A New Chapter in Bot Management Begins Today [Video]
I am excited to share that we have closed the acquisition of Distil Networks, the pioneer and leader in Bot Management. Over the past few weeks, we have been welcoming Distil’s employees into the Imperva family and have started integrating their powerful, analyst-recognized Bot Management solution into our industry-leading Imperva Application Security offering.
As I blogged about before, automated attacks...
New FinSpy iOS and Android implants revealed ITW
FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were first described in 2011 by Wikileaks and mobile implants...
‘Twas the night before
Recently, the United States Cyber Command (USCYBERCOM Malware Alert @CNMF_VirusAlert) highlighted several VirusTotal uploads of theirs – and the executable objects relating to 2016 – 2017 NewsBeef/APT33 activity are interesting for a variety of reasons. Before continuing, it’s important to restate yet again that we defend customers, and research malware and intrusions, regardless of their source. Accordingly, subscribers to our...
Sodin ransomware exploits Windows vulnerability and processor architecture
When Sodin (also known as Sodinokibi and REvil) appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. In a detailed analysis, we discovered that it also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows (rare among ransomware), and uses legitimate...
eBook: Driving DevOps Security
eBook: Driving DevOps Security #outlook a{ padding:0; } body{ width:100% !important; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } body{ -webkit-text-size-adjust:none; } body{ margin:0; padding:0; } img{ border:0; height:auto; line-height:100%; outline:none; text-decoration:none; } table td{ border-collapse:collapse; } #backgroundTable{ height:100% !important; margin:0; padding:0; width:100% !important; } body,#backgroundTable{ background-color:#ffffff; }...
How we hacked our colleague’s smart home
In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center 2 and Fibaro Home Center Lite version 4.540, as well as vulnerabilities in the online API.
An offer you cannot refuse
The backbone of any technology company is made up of tech enthusiasts – people who eat,...
Latest article
US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards...
Using AI to defeat AI
Welcome to this week’s edition of the Threat Source newsletter. Generative AI and agentic AI are here to stay. Although I believe that the advantages...
Adidas Investigates Alleged Data Breach – 815,000 Records of Customer Data Stolen
Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under...
Remcos RAT Expands Real-Time Surveillance Capabilities
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows - Read more
