Another year has come and gone, full of all sorts of new cyber-attacks and vulnerabilities. Which subjects did our readers find the most fascinating this year? Privacy, open-source tools, and a new botnet threat called Reaper were just a few. Below are the top 10 posts that you kept coming back to:
On Friday, May 12th, 2017 attackers leveraged the Wannacry exploit to create one of the world’s largest cyber ransom incidents. Wannycry became the poster child for what can happen when users fail to update their software in a timely manner. The campaign spread across networks all over the world, leveraging a recently disclosed vulnerability in Microsoft SMB service. In this case, Microsoft’s security update was released a month before the Shadow Brokers leaked the FuzzBunch framework that included the exploits and payload used in the campaign. In this blog, ERT Researcher Daniel Smith takes a deep dive into how these variants work.
Guest author David Monahan looks at three factors that influence the cost of a DDoS attack – the evolution and commercialization of the Dark Web, the explosion of IoT devices, and the spread of cryptocurrency.
Over the last few years, tools such as stressers, ransomware, and Remote Administration Tools (RAT) are being published along with other open source services under the pretenses of education and testing for vulnerabilities and risks. But what happens when these tools fall into the wrong hands? In this blog, we take a closer look at the debate.
Ultra-adaptive hackers have released new kinds of cyber-attacks in 2017. In the first of this two-part series, we look at a three of the five nastiest attacks that companies dealt with this past year.
In the second part of this series, we take a look at the last two attack types that proved to be particularly troublesome for companies this year – IoT botnets and PDoS (Permanent Denial-of-Service).
- A fifth of millennials would rather the U.S. government see what’s on their phone than their significant other
Privacy was another issue that our readers found compelling and relevant this past year. In a survey conducted by Harris Poll, Radware asked 2,200 Americans ages 18 and older if they would rather have the government look at what’s on their phone, or their significant other. This blog takes a look at the results.
“Once dangerous tools are released to the public, they can be downloaded—and modified and enhanced—by anyone.” This blog takes a look at what happened when Radware performed a quick test to see how easy or difficult it would be for an average hacker to take the open-sourced Mirai source code and extend its capabilities with a new, advanced attack vector.
Sometimes lost in the news cycle among attacks on large, well-known banks and other financial organizations are the small and medium businesses also fighting a battle to protect their assets. In 2016, the financial services industry suffered 44 million cyber-attacks, more than any other industry. A report by Beazley Breach Response (BBR) Services found that banks and credit unions with less than $35 million in annual revenue accounted for 81% of hacking and malware breaches at financial institutions. In this blog, we explore how Service Providers have an opportunity here to help protect their customers who may not even know that they are a target.
First, there was Brickerbot. Then, there was Reaper. There were rumors that it could potentially be the most threatening botnet ever seen. In this blog, we delve into the history of Mirai to see how it compares to this new threat, and whether or not we should be concerned about it.
New vulnerabilities in CDN networks have left many wondering if the CDNs themselves are vulnerable to a wide variety of cyber-attacks. In this blog, we identify five different threats to CDNs and how you can protect against them.
According to this latest blog from Carl Herberger, 2016 was the year of DDoS, and 2017 was the year of ransom. 2018 is predicted to be the year of automation, or more specifically attacks on automated processes. What else will 2018 bring?
Download “Web Application Security in a Digitally Connected World” to learn more.
This is a Security Bloggers Network syndicated blog post authored by Radware. Read the original post at: Radware Blog