6 posts from October 2012

October 31, 2012

This week, Imperva's ADC released the latest Hacker Intelligence Initiative Report. Our focus this month was hacker forums. The purpose of studying hacker forums is simple: learn about the hacking community by studying their chatter....Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 29, 2012

South Carolina in the news quite a bit last week. What caused the breach? No one stated explicitly but as some may suspect, it was probably a SQL injection attack. What are the indications? First,...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 26, 2012

Banks have been asked to step up their DDoS protection. The request, however, is mostly CYA. Take, for example, the call to check for vulnerabilities--which has nothing to do with DDoS attacks. I think that...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 17, 2012

Recently, US banks were warned about automated attacks coming from Havij, a SQL injection attack tool. While we've blogged on stopping SQL injection in the past, it is a topic always worth revisiting. First, let's...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 11, 2012

Firefox is leaking URLs data across domain, by not restricting javascript’s “location” method. How does it work? A “proof of concept” exploit for the vulnerability exists (for more, check this out). A user browses to...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 02, 2012

Apparently there has been a cyber attack on the White House’s network. The reported attack vector? Spear phishing. At least it appears that no data theft took place, yet. This incident reminds us how easy...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)