How to Exploit SQL Server Using Registry Keys
At the Imperva Research Labs we have the chance to scrutinize various security situations. In this blog, we will take a closer look at database security on SQL Server. One routine approach that security practitioners employ to protect databases is deploying honeypots and waiting for bad actors to take the ... Read More
How to Exploit SQL Server Using OLE Automation
As part of the Imperva Research Labs we have the opportunity to examine various security scenarios. In this post, we will consider database security on SQL Server. One standard method that security practitioners use to protect databases is deploying honeypots and waiting for hackers to take the bait. Honeypots are ... Read More
Lessons Learned from 100 Data Breaches: Part 4, Trends in Average Volumes of Stolen Records
Imperva research shows an increase in the volume of data stolen every year. In 2020, we started to see more and more breaches that exfiltrate records in billions. Based on the analysis of thousands of data breach details published on dbdigest, we made calculations on the raw data and found ... Read More
Lessons Learned from 100 Data Breaches: Part 3, Securing Public Cloud Services
In the first two parts of this series, we gained insight into what specific types of data get stolen and what the root causes of breaches are, based on data breach information that Imperva’s Security Labs’ gathered, studied, and analyzed over the last ten years. You can get the full ... Read More
Analysis of 100 Data Breaches: Part 2, What are the root causes of breaches?
As we discussed in Part 1 of this series, Imperva’s Security Labs continuously monitor cyber threat levels around the world and report on them. In the last post, we reported the breakdown of the specific types of data that get stolen and explained what organizations needed to do to mitigate ... Read More
Lessons Learned from 100 Data Breaches: Part 1, What Specific Types of Data Get Stolen?
As part of Imperva’s Security Labs’ ongoing efforts to monitor and report on the current Application and Data Security Threat landscape, we studied and analyzed over 100 of the largest and best-known data breaches of the last decade. Download the full report, Lessons Learned From Analyzing 100 Data Breaches here ... Read More
CrimeOps of the KashmirBlack Botnet – Part I
Introduction Being in a research team exposes us to a variety of attacks on different platforms, of different types, scope, and volume. It also gives us the opportunity to select particularly interesting attacks that target our customers and to analyze them. This blog will give you a taste of the ... Read More