ATM robber WinPot: a slot machine instead of cutlets
Automation of all kinds is there to help people with their routine work, make it faster and simpler. Although ATM fraud is a very...
DNS Manipulation in Venezuela in regards to the Humanitarian Aid Campaign
Venezuela is a country facing an uncertain moment in its history. Reports suggests it is in significant need of humanitarian aid.
On February 10th, Mr....
DDoS Attacks in Q4 2018
News overview
In Q4 2018, security researchers detected a number of new botnets, which included not only Mirai clones for a change. The fall saw...
Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
Executive Summary
Throughout the autumn of 2018 we analyzed a long-standing (and still active at that time) cyber-espionage campaign that was primarily targeting foreign diplomatic...
Razy in search of cryptocurrency
Last year, we discovered malware that installs a malicious browser extension on its victim’s computer or infects an already installed extension. To do so,...
GreyEnergy’s overlap with Zebrocy
In October 2018, ESET published a report describing a set of activity they called GreyEnergy, which is believed to be a successor to BlackEnergy...
A Zebrocy Go Downloader
Last year at SAS2018 in Cancun, Mexico, “Masha and these Bears” included discussion of a subset of Sofacy activity and malware that we call...
The world’s southernmost security conference
When asked about his best race, Ayrton Senna replied that it was when he raced karting cars. For him it was the best because...
Remotely controlled EV home chargers – the threats and vulnerabilities
We are now seeing signs of a possible shift in the field of personal transport. Recent events such as the ‘dieselgate’ scandal undermine customer...
Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)
Executive summary
In October 2018, our AEP (Automatic Exploit Prevention) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further...
Latest article
Attackers Are Quick to Exploit vBulletin’s Latest 0-day Remote Code Execution Vulnerability
Imperva’s Cloud WAF has identified instances of a new 0-day vulnerability being exploited within a matter of hours of the exploit being published.
On Monday...
Ransomware: two pieces of good news
“All your files have been encrypted.” How many times has this suddenly popped up on your screen? We hope never, because it’s one of...
A Leader in the 2019 Gartner Magic Quadrant for WAF, Six Years Running
Gartner has published its 2019 Gartner Magic Quadrant for Web Application Firewalls (WAF) and Imperva has been named a Leader for the sixth consecutive...
