Digest - Tagged - Security Boulevard
security vulnerabilities mitigation image 1

How to mitigate security vulnerabilities automatically with RASP

In a world where DevOps is oiling the wheels of accelerated software development, it’s hardly surprising that automation, code re-use and third-party libraries are integral parts of our high-speed app development cycle ...

A security architect’s POV on a mature data-centric security program, Part 1

| | CISO, DAM, Data Security, Digest
In this three-part series, you’ll hear first-hand from security architects on the front lines about what it takes to move organizations from a compliance-centric to a mature data-centric database security model. You’ll ...

When data privacy and protection are rights, don’t get it wrong

Twenty-one years ago, Latanya Sweeney showed that it’s possible to uniquely identify 87% of Americans with just three pieces of personal data: gender, ZIP code and full date of birth. Long before ...
Elad Erez image 1

Data security is broken: What’s next?

| | CVEs, Data Security, Digest, Research labs
One out of every two on-premises databases globally has at least one vulnerability, finds a new study from Imperva Research Labs spanning 27,000 on-prem databases, based on insights from a proprietary database ...
CVE 2021 26084 image 1

Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers

Vulnerability Overview On August 25, 2021 a security advisory was released for a vulnerability identified in Confluence Server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection”. The vulnerability allows an unauthenticated attacker to perform ...
Sharper DDoS 1

Shorter, sharper DDoS attacks are on the rise – and attackers are sidestepping traditional mitigation approaches

Imagine that your network is under attack. A couple of minutes ago, you detected a large burst of traffic, out of nowhere. Now it’s in excess of 60 Gbps, and overwhelming your ...
Registry 1

How to Exploit SQL Server Using Registry Keys

At the Imperva Research Labs we have the chance to scrutinize various security situations. In this blog, we will take a closer look at database security on SQL Server. One routine approach ...
OLE Automation 1

How to Exploit SQL Server Using OLE Automation

As part of the Imperva Research Labs we have the opportunity to examine various security scenarios. In this post, we will consider database security on SQL Server. One standard method that security ...

The pitfalls of relying only on your ISP for DDoS protection

Relying on your Internet Service Provider (ISP) for DDoS protection is like going to a restaurant known for the freshest, tastiest seafood and ordering beef. Sure, they have it on the menu ...

Cheap and nasty: How for $100 low-skilled ransom DDoS extortionists can cripple your business

Distributed Denial of Service (DDoS) attacks capable of crippling network resources and websites can be rented online for as little as $5 an hour. With an average financial impact of $100k for ...