Sicurezza

Nation-State Attacks: Motivations & Consequences

Pubblicato il

The motivations and resulting consequences of state-sponsored cyberattacks are as far ranging as the geographies from which they originate. Nation-state hackers target government agencies, critical infrastructure and any and all industries known to contain sensitive data or property. Typically, they strike via sophisticated techniques that interrupt business operations, leak confidential information and generate massive data […]

Sicurezza

TCP Reflection Attacks: Then and Now

Pubblicato il

We recently published a blog post about the rise in TCP reflection attacks throughout 2019. The public was able to observe the reflection campaign’s targeting of different verticals because the criminal(s) behind the attacks are leveraging public infrastructure as their refractors.  Ultimately, we published our insight into these campaigns because of their impact on both […]

Sicurezza

Threat Alert: TCP Reflection Attacks

Pubblicato il

Throughout 2019, Radware’s Threat Research Center (TRC) and Emergency Response Team (ERT) have been monitoring and defending against an increasing number of TCP reflection attacks. TCP reflection attacks, such as SYN-ACK reflection attacks, have been less popular among attackers until recently. The lack of popularity was mainly due to the wrong assumption that TCP reflection […]

Sicurezza

Empowering the Infosec Community

Pubblicato il

Despite the technological advancements, innovation, and experience the knights of the cyber order have acquired over the past 25 years or so, the “bad guys” are still a step ahead. Why? In large part, because of the power of community. While information security vendors live in a competitive market and must protect their intellectual property, […]

Sicurezza

Defacements: The Digital Graffiti of the Internet

Pubblicato il

A defacement typically refers to a remote code execution attack or SQL injection that allows the hacker to manipulate the visual appearance of the website by breaking into a web server and replacing the current website content with the hacker’s own. Defacements are considered digital graffiti and typically contain some type of political or rivalry […]

Sicurezza

Ransomware: To Pay or Not To Pay?

Pubblicato il

Ransomware is a type of malware that restricts access to user data by encrypting an infected computer’s files in exchange for payment to decrypt. The attacker often distributes a large-scale phishing campaign in the hope that someone will open the malicious attachment or link. Once infected, the device is unusable and the victim is faced […]

Sicurezza

Behind the Disguise of Trojans

Pubblicato il

A Trojan horse is a malicious computer program masquerading as a useful or otherwise non-malicious, legitimate piece of software. Generally spread via social engineering and web attacks, Trojan horses often install a backdoor for remote access and unauthorized access of the infected machine. An attacker can perform various criminal tasks, including, but not limited to, […]

Sicurezza

What You Need to Know About Exploit Kits

Pubblicato il

Exploit kits are prepackaged tool kits containing specific exploits and payloads used to drop malicious payloads onto a victim’s machine. Once a popular avenue for attacks, they are now barely used due to the popularity of other attack vectors, such as cryptomining. However, they are still utilized to deploy ransomware and mining malware. These tools […]

Sicurezza

Can You Crack the Hack?

Pubblicato il

Let’s play a game. Below are clues describing a specific type of cyberattack; can you guess what it is? This cyberattack is an automated bot-based attack It uses automation tools such as cURL and PhantomJS It leverages breached usernames and passwords Its primary goal is to hijack accounts to access sensitive data, but denial of […]