Sicurezza

Can You Crack the Hack?

Pubblicato il

Let’s play a game. Below are clues describing a specific type of cyberattack; can you guess what it is? This cyberattack is an automated bot-based attack It uses automation tools such as cURL and PhantomJS It leverages breached usernames and passwords Its primary goal is to hijack accounts to access sensitive data, but denial of […]

Sicurezza

Anatomy of a Cloud-Native Data Breach

Pubblicato il

Migrating computing resources to cloud environments opens up new attack surfaces previously unknown in the world of premise-based data centers. As a result, cloud-native data breaches frequently have different characteristics and follow a different progression than physical data breaches. Here is a real-life example of a cloud-native data breach, how it evolved and how it […]

Sicurezza

Are Connected Cows a Hacker’s Dream?

Pubblicato il

Humans aren’t the only ones consumed with connected devices these days. Cows have joined our ranks. Believe it or not, farmers are increasingly relying on IoT devices to keep their cattle connected. No, not so that they can moo-nitor (see what I did there?) Instagram, but to improve efficiency and productivity. For example, in the […]

Sicurezza

What is a Zero-Day Attack?

Pubblicato il

Zero-day attacks are the latest, never-before-seen generation of attacks. They are not volumetric or detectable from a known application signature. Security systems and experts must react instantly to solve the new issues, that is, they have zero days to react. Advanced application-level attacks typically fit into this category. Two Distinct Phases Probe and Learn: Hackers […]

Sicurezza

CISOs, Know Your Enemy: An Industry-Wise Look At Major Bot Threats

Pubblicato il

According to a study by the Ponemon Institute in December 2018, bots comprised over 52% of all Internet traffic. While ‘good’ bots discreetly index websites, fetch information and content, and perform useful tasks for consumers and businesses, ‘bad’ bots have become a primary and growing concern to CISOs, webmasters, and security professionals today. They carry […]

Sicurezza

Bots 101: This is Why We Can’t Have Nice Things

Pubblicato il

In our industry, the term bot applies to software applications designed to perform an automated task at a high rate of speed. Typically, I use bots at Radware to aggregate data for intelligence feeds or to automate a repetitive task. I also spend a vast majority of time researching and tracking emerging bots that were […]

Sicurezza

Adapting Application Security to the New World of Bots

Pubblicato il

In 2018, organizations reported a 10% increase in malware and bot attacks. Considering the pervasiveness (70%) of these types of attacks reported in 2017, this uptick is likely having a big impact on organizations globally. Compounding the issue is the fact that the majority of bots are actually leveraged for good intentions, not malicious ones. As a result, it is […]

Sicurezza

IoT Expands the Botnet Universe

Pubblicato il

In 2018, we witnessed the dramatic growth of IoT devices and a corresponding increase in the number of botnets and cyberattacks. Because IoT devices are always-on, rarely monitored and generally use off-the-shelf default passwords, they are low-hanging fruit for hackers looking for easy ways to build an army of malicious attackers. Every IoT device added to the network grows the hacker’s […]

Sicurezza

Attackers Are Leveraging Automation

Pubblicato il

Cybercriminals are weaponizing automation and machine learning to create increasingly evasive attack vectors, and the internet of things (IoT) has proven to be the catalyst driving this trend. IoT is the birthplace of many of the new types of automated bots and malware. At the forefront are botnets, which are increasingly sophisticated, lethal and highly automated digitized […]

Sicurezza

The Rise in Cryptomining

Pubblicato il

There are four primary motivations for cyberattacks: crime, hacktivism, espionage and war. Setting aside nation-state sponsored groups, the largest faction of attackers are cybercriminals, individuals or well-established organizations looking to turn a profit. For the last several years, ransom-based cyberattacks and ransomware had been the financial modus operandi for hackers, but 2018 flipped the coin […]