A new exploit for zero-day vulnerability CVE-2018-8589
Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The...
Spam and phishing in Q3 2018
Quarterly highlights
Personal data in spam
We have often said that personal data is candy on a stick to fraudsters and must be kept safe (that...
Hey there! How much are you worth?
Have you ever stopped to think just how much your life is worth? I mean really think about it. For instance, let’s say you...
DDoS Attacks in Q3 2018
News Overview
The third quarter 2018 turned out relatively quiet in terms of DDoS attacks. “Relatively” because there were not very many high-level multi-day DDoS...
Hackers attacking your memories: science fiction or future threat?
Authors: Kaspersky Lab and the Oxford University Functional Neurosurgery Group
There is an episode in the dystopian near-future series Black Mirror about an implanted chip...
Phishing for knowledge
When we talk about phishing, top of mind are fake banking sites, payment systems, as well as mail and other globally popular services. However,...
Octopus-infested seas of Central Asia
For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named...
Threats in the Netherlands
Introduction
On October 4, 2018, the MIVD held a press conference about an intercepted cyberattack on the OPWC in the Netherlands, allegedly by the advanced...
MuddyWater expands operations
Summary
MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to...
Zero-day exploit (CVE-2018-8453) used in targeted attacks
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We...
Latest article
Attackers Are Quick to Exploit vBulletin’s Latest 0-day Remote Code Execution Vulnerability
Imperva’s Cloud WAF has identified instances of a new 0-day vulnerability being exploited within a matter of hours of the exploit being published.
On Monday...
Ransomware: two pieces of good news
“All your files have been encrypted.” How many times has this suddenly popped up on your screen? We hope never, because it’s one of...
A Leader in the 2019 Gartner Magic Quadrant for WAF, Six Years Running
Gartner has published its 2019 Gartner Magic Quadrant for Web Application Firewalls (WAF) and Imperva has been named a Leader for the sixth consecutive...
