Sicurezza

The Issue & Impact of Malspam in the U.S. Elections

Pubblicato il

Malspam, or malicious spam, is one of the most common and problematic attack vectors currently plaguing the cyber threat landscape. It is a very effective method for delivering emails in bulk that contain a phishing message directing victims to either click on an embedded link or download an infected attachment. Once opened, a hidden executable […]

Sicurezza

How to Respond to a DDoS Ransom Note

Pubblicato il

DDoS ransom attacks are making a comeback. The past few weeks have seen hacker rings attack with renewed vigor, with the finance, e-commerce and service-provider verticals particularly impacted. Since the middle of August, Radware has been tracking several extortion requests from threat actors posing as “Fancy Bear,” “Armada Collective,” and “Lazarus Group.” It is a […]

Sicurezza

When You Get Breached, So Do Your Customers

Pubblicato il

Software as a service (SaaS) providers have critical requirements for all facets of the information security triad: availability, confidentiality and integrity. Although other industries have the luxury of concentrating only on data confidentiality and integrity, SaaS providers must do this in addition to maintaining their customers’ ability to access their applications. Safeguarding underlying infrastructure and […]

Sicurezza

Emotet Attacks Spread Alongside Fears of Coronavirus

Pubblicato il

The rise of the coronavirus globally, but mainly in China, has resulted in the World Health Organization calling on all countries to take urgent measures to contain the disease. As a current Hong Kong resident, and one who is fully engaged with organizations in the APAC region, I can confirm that the fear is palpable. […]

Sicurezza

Nation-State Attacks: Motivations & Consequences

Pubblicato il

The motivations and resulting consequences of state-sponsored cyberattacks are as far ranging as the geographies from which they originate. Nation-state hackers target government agencies, critical infrastructure and any and all industries known to contain sensitive data or property. Typically, they strike via sophisticated techniques that interrupt business operations, leak confidential information and generate massive data […]

Sicurezza

TCP Reflection Attacks: Then and Now

Pubblicato il

We recently published a blog post about the rise in TCP reflection attacks throughout 2019. The public was able to observe the reflection campaign’s targeting of different verticals because the criminal(s) behind the attacks are leveraging public infrastructure as their refractors.  Ultimately, we published our insight into these campaigns because of their impact on both […]

Sicurezza

Threat Alert: TCP Reflection Attacks

Pubblicato il

Throughout 2019, Radware’s Threat Research Center (TRC) and Emergency Response Team (ERT) have been monitoring and defending against an increasing number of TCP reflection attacks. TCP reflection attacks, such as SYN-ACK reflection attacks, have been less popular among attackers until recently. The lack of popularity was mainly due to the wrong assumption that TCP reflection […]

Sicurezza

Empowering the Infosec Community

Pubblicato il

Despite the technological advancements, innovation, and experience the knights of the cyber order have acquired over the past 25 years or so, the “bad guys” are still a step ahead. Why? In large part, because of the power of community. While information security vendors live in a competitive market and must protect their intellectual property, […]

Sicurezza

Defacements: The Digital Graffiti of the Internet

Pubblicato il

A defacement typically refers to a remote code execution attack or SQL injection that allows the hacker to manipulate the visual appearance of the website by breaking into a web server and replacing the current website content with the hacker’s own. Defacements are considered digital graffiti and typically contain some type of political or rivalry […]