2017 in Review: Your Favorite Posts

December 27, 2017 — by Radware0

main

Security

2017 in Review: Your Favorite Posts

December 27, 2017 — by Radware0

Another year has come and gone, full of all sorts of new cyber-attacks and vulnerabilities. Which subjects did our readers find the most fascinating this year? Privacy, open-source tools, and a new botnet threat called Reaper were just a few. Below are the top 10 posts that you kept coming back to:

  1. SMB Vulnerabilities – WannaCry, Adylkuzz and SambaCry

On Friday, May 12th, 2017 attackers leveraged the Wannacry exploit to create one of the world’s largest cyber ransom incidents.  Wannycry became the poster child for what can happen when users fail to update their software in a timely manner. The campaign spread across networks all over the world, leveraging a recently disclosed vulnerability in Microsoft SMB service. In this case, Microsoft’s security update was released a month before the Shadow Brokers leaked the FuzzBunch framework that included the exploits and payload used in the campaign. In this blog, ERT Researcher Daniel Smith takes a deep dive into how these variants work.

  1. The Cost of a DDoS Attack on the Darknet

Guest author David Monahan looks at three factors that influence the cost of a DDoS attack – the evolution and commercialization of the Dark Web, the explosion of IoT devices, and the spread of cryptocurrency.

  1. “For Educational Purposes Only”

Over the last few years, tools such as stressers, ransomware, and Remote Administration Tools (RAT) are being published along with other open source services under the pretenses of education and testing for vulnerabilities and risks. But what happens when these tools fall into the wrong hands? In this blog, we take a closer look at the debate.

[You might also like: Bad Packets 2017 – A Year in Review]

  1. 2017’s 5 Most Dangerous DDoS Attacks & How to Mitigate Them (Part 1)

Ultra-adaptive hackers have released new kinds of  cyber-attacks in 2017. In the first of this two-part series, we look at a three of the five nastiest attacks that companies dealt with this past year.

  1. 2017’s 5 Most Dangerous DDoS Attacks & How to Mitigate Them (Part 2)

In the second part of this series, we take a look at the last two attack types that proved to be particularly troublesome for companies this year – IoT botnets and PDoS (Permanent Denial-of-Service).

  1. A fifth of millennials would rather the U.S. government see what’s on their phone than their significant other

Privacy was another issue that our readers found compelling and relevant this past year. In a survey conducted by Harris Poll, Radware asked 2,200 Americans ages 18 and older if they would rather have the government look at what’s on their phone, or their significant other. This blog takes a look at the results.

[You might also like: Everything You Need to Know About DDoS Attacks]

  1. Open-Source Attack Tools Open Pandora’s Box

“Once dangerous tools are released to the public, they can be downloaded—and modified and enhanced—by anyone.” This blog takes a look at what happened when Radware performed a quick test to see how easy or difficult it would be for an average hacker to take the open-sourced Mirai source code and extend its capabilities with a new, advanced attack vector.

  1. The Quadruple Play for your Local Grocer – Security, Voice, Data, and Video – and Bananas Too!

Sometimes lost in the news cycle among attacks on large, well-known banks and other financial organizations are the small and medium businesses also fighting a battle to protect their assets. In 2016, the financial services industry suffered 44 million cyber-attacks, more than any other industry. A report by Beazley Breach Response (BBR) Services found that banks and credit unions with less than $35 million in annual revenue accounted for 81% of hacking and malware breaches at financial institutions. In this blog, we explore how Service Providers have an opportunity here to help protect their customers who may not even know that they are a target.

  1. Why the World is Under the Spell of IoT_Reaper

First, there was Brickerbot. Then, there was Reaper. There were rumors that it could potentially be the most threatening botnet ever seen. In this blog, we delve into the history of Mirai to see how it compares to this new threat, and whether or not we should be concerned about it.

  1. CDN Security is NOT Enough for Today

New vulnerabilities in CDN networks have left many wondering if the CDNs themselves are vulnerable to a wide variety of cyber-attacks. In this blog, we identify five different threats to CDNs and how you can protect against them.

Conclusion

According to this latest blog from Carl Herberger, 2016 was the year of DDoS, and 2017 was the year of ransom. 2018 is predicted to be the year of automation, or more specifically attacks on automated processes. What else will 2018 bring?

Download “Web Application Security in a Digitally Connected World” to learn more.

Download Now

Radware

Leave a Reply

Your email address will not be published. Required fields are marked *