Research labs
Holidays Are Coming – the State of Security for E-commerce in 2020
With the Coronavirus pandemic driving consumers online, a new report from Imperva reveals how this year’s holiday shopping season will present online retailers with a level of traffic – and cyber-attack threats ...
Imperva SD-SOC: How Using AI and Time Series Traffic Improves DDoS Mitigation
Much has changed since we first started providing protection against DDoS attacks. Attacks which were once considered huge are now mitigated on a daily basis, attackers are becoming more sophisticated by the ...
Bug hunting for a quick buck using WebLogic vulnerability (CVE-2020–14882)
Introduction Popular within the commercial sphere, Oracle WebLogic Server is a scalable enterprise Java platform application server for Java-based web applications. When a vulnerability is discovered in WebLogic, hackers will try to ...
CrimeOps of the KashmirBlack Botnet – Part II
Introduction The previous blog – “CrimeOps of the KasmirBlack Botnet – Part I” – described the DevOps behind the botnet. It showed how its well-designed infrastructure makes it easy to expand and ...
CrimeOps of the KashmirBlack Botnet – Part I
Introduction Being in a research team exposes us to a variety of attacks on different platforms, of different types, scope, and volume. It also gives us the opportunity to select particularly interesting ...
Major Global Ransom Denial of Service Campaign Continues Rising Trend in Global DDoS Attacks
Extortionists Claim Connection to Fancy Bear and Lazarus Group In the past weeks the number of serious Ransom Denial of Service (RDoS) threats has ramped-up considerably, with extortion campaigns targeting thousands of ...
Imperva mitigates largest DDoS attacks of 2020… so far…
The word “unprecedented” has never been used so much as it has during 2020. And in the latest of many unprecedented events, July saw the two largest recorded DDoS attacks of the ...
Fast, Furious, and Scalable: Designing a High-throughput, Real-time Network Traffic Analyzer
These days, our focus is on spoiling our customers. For example, we give our DDoS Protection customers the peace of mind that their network traffic is routing through Imperva’s cloud for consistent ...
Avoid Alert Fatigue: Web Application Firewall Installation, Configuration and Best Practices
Alert fatigue – introducing false positives in WAF All WAF experts know what it’s like handling massive amounts of alerts. They’re also very likely wasting a lot of time fishing false positives ...
The Anatomy of Massive Application Layer DDoS Attacks
During 2020 between June 18 and June 24 Imperva mitigated massive 200K RPS (Request Per Second) attacks on a daily basis. Here at Imperva we investigate major attacks we mitigated in order ...
