Imperva Threat Research
Database Ransomware: From Attack to Recovery
Introduction In recent years, ransomware attacks have risen sharply, due to their profitability, ease of access with ransomware-as-a-service (RaaS) tools, and an increasing attack surface. Ransomware is a type of attack in ...
Breaking the Chain of Data Access: The Importance of Separating Human and Application Users
Data, the lifeblood of any organization, relies on the database as its beating heart. As a result, businesses invest heavily in designing and monitoring all access to it. In traditional literature, there ...
DDoS Attacks Leveraged by Attackers in Israel Conflict
Over the last few years, we’ve observed Distributed Denial of Service (DDoS) attacks used in many conflicts. In the Russia-Ukraine war, DDoS was used both by government cyber agencies and individual hacktivist ...
Recent Vulnerabilities in Popular Applications Blocked by Imperva
Multiple vulnerabilities in popular and widespread applications have been disclosed recently, tracked as CVE-2023-36845, CVE-2023-40044, CVE-2023-42793, CVE-2023-29357, and CVE-2023-22515. These vulnerabilities, which affect several products and can be exploited to allow arbitrary ...
Protecting Against HTTP/2 Rapid Reset
Today, Google disclosed a zero-day vulnerability in the HTTP/2 protocol. Imperva collaborated proactively with Google to gain advanced insights into this vulnerability. After a comprehensive inspection of this vulnerability by Imperva’s Product ...
How to Predict Customer Churn Using SQL Pattern Detection
Introduction to SQL’s MATCH_RECOGNIZE Clause SQL is a great way to perform analysis on your data. It is very common and supported by many database engines including big data solutions. SQL is ...
Behind the Scenes of a Tailor-Made Massive Phishing Campaign
A global phishing campaign caught our attention after one of our colleagues was targeted by, and nearly fell victim, to a social engineering attack. The campaign involved more than 800 different scam ...
Unraveling an AI Scam with AI
The last year has seen an unprecedented surge in the use of Artificial Intelligence (AI) and its deployment across a variety of industries and sectors. Unfortunately, this revolutionary technology has not just ...
Overcoming Challenges in Delivering Machine Learning Models from Research to Production
So, you’ve finished your research. You developed a machine learning (ML) model, tested, and validated it and you’re now ready to start development, and then push the model to production. The hard ...
CVE-2023-34362 – MOVEit Transfer – An attack chain that retrieves sensitive information
MOVEit Transfer is a popular secure file transfer solution developed by Progress, a subsidiary of Ipswitch. At the moment, there are more than 2,500 MOVEit Transfer servers that are accessible from the ...
