26
May
2015
DD4BC's Latest DDoS Extortion Campaign Targets The Payment Industry

Over the past month, a number of Imperva Incapsula customers have received email threats from DD4BC—a DDoS group that, despite its boyband-sounding name, was actually responsible for several high-profile DDoS extortion attacks against bitcoin companies last year.

DD4BC's previous attacks targeted bitcoin exchanges and gaming sites, presumably due to the assumption that these types of businesses would refrain from reporting attacks to law enforcement authorities. Based on the recent threats we've seen, it would appear that DD4BC has also started targeting the payment industry...

Read more »


12
May
2015
Lax Security Opens the Door for Mass Scale Abuse of SOHO Routers

Small Office / Home Office (SOHO) router security has recently become a hot topic. For those who are unfamiliar with the situation, it can best be described as negligent, with ISPs, vendors, and users sharing a long tradition of disregarding basic security practices. The result of this negligence is the existence of hundreds of thousands—more likely millions—of hacker-controlled routers used to attack the Internet ecosystem and interconnected networks.

Several dozen Imperva Incapsula customers were recently targeted by one such DDoS botnet comprised of tens of thousands of hijacked routers. After informing the major companies involved, we are sharing attack details in an attempt to raise awareness about the dangers posed by under-secured, connected devices.

The attacks we will describe are enabled by what we perceive as particularly careless security practices. Many of these botnet devices remain active, continuing to play a role in attack attempts against our clients and other websites, even as this is being written...

Read more »

10
May
2015
Come Meet us at G2E Asia 2015

Next week we'll be travelling to G2E Asia, the most prominent event in the global gaming industry. This lucrative expo brings together top professionals in the field, and serves as an invaluable platform for Incapsula to present its services and solutions in an arena that continuously grows more competitive.

Read more »


30
Apr
2015
Case Study: Advanced Camouflage Techniques that Help Backdoors Bypass Security Solutions

The nature of our business is such that many of our clients come to us only after experiencing a security breach, with their websites already infested by one or more backdoor shells. As a result, a good chunk of our time is spent towards perfecting our backdoor detection and removal mechanisms. But even when you think you've seen it all, hackers never cease to surprise.

The following is a case study that delves into the details of a sophisticated backdoor we've recently neutralized—one that really brought out our inner security geek. We hope that it will provide assistance and guidance to fellow security professionals and help them outsmart similar sneaky perpetrators...

Read more »




15
Apr
2015
Incapsula’s New DDoS Downtime Calculator

Risk assessment is a critical part of any security strategy. Only by understanding the real risks associated with a given threat can you determine the most appropriate way to address them, as well as the right level of investment.

Incapsula’s new DDoS Downtime Calculator is designed to help you assess the risks associated with an attack, offering case-specific information adjusted to the realities of your organization...

Read more »