Get In Touch
I said in my last article that one of the key factors when it comes to judging the effectiveness of a WAF is accuracy. There is a metric that, measured in an objective way, provides an unmistakable view of quality and accuracy of a WAF solution: false negatives and false positives.
The Q3 2015 State of the Internet Security Report is now available for download at www.stateoftheinternet.com/security-report. Among the highlights: a continued upward trend in DDoS attacks, and attacks fueled by the easy availability of DDoS-for-hire sites that identify and abuse exposed Internet services, such as SSDP, NTP, DNS, CHARGEN, and even Quote of the Day.
Tangina Barros, the medium in the Poltergeist film series, taxes and Internet security. These three things have in common that they scare, they intimidate and they may keep you awake at night. With regards to the first two topics, the only thing I can do is remember that Poltergeist is just a movie, seriously, just a movie (I keep saying that to convince myself, quite unsuccessfully, though) and that
While hospitals are ramping up security efforts to protect information, a large percentage of them are vulnerable to attacks on their web sites. Less than two-thirds of hospitals participating in a recent survey reported having on-premise web application firewalls in place, and fewer than half reported having defenses in place to thwart distributed denial of service (DDoS) attacks. Read more here.
Open redirection is the last item on the OWASP Top 10, and it is considered a Web application functionality that can be used by attackers to redirect users from trusted domains to untrusted domains. But it is a potent problem, as Akamai's Threat Research Team discovered in their research on an unusual malicious SEO attack campaign that abused Web applications' open redirect functionality.
I've received numerous questions about how I found so many Wordpress plugin vulnerabilities and how to write the exploits that were essential to the research. I'll be honest, it's not hard if you have some experience in php programming and basic knowledge of secure programming. To simplify things, we will narrow down certain traits of what plugins to examine.
Today is Cyber Monday, which is historically the day when many retailers encourage online holiday shopping. Online retailers may see large spikes in traffic to their sites. It is possible that some may interpret these spikes as a DDoS, but in reality it may be what we refer to as a "flash mob". A flash mob is a large amount of legitimate traffic being sent to a specific site. One
We're gearing up for some of the busiest days of the holiday season and that means we're starting to make some predictions around consumer shopping behavior and what retailers can expect to see this year. Last year around this same time, we saw an early start to the shopping season, evidenced by an uptick in activity starting as early as Nov. 2. The latest American Express Spending & Saving Tracker supports
Being truly 'ready' for the holidays means different things to different people and organizations. For consumers, it is getting your house decorated, shopping done and enjoying time with both family and friends. For online retailers, it is finalizing deals, ensuring your website can handle the substantial increase in inbound traffic and of course, the elephant in the metaphorical room, web security and its importance in maintaining a positive brand reputation.