A security architect’s POV on a mature data-centric security program, Part 1

In this three-part series, you’ll hear first-hand from security architects on the front lines about what it takes to move organizations from a compliance-centric to a mature data-centric database security model. You’ll gain insight into the challenges associated with retaining, accessing and...

When data privacy and protection are rights, don’t get it wrong

Twenty-one years ago, Latanya Sweeney showed that it’s possible to uniquely identify 87% of Americans with just three pieces of personal data: gender, ZIP code and full date of birth. Long before anyone had heard the words ‘data lake’, ‘cloud storage’ or ‘big data’, nevermind ‘social media’, it w...

Data security is broken: What’s next?

One out of every two on-premises databases globally has at least one vulnerability, finds a new study from Imperva Research Labs spanning 27,000 on-prem databases, based on insights from a proprietary database scanning service introduced by Imperva Innovation five years ago. The question is: why ...

Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers

Vulnerability Overview On August 25, 2021 a security advisory was released for a vulnerability identified in Confluence Server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection”. The vulnerability allows an unauthenticated attacker to perform remote command execution by taking advantage...

Shorter, sharper DDoS attacks are on the rise – and attackers are sidestepping traditional mitigation approaches

Imagine that your network is under attack. A couple of minutes ago, you detected a large burst of traffic, out of nowhere. Now it’s in excess of 60 Gbps, and overwhelming your network. Your mitigation service hasn’t picked up the attack yet, and you’re just about to take a closer look when it sto...

How to Exploit SQL Server Using Registry Keys

At the Imperva Research Labs we have the chance to scrutinize various security situations. In this blog, we will take a closer look at database security on SQL Server. One routine approach that security practitioners employ to protect databases is deploying honeypots and waiting for bad actors to...

How to Exploit SQL Server Using OLE Automation

As part of the Imperva Research Labs we have the opportunity to examine various security scenarios. In this post, we will consider database security on SQL Server. One standard method that security practitioners use to protect databases is deploying honeypots and waiting for hackers to take the...

The pitfalls of relying only on your ISP for DDoS protection

Relying on your Internet Service Provider ISP for DDoS protection is like going to a restaurant known for the freshest, tastiest seafood and ordering beef. Sure, they have it on the menu and they are happy to sell it to you, but the experience is not likely to compare well to what you’d have in a...

Cheap and nasty: How for $100 low-skilled ransom DDoS extortionists can cripple your business

Distributed Denial of Service DDoS attacks capable of crippling network resources and websites can be rented online for as little as $5 an hour. With an average financial impact of $100k for just one hour of downtime, that’s a serious return on cybercriminal investment. And that’s just for the...

Ransom DDoS: What you need to know now

According to the 2021 DDoS Threat Landscape Report, Ransom DDoS RDoS threats are on the rise. Imperva researchers have been monitoring threats against several of our customers where extortionists have demanded payment in BitCoin to prevent DDoS attacks. The attack patterns this year are very...

5 high-profile DDoS attacks that should chill you to the bone

Distributed denial of service DDoS attacks are malicious attempts to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server. Data revealed in the 2021 DDoS Threat Landscape Report strongly suggests attacks are constantly...

The 4-phase approach smart companies take to mitigate DDoS attacks

Distributed denial of service DDoS attacks have been a significant feature of the cyber threat landscape over the past two decades. The 2021 DDoS Threat Landscape Report reveals that attacks today are constantly evolving in complexity, volume, size, and frequency. The only constant in DDoS attack...

The 4 most common bad bot attack methods targeting financial services

Organizations in the financial services sector are high-value targets for cybercriminals. In recent years, more sophisticated botnets and other bad bot attack methods have enabled malicious hackers to ratchet up the speed of attacks on this sector. The four most common ways hackers deploy botnets...

6 ways cybersecurity teams can save time and money

The phrase “time is money”, originally attributed to Benjamin Franklin, reprimands the slothful for wasting their working hours. As one of the founding fathers of the United States, Benjamin Franklin clearly never worked a day in cybersecurity. This is an area where fresh blood is hard to find to...

Financial Services: Web Application Attacks Grow by 38% In First Half of 2021

During his career in the middle of the last century, professional bank robber Willie Sutton made off with an estimated $2 million in stolen money. Urban legend has it that when a journalist asked Sutton why he robbed banks, he replied, “That’s where the money is.” In later interviews, Sutton...

How your application and data security strategy can help you complete a high level FFIEC CAT assessment

More than ever, financial institutions depend on web applications to maintain operations and partner with other enterprises to provide services to customers, but the significant rise in the number of cyber attacks targeted at this industry in the last few years has the potential to undermine...

