Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware
Overview
Lazarus has been a major threat actor in the APT arena for several years. Alongside goals like cyberespionage and cybersabotage, the attacker has been...
Behind the Numbers: Database Authentication and Authorization
Earlier this month, I posted a blog about how most companies I speak with have not implemented a modern database authentication and authorization approach....
Dark Tequila Añejo
Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to...
Centrify Interns Reflect on a Summer of Zero Trust
Every summer, Centrify gets an infusion of fresh perspectives and eager learners via our Summer Intern program.
This summer, we had 22 interns join us...
Security assessment of corporate information systems in 2017
Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general...
Spam and phishing in Q2 2018
Quarterly highlights
GDPR as a phishing opportunity
In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect...
Implementing Modern Approaches to Database Authentication and Authorization
The most common question I hear about Database Accounts is, “Can your solution vault Database Service and other Privileged Database Accounts?”
Every time I hear...
How to Authenticate Users Into Apps Using AWS Application Load Balancer and Centrify
At Centrify, an AWS Partner Network (APN) Advanced Technology Partner, we frequently work with developers building applications on Amazon Web Services (AWS). While many aspects of app...
Centrify Zero Trust Security Network Partners Highlighted at BlackHat USA 2018 Booth 2410
This week, BlackHat USA commemorates its 21st year, taking over the Mandalay Bay Convention Center in Las Vegas to present trainings as well as...
Latest article
Attackers Are Quick to Exploit vBulletin’s Latest 0-day Remote Code Execution Vulnerability
Imperva’s Cloud WAF has identified instances of a new 0-day vulnerability being exploited within a matter of hours of the exploit being published.
On Monday...
Ransomware: two pieces of good news
“All your files have been encrypted.” How many times has this suddenly popped up on your screen? We hope never, because it’s one of...
A Leader in the 2019 Gartner Magic Quadrant for WAF, Six Years Running
Gartner has published its 2019 Gartner Magic Quadrant for Web Application Firewalls (WAF) and Imperva has been named a Leader for the sixth consecutive...
