwide efforts among security practitioners to make the web safer. Imperva Client-Side Protection enables customers to block such malicious JavaScript threats. The solution provides security teams with visibility and insights into the JavaScript-based services running on their websites, as well as the ability to block unwanted services from executing.

2. Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers

Why you should learn more about this

Remote Code Execution (RCE) vulnerabilities can easily allow threat actors to exploit affected systems for easy monetary gain by installing cryptocurrency miners and masking their activity, thus abusing the processing resources of the target.

What can security practitioners do?

With Imperva Cloud Web Application Firewall, security practitioners can see a CVEs activity in Imperva Attack Analytics. Also, Given the nature of how Imperva Runtime Application Self-Protection works, RCEs can be stopped without requiring any code changes or policy updates. Applications of all kinds (active, legacy, third-party, APIs, etc.) are protected when RASP is actively deployed.

1. 5 elements to include in a cybersecurity strategy for any size business

Why you should learn more about this

Cybercriminals don’t care how big your business is. If there is a way to separate you from your data or put a wrench in the works of your web applications by launching an automated attack, they will figure out a way to do that. If not directly through your site, then through the software supply chain or through your website visitors. Today, you shouldn’t depend on your developers to build water-tight web application code, your ISP to protect you from a DDoS attack, or your compliance audit checkbox to protect you from a data breach. The threat landscape has progressed far beyond these notions.

What can security practitioners do?

We strongly recommend working with cybersecurity experts to accurately evaluate your specific threat landscape and help you build a sustainable data security strategy for today and the future.

The post 2021 in Review, Part 2: 5 Top Cybersecurity Stories appeared first on Blog.