35 posts categorized "Amichai Shulman"

March 27, 2013

Last week, as part of the Spammer-Anti-Spammer wars - An attack on Spamhaus was created using a DNS amplification attack on highly rated DNS servers, the attack used Botnets to send an initial reflection request...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

March 19, 2013

Sharing security research and intelligence makes the community as a whole safer. By uncovering and sharing information on weaknesses in the Internet, common vulnerabilities and new attack techniques, our customers and the industry learn specific...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

February 21, 2013

Last week I attended an OWASP conference in Israel and participated in a panel about WAFEC. This panel is part of the currently ongoing effort to generate the second version of the WAF evaluation criteria...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

January 10, 2013

Imperva CTO Amichai Shulman: Let me start by saying that I’m not a big fan of back and forth argumentative discussions taking place in the blogosphere. However, the religious rage that erupted over the past...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (3)

October 29, 2012

South Carolina in the news quite a bit last week. What caused the breach? No one stated explicitly but as some may suspect, it was probably a SQL injection attack. What are the indications? First,...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

October 26, 2012

Banks have been asked to step up their DDoS protection. The request, however, is mostly CYA. Take, for example, the call to check for vulnerabilities--which has nothing to do with DDoS attacks. I think that...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

July 19, 2012

A recent article describes an apparently serious FBI investigation. The article teaches an important lesson. In this case, the FBI wasted resources on matters of relevant little importance because they can get results fast while...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

July 17, 2012

Oracle’s latest critical patch update (CPU) went live today. Overall, this is a fairly consistent release: 80 overall patches with 4 database vulnerabilities. Likewise, the same volume of MySQL vulnerabilities is consistent with previous releases....Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

June 13, 2012

According to this, Chinese equipment makers have built backdoors into their hardware (which may be the root of Mr. Panetta's remarks). First, a little perspective: Most intelligent networking equipment, manufactured by almost any vendor anywhere...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

April 18, 2012

Oracle released its latest vulnerability list. What this release highlights is the fact that Oracle should provide work-around instructions rather than dogmatically stick to immediate patching as the single alternative. This one has 88 patches....Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)