Brace yourselves: Holiday shopping season is coming

The E-commerce market has seen tremendous revenue growth during the pandemic. Along with that good news for E-business, there has been an increase in fraudulent activities online that may cost retailers over $20 billion in losses by the end of 2021. According to eMarketer, worldwide retail...

Game On: A Summer of Cybercrime Reveals Evolving Bot Threat

Fans around the world clamored online, and even in-person, over the past several weeks to enjoy the thrill of competition. From the Tour De France and EURO 2020 tournament in June to the recent Summer Olympic Games in Tokyo, fans were eager to cheer on their nations and make a little money in the...

How profiling employee working hours helps to detect security incidents

At the TimeMachine company there are two special old friends Bob and Alice. Bob, as a team manager, usually has a very busy schedule filled with meetings all day long. You can even find him working late into the night trying to catch up on email he received during the day. Alice on the other hand...

The top 3 OWASP risks to the financial services sector in 2021 and how to mitigate them

The Open Web Application Security Project OWASP is a non-profit organization that helps security experts protect web applications from cyber attacks. OWASP counts 32,000 volunteers worldwide who perform security assessments and conduct research on cybersecurity threats about which the larger...

From basic text to streaming 4K movies: A brief history of the World Wide Web

When Sir Tim Berners-Lee wrote his proposal for the World Wide Web WWW in 1989, he probably didn’t predict just how much his ideas would change the way we communicate. With about 1.83 billion websites to date, the World Wide Web has been the cornerstone of the information age. Famously Berners-Le...

What to do when your business has been hacked

You might be here because the unthinkable has happened so let’s get straight into this, step by step: Immediate containment. Inform stakeholders. Inform law enforcement. Implement your disaster recovery plan. Analyze and future proof. Early warning signs may be unusual user-account behavior, slow...

5 reasons why depending on your ISP for DDoS protection is a bad idea

A distributed denial of service DDoS attack is a malicious attempt to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server. Once thought of as prankish annoyance, DDoS attacks today are often a tool for cybercriminals to...

Imperva mitigated its largest attack as a provider of DDoS protection

In July, Imperva mitigated its largest attack as a provider of DDoS protection, and one of the largest DDoS attacks so far in 2021. The attack lasted for 40 minutes and generated a massive throughput of 1.02 terabytes per second Tbps and 155 million packets per second Mpps. Imperva also mitigated...

The SysAdmin Class for the World’s Greatest Role-Playing Game

If you’re not sure what a System Administrator SysAdmin does, this is the person in your company or possibly an external contractor who fearlessly oversees the maintenance, care, configuration, and stable operation of your computers and servers. It’s your SysAdmin who is responsible for the...

Machine Learning Testing for Data Scientists

In one software development project after another, it has been proven that testing saves time. Does this hold true for machine learning projects? Should data scientists write tests? Will it make their work better and/or faster? We believe the answer is YES! In this post we describe a full...

Logging: A Deep Dive

Our RASP product At Imperva our team builds a product called RASP which stands for Runtime Application Self Protection. As indicated by the name, it is a security product which plugs directly into the runtime of an application in order to provide a similar and complementary set of capabilities as...

How to build a security-first culture with remote teams

If recent world events have driven an increase in the number of remote workers in your organization, you are now confronted by even more security challenges for already stretched security teams and busy IT departments. Sixty-one percent of CISOs are more concerned about security risks targeting...

Four features your data-centric security strategy must provide

Each year, the number of data breaches grows by 30%, underscoring the need for organizations to make data-centric security a business priority. Following the big data movement around the beginning of the 21st century, technological innovations have enabled companies to manage, store and process...

How to leverage accountability to ensure sustainable enterprise data security

As post-pandemic economic recovery continues to drive rapid acceleration in digital transformation, documented data breaches and service disruptions caused by cybercriminal activity have become an unwelcome part of our daily news feed. In spite of the regulations and compliance requirements that...

Bad bot activity on sports betting websites rises during Euro 2020

Across Europe, the EURO 2020 tournament captivated fans over the past month, with Italy ultimately defeating England to take home the cup on July 11. As fans eagerly watched the matches, Imperva Research Labs was busy monitoring activity that wasn’t happening on the playing field -- but across a...

Game Over: How to Stop DDoS Attacks on Online Gamers

You’re just about to take out a long-time rival, claim Victory Royale or round out a royal flush when your ping spikes or you’re DCed. Chances are you, or the game you’re playing, have been hit by a denial of service DoS attack. What’s the story? A recent report cited that of all cyber attacks...

How to Empower Employees to be Secure and Productive

How can CISOs make cybersecurity positive, productive, inclusive, and maintain best practices across the enterprise? -- Do your staff feel valued and important in their roles? More than 65 percent of employees report they do not feel recognized at work, and 31 percent say theyre "engaged but feel...

