Alert Fatigue (IT Professionals Survey, Imperva)

From Thousands of Security Alerts to a Handful of Insights

| | Labs
Understanding an attacker’s workflow and how Attack Analytics hunts them down In recent years we’ve seen a significant increase in the number and complexity of cyber-attacks. The accessibility of public tools and ...
graph

Detecting Account Takeover Botnets

| | Labs
A botnet is a network of compromised computers – known as bots – usually controlled by a command and control computer, that work together in coordination for a malicious purpose. In this ...
FirstPHPFPizdec

Tracking CVE-2019-11043 PHP Vulnerability – An Uncommon Chain of Events

| | Labs
On October 22, security researcher Omar Ganiev published a tweet regarding remote code execution vulnerability in PHP-FPM (the FastCGI Process Manager) running on the Nginx server. The tweet includes a link to ...
desync 1

HTTP Desync Attacks in the Wild and How to Defend Against Them

| | Labs
Inspired by an article by Watchfire from 2005, we recently explored an old attack technique named HTTP Request Smuggling and checked it against our WAF protection. By coincidence, it turned out someone ...
Conceptual design

The Importance of the Customer’s Feedback in Product Design

| | Labs
We’ve learned over time that we develop products not for us the company, but for you, the customer, to help resolve your problems. But just resolving a customer’s problem is not enough ...
Urgent-11-BLOG

URGENT/11 – New ICS Threat Signatures by Nozomi Networks Labs

A well-known RTOS (Real-Time Operating System), widely used in industrial sectors, is at risk from a series of 11 vulnerabilities dubbed URGENT/11. Nozomi Networks Labs conducted research on the vulnerable devices and ...
EXP_blog-26-switch-advisory

New Switch Vulnerability Discovered by Nozomi Networks Labs

On August 13, 2019, the Siemens CERT Team issued an advisory (SSA-100232) concerning Siemens SCALANCE switch devices. This vulnerability was responsibly disclosed to Siemens CERT Team and CISA by Nozomi Networks Labs ...
EXP_blog-25-Storm

An ICS Cyber Security Storm is Brewing: How to Prevent Staff Burnout

Building cyber resiliency puts a lot of pressure on an organization’s security team. It requires specialized knowledge that takes time to develop, and there just aren’t enough skilled cyber experts to go ...
Black Hat: The Future of Securing Power Grid Intelligent Devices

Black Hat: The Future of Securing Power Grid Intelligent Devices

Today at Black Hat USA we’re presenting an innovative power grid cyber security solution that greatly improves monitoring of intelligent electronic devices (IEDs). Using the IEC 62351 standard for monitoring industrial networks, ...
What You Need to Know About LookBack Malware & How to Detect It

What You Need to Know About LookBack Malware & How to Detect It

On August 1, security researchers at Proofpoint reported the details of spearphishing campaign targeting three different United States utility companies using a malware called “LookBack.” The spearphishing emails contained a malicious Microsoft ...