Home Security

Security

What is the W4SP Information Stealer?

Since mid-October, W4SP malware is attacking software supply chains; in this case, it's using Python packages to launch an information stealer.

Ukraine’s Response to Cyber Threats a Model in DDoS Prevention

With the disruption, loss of life and heartbreaking images that the Russia-Ukraine conflict has produced, it is easy to overlook what it has meant to the cyber threat landscape. Even threat actors have taken sides.

Credential Access via Information Stealers

Throughout 2022, the theft of user credentials continued to blanket the threat landscape. A recent example that illustrates both the simplicity and depth of this tactic is the Uber breach by threat actor Teapot, which bought the illegally harvested user credentials on the Darknet Marketplace (DNM).

This was 3rd Quarter 2022 — A Cybersecurity Look Back

In the third quarter of 2022, the four universal cyberattack drivers were accounted for: war, religion, politics and money.

OpenSSL CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows

After a week of speculation about OpenSSL vulnerabilities, the OpenSSL project disclosed two new CVEs to address buffer overrun vulnerabilities in its cryptographic library that could trigger crashes or lead to remote code execution (RCE).

6 Ways Bot Attacks Can Spoil Your Black Friday

The 3 days between “Black Friday” and “Cyber Monday” are when online retailers often enjoy their highest sales numbers for the year....

2023 IT Security Predictions From Professionals Who Live It Every Day

To beat the prediction rush, Radware reached out to several of our customers to find out what they think 2023 will bring to light in the world of cybersecurity.

The Birth of Cybersecurity

Now that we’re more than a week into October, it’s time to celebrate the birthday—well, birth month—of Cybersecurity Awareness Month. The goal...

The Multi-Cloud is The New Normal, But Creates Key Security Challenges

The age of the multi-cloud is upon us, but that comes at a cost to security. In a nutshell, this is the key finding...

The Problem of Badly Configured Web Application Firewalls

Web Application Firewalls (WAFs) have become a critical first line of application defense. Yet configuring and managing them in multi-cloud and on-prem...

This was H1 2022: Part 3 – Beyond the War

Being caught up in all the events and media attention stemming from the Russo-Ukrainian conflict, one could forget...

The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape

In June 2021, I wrote a blog questioning if decade-old denial-of-service tools were still relevant. At the time, I had concluded that while the...

Must Read

Application Security in the Microservices Era

As organizations break their applications down into microservices, the responsibility for securing these environments is shifting as well.

How Can You Protect What You Can’t See?

Radware’s 2019–2020 Global Application & Network Security Report combines statistical research and front-line experience to identify cybersecurity trends.

5 Steps to Prepare for a DDoS Attack

It’s inevitable almost as death and taxes: somewhere, at some point, you will come under a DDoS attack.

C-Suite Survey: Accelerated Cloud Migrations, Lagging Security

The 2020 “C-Suite Perspectives Report on IT Security” reveals that COVID-19 was a major accelerant for organizations to quickly migrate to the cloud.

The State-Sponsored Cyberthreat Landscape

State-sponsored cyberattacks have emerged as one of the preeminent threats targeting companies today.