Pierluigi Paganini October 14, 2019
Imperva explains how hackers stole AWS API Key and accessed to customer data

Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall (WAF) customers. In August, cybersecurity firm Imperva disclosed a data breach that exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula. Incapsula, is a CDN service designed […]

Pierluigi Paganini June 15, 2015
$38 an hour is the cost of destructive DDos Attacks

DDOS attacks have become cheaper than one can think, just because of the era of DDOS-for-hire services. However, such attacks are easier to launch now and don’t cost much, but when it comes to the victim – it costs $40,000 per hour to them considering the loss. Incapsula revealed in its annual Report of DDoS […]

Pierluigi Paganini May 13, 2015
Mass-Scale Abuse of poorly configured SOHO Routers

Several dozen Imperva Incapsula customers were targeted by a DDoS botnet comprised of tens of thousands of hijacked SOHO routers. Security experts at Incapsula firm spotted a DDoS botnet composed of tens of thousands of malware-infected Small Office / Home Office SOHO routers engaged in application layer HTTP flood attacks. The SOHO routers were infected with a strain […]

Pierluigi Paganini July 25, 2014
Fake Googlebots used to run application-layer DDoS

Security experts at Incapsula are observing a surge in the used of fake Googlebots to launch and carry out application-layer DDoS. Googlebots crawl websites are the software used to index and rank the content of websites for the popular search engine. It’s not a mystery that the visits of Googlebots are not considered a possible indicator […]

Pierluigi Paganini April 05, 2014
Persistent XSS in Top Website enables large-Scale DDoS attack

Incapsula firm discovered the exploitation of a persistent XSS vulnerability in one of the world most popular website to run a large scale DDoS attack. Recently Cloud-based security service provider Incapsula detected an application layer DDoS attack conducted hijacking a huge volume of traffic to victims website. The website of Incapsula customer was flooded by a DDoS attack, over […]

Pierluigi Paganini December 16, 2013
Website traffic report shows an increase of malicious bots activity

Incapula security firm published a new report on the analysis of website traffic evidencing the increment for malicious activities. Researchers at the Incapsula security firm have published a new study on the nature of website traffic, early 2013 the company revealed that 51% of the overall traffic was generated by non-human entities and 60% of […]

Pierluigi Paganini July 01, 2013
Two-factor Authentication for SMBs

The purpose of this article is to cover the challenges SMBs are facing when it comes to using authentication methods to protect their online websites and applications, and comparing a number of two factor authentication services for SMBs.   The report includes: –          Why ‘password only’ protection is not enough anymore –          The challenges of […]