Attack MitigationDDoS AttacksSecurity

Obama’s Cyber-Security Proposals: Does this Safe Platform Translate to a Safer Network?

January 21, 2015 — by Ben Desjardins0

President Obama’s mention of cyber-security in last night’s State of the Union Address came as no surprise.  The Obama camp implemented a novel approach this year of “previewing” the President’s main agenda items through a series of speeches in the week preceding the SOTU. But even without the preview, the comments on cyber-security were rather predictable (and brief).

Attack MitigationSecurity

Read this List and Check it Twice — How to Protect Your Retail Business From Cyber-Attacks This Shopping Season

November 25, 2014 — by Shira Sagiv1

As consumers are getting their shopping lists ready for the biggest shopping days of the year, businesses should get ready as well.  Cyber-attacks, and most notably DDoS attacks, are more likely to occur on high traffic days – in fact, according to a 2013 eCommerce Cyber Crime Report conducted by the Ponemon Institute, 64% of respondents say "their organizations have seen an increase in Internet fraud and/or website attacks on high traffic days such as Cyber Monday." 

Attack MitigationSecurity

The “Easy Button” for Cyber-Attack Mitigation: Introducing Radware’s Attack Mitigation Service

November 18, 2014 — by Carl Herberger2

Advancements are continually being made to defend organizations from cyber-attacks. I wanted to take some time to share some powerful reminders of how diligence in approach is needed.

Organizations that used to rely on their service provider’s DDoS protection service (in-the-cloud) found that the attacks that hit their business could and would bypass the provider’s protection layer.  This is because DDoS is a tactic, not the overall problem.  Attacks borne from the Internet are the problem and solutions designed to handle a simple tactic, wind up falling short.

Attack MitigationDDoS AttacksSecurity

Tsunami SYN Flood Attack – A New Trend in DDoS Attacks?

October 8, 2014 — by Radware28

Over the past week Radware’s Emergency Response Team (ERT) detected a new type of SYN flood which is believed to be specially designed to overcome most of today’s security defenses with a TCP-based volume attack. Within a 48-hour period two different targets in two different continents were targeted with this new technique and have experienced very high attack volumes.

Attack MitigationDDoS AttacksSecurity

6 Types of DDoS Protection for Your Business

July 14, 2014 — by David Monahan2

David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger.

DDoS attacks have become commonplace these days.  The offending attackers may be hacktivists, cyber-criminals, and nation states or just about anyone else with an Internet grudge and a PayPal or Bitcoin account.  These attacks themselves often require no technical skill.  Someone with a bone to pick can simply purchase the use of any number of nodes on one or more botnets for an hourly fee (long term rate discounts available); use a Graphical User Interface (GUI) to organize the attack and then launch it.

Attack MitigationDDoS AttacksSecurity

Cyber Attacks on Oil and Gas

July 11, 2014 — by David Hobbs1

A few weeks ago, news agencies shared reports on the Energetic Bear attack. This cyber-attack, or rather virus, was reportedly introduced by a Russian hacking group and it targeted oil, gas, power, and energy investment companies. The threatening malware had the ability to shut down major power grids, oil pipelines, gas, and energy traders. Analysts speculate that the attack motive was to gain competitive advantage in state-sponsored espionage against global oil and energy producers.

Application SecurityAttack MitigationSecurity

Consequences of Connection – How Mobile Security Threats Can Reach the IoT

June 12, 2014 — by Carl Herberger1

Does mobile mean a handheld device in today’s world?  Not necessarily.  The term ‘mobile’ often applies to a phone or even a laptop computer, but in my opinion the definition is changing.  Mobile is no longer something you carry, but rather somewhere.  The place that you access your systems and the Internet (which is not from an internally managed LAN and doesn’t include a PC on the other end), this is mobile.  And this broader category can extend to devices such as Internet accessible cars and the ‘things’ of the Internet-of-Things (IoT) – TVs, gaming consoles, fancy refrigerators. 

Attack MitigationDDoS AttacksSecurity

A Flaw Worth Fixing? How We Tested (And Stopped) the Facebook Notes Flaw

May 19, 2014 — by Ron Meyran11

Recently, independent researcher Chaman Thapa published a report on an attack scenario showing how someone could use Facebook Notes to DDoS any website. When Facebook and DDoS enter the conversation, news spreads quickly and questions emerge. What is the flaw? How serious is it? Who or what can be affected? The Radware Emergency Response Team (ERT) decided to take a look at the Facebook Notes attack type by testing it in our lab. First, here’s some background:

Application SecurityAttack MitigationDDoS AttacksSecurity

WordPress DDoS and other HTTP Reflectors

March 25, 2014 — by David Hobbs1

Lately, there has been a lot of buzz about reflection and amplification attacks extending DDoS harm.  The new kid on this attack block is NTP.  NTP, or Network Time Protocol, is an amplification attack that is an emerging form of DDoS.  This attack relies on the use of publically accessible NTP servers to overwhelm a victim’s system.  While DNS attacks are still an old favorite, recently there has been a new rash of HTTP-based amplification attacks having a more significant impact than the past standard network floods.