Now-Patched Google Photos Vulnerability Let Hackers Track Your Friends and Location History

A now-patched vulnerability in the web version of Google Photos allowed  malicious websites to expose where, when, and with whom your photos were taken. Background One trillion photos were taken in 2018. With image quality and file size increasing, it’s obvious why more and more people choose to host their photos on services like iCloud, […]
The post Now-Patched Google Photos Vulnerability Let Hackers Track Your Friends and Location History appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/_RXLkA6k_as/

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and memory, especially since we didn’t know […]
The post How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/0WO62f69Eys/

How to Deploy a Graylog SIEM Server in AWS and Integrate with Imperva Cloud WAF

Security Information and Event Management (SIEM) products provide real-time analysis of security alerts generated by security solutions such as Imperva Cloud Web Application Firewall (WAF). Many organizations implement a SIEM solution to bring visibility of all security events from various solutions and to have the ability to search them or create their own dashboard. Note […]
The post How to Deploy a Graylog SIEM Server in AWS and Integrate with Imperva Cloud WAF appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/gIxPmGKk-Cg/

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers. You can interact with Docker via the terminal and also via remote API. The Docker remote API is a great way to control […]
The post Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/6185ZnG0in4/

Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers

Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in dozens of unsuccessful attacks against our customers, with an unknown number of attacks, some likely successful, against other websites. Published on February 20th, […]
The post Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/ehBGF65ofeY/

No One is Safe: the Five Most Popular Social Engineering Attacks Against Your Company’s Wi-Fi Network

Your Wi-Fi routers and access points all have strong WPA2 passwords, unique SSIDs, the latest firmware updates, and even MAC address filtering. Good job, networking and cybersecurity teams! However, is your network truly protected? TL;DR: NO! In this post, I’ll cover the most common social engineering Wi-Fi association techniques that target your employees and other […]
The post No One is Safe: the Five Most Popular Social Engineering Attacks Against Your Company’s Wi-Fi Network appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/eVh7AYME6aw/

The Challenges of DIY Botnet Detection – and How to Overcome Them

Botnets have been around for over two decades, and with the rise of the Internet of Things (IoT) they have spread further to devices no one imagined they would – printers, webcams, and even toasters and fridges. Some botnets enlist infected devices to mine cryptocurrency or steal passwords from other devices. But others are, in […]
The post The Challenges of DIY Botnet Detection – and How to Overcome Them appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/Q2ddxijk5uI/

This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.

DDoS attacks are usually measured by the amount of bandwidth involved, such as the 1.35 Terabits per second (maximum) attack directed at GitHub last year, the largest DDoS attack ever at the time. However, in DDoS attack mitigation, it’s not the amount of bandwidth that matters – it’s the absolute number of packets directed at […]
The post This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important. appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/aIJOygB5Vl4/

The State of Web Application Vulnerabilities in 2018

(Jan. 12 update:  Due to a data transfer error, some of the 2017 figures were incorrectly reported; this version of the blog has been corrected. This error did not affect our 2018 statistics, nor our conclusions.) As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. […]
The post The State of Web Application Vulnerabilities in 2018 appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/X39YguAXYdg/