8
Apr

Update: April 10

We are now reissuing all SSL certificates together with our two CA providers – Comodo and GlobalSign, in order to eliminate any risk of private key leakage. Most of our certificates have already been reissued and the whole process is expected to complete within the next 24 hours. The reissuing process is conducted behind the scenes and requires no further action from our clients.

Extensive testing we conducted failed to demonstrate the possibility of private key compromise, except under the most contrived scenarios. However, we concluded that the risk does exist for any certificate deployed on OpenSSL over the past two years, given the fact that the vulnerability has been around since March 2012.

We have further approached our customers using custom SSL certificates about re-issuing their certificates. We believe it is advisable for all other OpenSSL users to do so as well.

Read more »

3
Apr
One of World’s Largest Websites Hacked: Turns Visitors into DDoS Zombies

Yesterday we mitigated a unique application layer DDoS attack against one of our clients. The attack was carried out using traffic hijacking techniques, which flooded our client with over 20 million GET requests originating from the browsers of over 22,000 Internet users -- all turned into unwilling accomplices by the offender.

What makes this case especially interesting is the fact that the attack was enabled by a vulnerability in one of the world’s largest and most popular sites - one of the domains on Alexa’s “Top 50” list....

Read more »

3
Apr
Ransom DDoS: Criminal Masterminds or Kids with Nukes?

In the past few weeks we witness a wave of DDoS attack that were targeting several prominent online companies; MeetUp, Elance, oDesk and BaseCamp, to name a few. The common theme for these events was the attackers’ motivations. In all these cases offenders were trying to blackmail the websites’ owners, asking for ransom of 300-400 USD to prevent the attack.

Who would go through the risk of DDoSing a service for 300 or 400 USD? Are they criminal masterminds trying to lay down some long-term extortion schemes or are they just non-professional opportunists, trying to make a quick buck?

Read more »

30
Mar
 Join Us at WHD.global 2014

This week we are attending WHD.global 2014; one of world’s most important gathering of the international hosting industry.

The conference will be taking place on April 1-3, at Europa-Park in Rust, Germany. We will be waiting for you at booth F15.

On the first day of the conference Eldad Chai, Incapsula’s VP of Product Management, will be holding a session about the challenges posed by latest network and application layer DDoS threats.

Read more »

26
Mar
2013-2014 DDoS Threat Landscape - Botnet Activity is up by 240%

Today we are releasing a DDoS Threat Landscape report which provides several important, and often surprising, facts about DDoS activity in 2013 and the beginning of 2014.

When we started working on this report back in January, our goal was to provide a recap of 2013 DDoS trends. However, the offenders had other plans. And so, just as we were preparing for the report to come out, we started encountering new types of DDoS events which were too significant to overlook...

Read more »

19
Mar
Two New Data Centers Go Live in Seattle and Dallas

Two new Incapsula data centers have just come online for the Coffee drinkers in Seattle, Washington and the Cowboys in Dallas, Texas.

These new data centers expand Incapsula’s global network and allow us to offer even faster CDN speeds to our customers’ US based visitors. The new facilities also significantly increase Incapsula’s total network throughput, which now exceeds 630Gbps.

Read more »

11
Mar
Introducing: First True Layer 7 Global and Local Load Balancer

Today's feature announcement is one of our most significant to date. After a long time in development, Incapsula is rolling out a set of brand new availability features that combine the benefits of top-tier load balancing appliances with the ease of setup, cost-efficiency and scalability of the cloud.

At the core of today's release is Incapsula's revolutionary new approach to cross-datacenter failover and GSLB (Global Server Load Balancing) - the first true Layer 7 GSLB solution that significantly improves upon current DNS-based alternatives.

Read more »

27
Feb
 New Data Center in Paris & Bigger Data Centers in APAC

Today we are happy to announce two major upgrades to Incapsula’s network infrastructure. The first one is our newest data center, going live today in Paris, France. The second is a major overhaul to our Singapore and Tokyo data centers.

With these upgrades Incapsula further extends its CDN capabilities, offering a better level of service in APAC and in Western Europe, while also offering better compliancy with regional privacy regulations. At the same time, this expansion also boosts Incapsula’s DDoS protection capabilities, by pushing our overall network’s capacity above the 550Gbps line.

Read more »


10
Feb
Incapsula to be Acquired by Imperva

Dear Incapsula customers,

Last week Imperva announced that it will be acquiring Incapsula. The Imperva-Incapsula relationship is not something new and has always been very tight. Incapsula was spun out of Imperva a little over four years ago, and since then Imperva has been the sole investor in Incapsula and has also been a major distribution partner for us.

By acquiring Incapsula, Imperva is doubling down on its investment, with the intention of further accelerating and growing our business...

Read more »