The Radware ERT Encounters Another Reflection Attack

June 10, 2014 — by Motty Alon1

The effectiveness of DNS Reflective attacks over the past two years has raised the popularity of other reflective attacks, such as CHARGEN and Network Time Protocol (NTP) attacks.  In the case of CHARGEN attacks, service is spoofed into sending data from one service on one computer to another service on another computer creating an infinite loop that results in a denial of service attack.  Similarly with NTP attacks, an attacker sends a specially crafted query that ultimately redirects large volumes of traffic.  The traffic is sent with a spoofed source address with the intention of having the NTP servers return responses to the spoofed address. 


Heartbleed Bug: A Deeper Dive on What You Should Do

April 14, 2014 — by Motty Alon1

What exactly is the Heartbleed vulnerability?

On April 7, 2014, the OpenSSL community announced that it found a critical vulnerability in the TLS Heartbeat protocol. The nature of such an attack is very similar to a buffer overflow attack, where a remote attacker can exploit the protocol by sending a malformed “heartbeat” request with a payload size bigger than the actual request. In response, the vulnerable server would return a heartbeat response that contains a memory block of up to 64KB in the payload. This memory block can potentially reveal confidential information, including SSL private keys, user passwords and more. The researchers that found this vulnerability have put together an informative micro site that explains all of this.


Heartbleed Bug: Three steps on what to do next

April 9, 2014 — by Motty Alon2

As you’ve most likely heard, a very serious threat called CVE-2014-0160, commonly referred to as “Heartbleed” has been threatening the ultra-popular open-source OpenSSL package. Heartbleed is unique in the collateral damage it can create.

Heartbleed exposes the ugly side of open-source security components: In past events, where such Earth-shaking vulnerabilities were found, there was a vendor that would pay for the collateral damages that the vulnerability created. Who would pay for the collateral damages of this open-source vulnerability? It is likely be the users that are using OpenSSL.

Application SecurityDDoS AttacksSecurity

To Err Human, To Automate Secure

March 20, 2014 — by Motty Alon1

“To err is human.”

This quote by British poet Alexander Pope gained new meaning to me after reading a follow-up article by Information Week on the massive security breach that the American retailer Target experienced this past November. According to the story, the Target security team reviewed and ignored urgent warnings about unknown malware spotted on their network. They simply made the wrong call. This can happen, but this erroneous call, ended up resulting in millions of dollars in lost revenues to the organization as well as exposed the personal and credit information of millions of their shoppers.

DDoS AttacksHTTP Flood AttacksSecurity

Much more than Outage: 2013 DDoS Market Review

January 27, 2014 — by Motty Alon1

What comes to mind when the term “Denial of Service” is mentioned? Probably website outage.

This image has been crafted over the last couple of years with media, analysts and bloggers all talking about Denial of Service attacks, but mostly when the result of the DoS attack caused a site outage. Our latest report, the Radware Global Application and Network Security Report addresses this and other misconceptions about DDoS.

Application SecurityDDoS AttacksSecurity

DDoSed by the Troll

January 3, 2014 — by Motty Alon1

For a large number of online gamers that planned to spend their holiday break playing online games such as League of Legends,  Minecraft, DayZ, Eve Online, and even ClubPenguin, they were met with an unpleasant surprise. A hacker group with the name “DERP” was attacking many of the Massively Multiplayer Online Games (MMOG) sites over the last couple of days.