• All
  • Research Lab
  • Perspectives
  • Threat Central
  • Front Line
  • Subscribe: RSS | Email

    December 14, 2016

    As the Chief Information Security Officer (CISO) of Imperva, I head up the team that is responsible for security and compliance across the enterprise footprint and cloud operations activities for the company and its SaaS...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    December 12, 2016

    As the year winds down, Imperva is excited to share that it has once again be named to Deloitte’s Technology Fast 500™*, a ranking of the 500 fastest growing technology, media, telecommunications, life sciences and...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    December 06, 2016

    Phishing is the starting point for most data breaches. People are the weakest link to an organization’s security posture. Current approaches to controlling the proliferation of phishing have shown no signs of success. Imperva advocates...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    November 14, 2016

    Joomla! CVE-2016-8870 & CVE-2016-8869 This blog analyzes the privilege escalation vulnerability in Joomla! CMS and its exploitation in the wild. Based on the attack traffic, we show the statistics of the attack including a spike...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    November 03, 2016

    Financial institutions and e-commerce merchants have become targets of massive financial fraud as cyber criminals have used stolen payment card data from major data breaches1, such as the ones involving Wendy’s restaurants in 2015, Home...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 27, 2016

    “Do you have any insect repellent? I’ve been told my computer has a bug.” There is no doubting that cyber security is a very technical subject, and with the current state of hacking for profit...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 24, 2016

    On Friday Oct. 21, 2016, a DDoS attack shut down several popular internet sites. Users experienced slow access or no service to Twitter, Spotify, Shopify, SoundCloud, Reddit and The New York Times and others. The...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Health care organizations are at the forefront of cyber security. Arguably, they’re ahead of many other industries because they’re a top target for cyber criminals. A single patient record is worth 10 times more than...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 22, 2016

    Earlier this year, researchers at the Imperva Defense Center followed the money trail on CryptoWall 3.0 – one of the most widespread ransomware menaces to date. The results were astounding, and show how ransomware authors...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 21, 2016

    As published in “The Economist Intelligence Unit” October 5, 2016 By Kim DeCarlis, CMO, Imperva As threats mount, cyber security has become top of mind for a growing number of corporate boards. Directors and senior...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
  • Look here for our latest research reports and breaking security news.

    Subscribe: RSS | Email

    January 19, 2017

    In a previous Imperva Hacker Intelligence Initiative (HII) report we delved into some of the financial aspects of phishing and credential theft. Obviously, one of the important factors in the cost of a campaign is...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    January 17, 2017

    On December 25th 2016, a critical new vulnerability in PHPMailer was made public. The open source PHP library for email handling embeds email functionality in web applications. This recent vulnerability takes advantage of insufficient validation...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    January 05, 2017

    Since 2010, 68 vulnerabilities of Apache Struts—the popular open source framework used for building web applications—have been published. Although all of them have been mitigated through patches, hackers still constantly exploit these vulnerabilities to launch...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    December 29, 2016

    Part of our job on the Imperva web application security team is supplying inclusive mitigation to new security vulnerabilities in web applications as soon as they become public. Imperva continually gathers information regarding new vulnerabilities...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Next »
  • You'll find thoughts on security trends, industry news, and upcoming Imperva events here.

    Subscribe: RSS | Email

    December 27, 2016

    Here at Imperva, we’ve seen a lot in our more than 14 years in the cyber security industry and 2016 was no exception. Data breach after DDoS attack after insider threat…hackers upped their game with...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    December 20, 2016

    At the end of 2015 we offered several predictions regarding the evolving cyber security landscape for 2016. We’ll be releasing our 2017 predictions soon, but before we do, we thought we’d see how accurate our...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    December 14, 2016

    As the Chief Information Security Officer (CISO) of Imperva, I head up the team that is responsible for security and compliance across the enterprise footprint and cloud operations activities for the company and its SaaS...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    November 03, 2016

    Financial institutions and e-commerce merchants have become targets of massive financial fraud as cyber criminals have used stolen payment card data from major data breaches1, such as the ones involving Wendy’s restaurants in 2015, Home...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Next »
  • Find practical information on late-breaking security threats here.

    Subscribe: RSS | Email

    November 14, 2016

    Joomla! CVE-2016-8870 & CVE-2016-8869 This blog analyzes the privilege escalation vulnerability in Joomla! CMS and its exploitation in the wild. Based on the attack traffic, we show the statistics of the attack including a spike...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 24, 2016

    On Friday Oct. 21, 2016, a DDoS attack shut down several popular internet sites. Users experienced slow access or no service to Twitter, Spotify, Shopify, SoundCloud, Reddit and The New York Times and others. The...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    August 30, 2016

    In the Imperva Incapsula DDoS Threat Landscape Report, we share detailed information about the latest attack trends, using data collected in the course of mitigating thousands of DDoS assaults against Imperva Incapsula customers. Leveraging this...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    August 03, 2016

    It was November 2015 when I heard the high-pitched excitement of a researcher from our Imperva Defense Center – “HTTP/2 is susceptible to slow read attacks!” It was like déjà vu all over again; five...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Next »
  • Here's our central location for helpful advice, tips, how-to information, and best practices.

    Subscribe: RSS | Email

    November 03, 2016

    Financial institutions and e-commerce merchants have become targets of massive financial fraud as cyber criminals have used stolen payment card data from major data breaches1, such as the ones involving Wendy’s restaurants in 2015, Home...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 27, 2016

    “Do you have any insect repellent? I’ve been told my computer has a bug.” There is no doubting that cyber security is a very technical subject, and with the current state of hacking for profit...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:

    October 24, 2016

    On Friday Oct. 21, 2016, a DDoS attack shut down several popular internet sites. Users experienced slow access or no service to Twitter, Spotify, Shopify, SoundCloud, Reddit and The New York Times and others. The...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Health care organizations are at the forefront of cyber security. Arguably, they’re ahead of many other industries because they’re a top target for cyber criminals. A single patient record is worth 10 times more than...Read More
    Share:
    Share on LinkedIn
    • Authors & Topics:
    Next »