Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
OkCupid account hijackings highlight website account management issues
Users of popular dating site OkCupid have been complaining of hackers taking over their account, locking them out by changing the associated email address and password, and …
The year ahead: More breaches, bolstered regulation and the rise of AI
This time of the year is always exciting for us, as we get to take a step back, analyze how we did throughout the year, and look ahead at what the coming year will bring. …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …
Imperva acquires Prevoty to expand customers’ security capabilities
Imperva announced it signed an agreement to acquire Prevoty. Together, Imperva and Prevoty will provide security solutions to protect application services residing on-premises …
E-voting and DDoS concerns: The devil’s in the details
It’s a typical Wednesday. I’m sitting in the lounge at the Imperva office going through emails when I stumble onto a whitepaper titled Trust Implications of DDoS Protection in …
Are attackers harnessing your Redis server?
Earlier this year security researchers warned about vulnerable Apache Solr, Redis, and Windows servers hit with cryptominers. Imperva now says that that are still too many …
1 in 10 healthcare organizations paid a ransom within the last year
More than one in three healthcare organizations have suffered a cyberattack within the last year, while almost one in 10 have paid a ransom or extortion fee, according to …
Crypto Me0wing attacks: Kitty cashes in on Monero
It’s been a month since the first Drupalgeddon 2.0 RCE (SA-CORE-2018-002/CVE-2018-7600) exploit was first published, unleashing its destruction into the wild… and …
Do you have what it takes to withstand modern DDoS attacks?
As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack …
Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers
Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato …
Widespread API use heightens cybersecurity risks
A new Imperva survey showed a heightened concern for cybersecurity risk related to API use. Specifically, 63 percent of respondents are most worried about DDoS threats, bot …
Featured news
Sponsored
Don't miss
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)
- May 2024 Patch Tuesday forecast: A reminder of recent threats and impact
- How secure is the “Password Protection” on your files and drives?
- F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
- Zscaler swats claims of a significant breach