main

DDoSSecurityWAF

WAF and DDoS Help You on the Road to GDPR Compliancy

January 19, 2017 — by Pascal Geenens0

gdpr-compliance-960x539.jpg

Data is the currency of today’s digital economy, the oil of the 21st century. Personal data is considered our economical asset generated by our identities and our behavior and we trade it for higher quality services and products. Online platforms act as intermediaries in a two-sided market collecting data from consumers and selling advertising slots to companies. In exchange for our data being collected, we get what appears to be a free service.

The growth and the market capitalization of social platform providers like Facebook and search engines such as Google demonstrate the value of personal data. Personal data also provides new ways to monetize services as news organizations are finding it difficult to charge ‘real’ money for digital news, but leverage our willingness to pay for a selection of ‘free’ news with our personal data. Every 3 out of 4 persons prefer free registration with selective access over a paid registration with full access.

Attack Types & VectorsSecurity

Popcorn Time…the First Malware Requiring a Moral Compass

January 18, 2017 — by Jason Engel0

popcorn-time-960x640.jpg

Ransomware traditionally has used self-replicating and distributing features written into the malware itself to search out, break into, and infect unsecure devices. The benefits of this are clear…fast and wide malware distribution touching thousands of devices.

Enter stage left, Popcorn Time…the first ransomware, which uses the human victim themselves to find and target additional victims to continue distribution of the malware. The idea is straightforward. When your computer becomes infected, you have four options: 1) Pay the ransom and gain back control of your data, 2) Identify personal contacts you will try to infect in order to have your data released, essentially blackmailing the victim, 3) Call law enforcement for help and hope they have the resources to help, or 4) Do nothing. Looking at these, there are really only two options that will help the victim: Pay out, or provide targets.

Security

The Shadow Brokers went dark, the NSA weakened and exposed in the cyber war

January 17, 2017 — by Pascal Geenens0

the-shadow-brokers-1-960x638.jpg

On January 12th, the Shadow Brokers announced they are ‘going dark’ by leaving a farewell: “So long, farewell peoples. TheShadowBrokers is going dark, making exit. Continuing is being much risk and b*******, not many bitcoins. … Despite theories, it always being about bitcoins for TheShadowBrokers. Free dumps and b******* political talk was being for marketing attention. There being no bitcoins in free dumps and giveaways. You are being disappointed? Nobody is being more disappointed than TheShadowBrokers.”

DDoSSecurity

The DDoS Threat for Enterprises: Why Managed Security Matters

January 12, 2017 — by Hawley Hansen0

xo-comm-ddos-solution-960x640.jpg

As evidenced by the massive DDoS (distributed denial of service) attack in October that affected Netflix, Twitter and others, even large Internet-based companies are vulnerable to cyber-crime on a large scale. The Mirai botnet, whose source code is now available online, is credited with powering what’s been called the largest volumetric DDoS attack of its kind in history.

Mirai is the open-source DDoS toolkit that spread self-propagating malware responsible for overwhelming large servers across at least two continents. The malware simply exploited known vulnerabilities in the aging DNS (domain name server) technology that underpins the Internet’s equivalent of a phone book.

Security

The Current Surge of Bitcoin Prices

January 11, 2017 — by David Hobbs2

bitcoin-surge-960x640.jpg

It has long been known that if you want to participate in the Darknet marketplaces, you’ll need to exchange your money into Bitcoin.  Bitcoin was written by someone using the alias Satoshi Nakamoto in 2008 as an anonymous and decentralized currency. We’ve written in the past about how to buy Bitcoin. Today, for various reasons, we are seeing it become mainstream.

Ransom attacks on companies are becoming big business. Many businesses say they will not pay, but when attacked, find that they do.  But how do they pay?  Bitcoin. Just like having insurance policies, companies are now investing in keeping Bitcoin around for business continuity against DDoS attacks as well as Malware CryptoLocker and Data Extortion attacks.

Security

How Lucrative is Confidential Data? Prime Bounty for Hackers, Top Concern for Businesses

January 10, 2017 — by Ben Zilberman0

Chapter_4_Emerging_Threats-960x747.jpg

IT Professionals report securing sensitive data as the #1 challenge, even more than avoiding revenue loss or protecting reputation

In the 19th century, money was the key to power. During the 20th century, it was technology. Today, information and data is the key to power. It’s why organizations are keen to safeguard their data and hackers are intent on stealing it. In 2016, this fact was underscored numerous times: Wikileaks, ransom attacks that hijacked an organization’s digital assets, or the doxing and dumping of information about officials and decision makers.

Security

Radware’s Top Blogs of 2016

January 5, 2017 — by Radware0

top-5-posts-2016-960x577.jpg

Happy Near Year! Another year has come and gone in the blink of an eye. 2016 brought with it several interesting threats and attacks in the cyber-security space, among them the largest DDoS attack in history, the enslavement of Internet of Things (IoT) devices by botnets, the rise of cyber ransom and more – all of which we have dutifully reported here on the Radware Blog.

You, our readers, are what drive our dedication and commitment to industry insight. So what did you think of 2016? We’ve compiled a list of the top 5 blogs you most loved from last year.

Security

Is the Internet Rolling Back our Freedoms?

January 4, 2017 — by Carl Herberger0

rule-41-privacy-960x640.jpg

Right to Speech, Press, to Congregate, to Privacy, to practice Religion, and many others are no longer protected and thus effectively lost.

They say when you are dead, that you don’t know you are dead. It is difficult only for others, which is normally a select few people who were intimate with you. However, every once and a while a person is so stunning that we realize that everyone would have benefited knowing them.

The same is true for privacy.

Security

DevSecOps and Continuous Security Delivery

January 3, 2017 — by Pascal Geenens0

devsecops-960x640.jpg

The success of an online business depends in large part on the user experience. After all, competitors are only a single click away. There is a broad spectrum of services that impact user experience from an infrastructure and application perspective. Think about page load times, availability, and feature richness. Agility in the delivery infrastructure and continuous delivery of applications have become ubiquitous to the success of an online business. Hyper scale cloud providers such as Google, Amazon, eBay, and Netflix have been leading on highly scalable, agile infrastructure and continuous delivery of applications and are considered the golden standards for the practice of online business.

Security

Darknet: A One-Stop Shop for Would-Be Criminals

December 29, 2016 — by Radware0

darknet-roundup-960x641.jpg

There has been much talk in 2016 about the Darknet, a dangerous place where illicit or underground activities are conducted and consisting of many digital marketplaces where items can be bought or sold for cryptocurrencies. It sounds like the stuff of crime novels, and in a way, it is – commodities like drugs, guns, and cyber-attack services can all be found if you know where to look. The below blogs from ERT Researcher Daniel Smith will provide more information on what exactly the Darknet is, how to access it, and what can be found there.