14 posts categorized "Nadav Avital"

August 03, 2016

It was November 2015 when I heard the high-pitched excitement of a researcher from our Imperva Defense Center – “HTTP/2 is susceptible to slow read attacks!” It was like déjà vu all over again; five...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

March 26, 2016

Three months after the previous report we thought it is a good opportunity to check in on the CVEs registered by Imperva SecureSphere Web Application Firewalls. We found some interesting trends – highlighting the most...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

February 22, 2016

When you hear about the recent devastating attacks involving smartphones, malware infection of Android/iOS comes naturally to your mind. However, once you take a closer look at these mobile security incidents, you will be surprised...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

January 15, 2016

[Warning: Spoilers!] Mr. Robot’s win at this week’s Golden Globes surprised many people, but we at Imperva weren’t among them. How could we not love a show about cyber security? It deserved the award for...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (1)

December 21, 2015

Back in 2014, we had predicted (for 2015) that most enterprises would mostly lose their battle against the endless number of patches required for their servers due to the exploding number of CVEs. 2015 indeed...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

December 17, 2015

Virtual Patching may have its humble beginnings from when the IPS devices first reaped its benefits, today it is, even more, invaluable in our fight against zero-day attacks against web applications. We are going to...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

December 03, 2015

On November 6th, 2015 security researchers of FoxGlove Security released zero-day exploits for WebSphere, WebLogic, JBoss, Jenkins, and OpenNMS, facilitating in some cases Remote Code Execution attacks on application servers using these technologies. The popularity...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

November 25, 2014

In September, a bug in GNU Bash was publicly exposed in the wild and rained fire on computer systems on premise and in the cloud due to the simple attack vector and the effect on...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

November 24, 2014

The holiday season is approaching so we thought it would be a good time to check whether cybercriminals shop as well… The holiday season encompasses two major sales events: the old Black Friday and his...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (0)

March 18, 2014

For a long time, PHP has been the dominant server side framework for companies to write their web applications with. In fact, ~82% of all websites today are written in PHP. And while PHP’s power...Read More
Share:
Share on LinkedIn
  • Authors & Topics:
  • Permalink
  • Comments (1)