Moving to AWS Lambda? Here’s what you need to know.

Serverless computing is transforming the way organizations build, ship, automate and scale applications. With no need to worry about infrastructure or who’s going to manage it, developers are free to focus on application development and innovation. The payoffs can be significant: Faster time to...

Oracle Auditing Part 3: Unified Auditing

This is the third, and last, article on the topic of Oracle auditing. It is relevant to Oracle 12c only. With Unified Auditing, Oracle simplified the task of auditing activities in a modern database environment, and rather than having to learn multiple methods, patterns, and techniques for both...

Oracle Auditing Part 1: Standard Auditing

This is the first of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant if you choose to use Pure Unified Auditing. Unified Auditing will be covered in the third part of this series...

Five Common Myths about Ransom DoS Attacks

Did you know that 86% of organizations surveyed in CyberEdge’s Cyberthreat Defense Report this year were compromised by cyberattacks? Since the first known incident in 1989, ransom DoS attacks have become increasingly sophisticated over time. If you are not well versed on the potential threats th...

Oracle Auditing Part 2: Mandatory and Fine-Grained Auditing

This is the second of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant if you choose to use Pure Unified Auditing. Unified Auditing will be covered in the third part of this series an...

What Are Red Team Exercises and Why Are They Important?

Pick a side. It’s game time, and nothing is off the table. -- For most organizations, a true defense-in-depth strategy includes the proactive testing of company cyber defenses. A Red Team Exercise is designed to reveal vulnerabilities in a companys security through hands-on testing, uncovering...

Top 8 Database Security Best Practices

There is a large body of knowledge on what activities are required in order to secure databases and in order to comply with regulations and requirements. We’ve gathered the top 8 best practices for ensuring database security. Databases are arguably the most important and, unfortunately, also the...

Security for Amazon Redshift

We’ll show you how to set up basic monitoring of AWS Redshift using their native security features, including how to set up a Redshift instance, creating S3 buckets, and shipping the audit logs to Cloudwatch. Basic security for Amazon Redshift can be accomplished through standard AWS security...

Security Auditing for MongoDB on Atlas

MongoDB is a document-oriented NoSQL database that provides high performance, high availability, and easy scalability. To many, it is the leader in the NoSQL space. MongoDB Atlas was launched in June of 2016 and provides MongoDB as a database-as-a-service DBaaS. Atlas provides all of the features...

Securely Managing Entitlement of S3 Resources

Here we’ll talk about securely managing entitlements of S3 resources including managing access control to S3 objects and utilizing audit logging to keep track of the usage of shared resources. Amazon’s AWS services allow for accounts to grant access to resources from other accounts on AWS. This...

Compliance When Migrating to the Cloud: SQL Server Running on Azure vs. On- Premise

In the age of the data era, where data storage is increasing at an exponential rate and access to information is getting easier and faster, data security is a major concern. There are many cases where we can’t prevent people from accessing data, but we can track and investigate suspicious...

Azure SQL Database Security: 9 Features You Should Know

Databases are where organizations hold their “crown jewels” – their data. If you’re running or looking to run SQL on Azure, Azure provides security for the physical, logical, and data layers of services. Basic Azure SQL database security can be enabled using a variety of native security features...

Why You’re Not Making the Leap from Compliance to a Database Security Strategy

Gartner strongly recommends that the concept of “big data strategy” should be replaced with “making big data part of our everyday strategy.” Technology has created a database activity explosion for most enterprises and made traditional agent-based data logging, monitoring, and auditing far too...

jSonar to Begin a New Chapter in Collaboration

A message from JSonar co-founder and CTO, Ron Bennatan. My wife complains that I’m a boring person. I’ve been doing the same thing for 25 years now – databases, then security, then database security, then data security and then some data lake security. But by that account Tom Brady is a boring...

Five Tips to Impress at Your CISO Job Interview

Chief Information Security Officers CISOs are in demand and the lack of experienced candidates, coupled with the evolving required skill set, helped make it the highest paying tech job in 2020. With 100% of large corporations Fortune 500, Global 2000 forecast to have a CISO or equivalent position...

Mitigating attacks in serverless environments

Serverless computing has become the fastest-growing segment in the cloud services market. The benefits are clear and significant: cost savings and lower operational overhead, giving development teams full control over code and flexibility in the infrastructure. This also means that, in terms of...

Do CAPTCHAs work and what’s the alternative?

We know youre busy, so the answer is “No”. Users want less friction, and a good bot detection and mitigation solution will do the job MUCH better. The first lesson on the first day of UI school is that users want the path of least resistance. While the gamification of cybersecurity does have a...