Les Assises 2014 Conference Takeaways, Building a Yellow Brick Road in France

Recently, I had the good fortune to be invited to present the keynote speech at the 2014 Les Assises Security Conference held in the beautiful city state of Monaco. Les Assises is the largest information-security gathering in France and year-in and year-out it proves to be not only a huge information sharing opportunity, but also a time of self-reflection and strategy affirmation for the thousands of security executives that attend.

read more

CVE 2014-3566 POODLE: A New Vulnerability

Radware’s Emergency Response Team (ERT) is reporting a new vulnerability published under CVE 2014-3566 named POODLE (Padding Oracle on Downgraded Legacy Encryption). This SSLv3 POODLE vulnerability can force a client to negotiate SSLv3 instead of TLS and then carry out BEAST (Browser Exploit Against SSL/TLS) attacks to obtain information from an encrypted stream.

read more

REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Fall 2014]

Cyber Monday is just around the corner, and early predictions point to holiday ecommerce sales hitting an all-time record of $72 billion. But retailers know that competition for this ecommerce spend will also be at an all-time high. Many will leverage aggressive strategies, ranging from rich visuals to geo-targeting campaigns, to earn their share of the holiday retail pie. These strategies, however, can come with a significant performance price tags, making pages slow to render — and ultimately driving away consumers.

Today at Radware, we’ve released our latest research into the performance of the world’s most popular ecommerce sites. Our research answers the question: In the fight to offer shoppers the richest possible content, are retailers helping or hurting the user experience?

read more

REPORT: 2014 State of the Union for Mobile Ecommerce Performance

Mobile used to take the backseat to desktop, but in 2014 this is no longer the case. One out of four people worldwide own a smartphone, and at least 55% of all time spent on retail sites takes place on mobile devices. These numbers are why we’ve decided to release our annual state of the union for mobile web performance on the same day as our quarterly desktop state of the union.

In this post, I’ll walk through a high-level summary of our key findings, including statistics around mobile load times, website fragmentation across devices, and mobile performance challenges.

read more

Tsunami SYN Flood Attack – A New Trend in DDoS Attacks?

Over the past week Radware’s Emergency Response Team (ERT) detected a new type of SYN flood which is believed to be specially designed to overcome most of today’s security defenses with a TCP-based volume attack. Within a 48-hour period two different targets in two different continents were targeted with this new technique and have experienced very high attack volumes.

read more

Can Your Business Meet the Demands of Cyber-Ransom?

Online criminality has become a big business and new faces of social engineering and fraud are sweeping the globe. News articles regularly report on major breaches and outages, but rarely, if ever, do we see the underlying ransom demands that are presented before a business is attacked. The stand that organizations often take is that they do not negotiate with terrorists or pirates. But this approach, while noble, can become costly to a business, some may lose everything.

read more

Cyber Security Regulations Pull on the Purse Strings – and those Affected Agree it’s Necessary

Financial institutions, such as banks and credit unions, have long been a target of cyber and DDoS attacks. These attacks are designed to disrupt operations and access sensitive information, becoming a constant threat, to not only those businesses but to the customers they serve.

read more

New Findings: The Wrong Image Format Measurably Hurts the User Experience

Faster load times correlate with improved business metrics (ranging from page views to revenues). With images comprising more than half of a typical page’s weight, it only makes sense that optimizing images so that they render more quickly in the user’s browser should be a priority for every site owner.

Selecting the best image rendering format is the first step on the path toward fully optimized images, but even this first step is fraught with debate. At the core of the debate is this seemingly simple question: Should we use baseline or progressive images? If you’re not a web designer or developer, you might find yourself wondering if this is really a crucial question. But if you are a designer or developer, you’re aware that this question has major ramifications in terms of creating the best possible user experience.

At Radware, our latest research – released today — explores this important user experience issue and yields answers that are supported by real data.

read more