main

Security

From the Corner Office: Views from a Chief Information Security Officer

February 1, 2017 — by Dannie Combs0

ciso-life-960x640.jpg

Top Attack Trends in 2016

1. First and foremost, we’ve seen our network—and the networks we monitor and protect—experience a tenfold increase in the volume of DDoS attacks. In August 2015, we had a little over 5,000 attacks. In July 2016, it was 55,000 attacks that we could identify. Last year, 70% to 80% of attacks were less than a minute—mostly “white noise” events (a.k.a. “hit-and-run DDoS” or “burst attacks”). This year, we’ve seen attacks falling into the one- to five-minute duration, causing random business disruptions.

Security

Is the Internet Rolling Back our Freedoms?

January 4, 2017 — by Carl Herberger0

rule-41-privacy-960x640.jpg

Right to Speech, Press, to Congregate, to Privacy, to practice Religion, and many others are no longer protected and thus effectively lost.

They say when you are dead, that you don’t know you are dead. It is difficult only for others, which is normally a select few people who were intimate with you. However, every once and a while a person is so stunning that we realize that everyone would have benefited knowing them.

The same is true for privacy.

Attack Types & VectorsSecuritySSL

Could Your Network Survive APDoS or Hit-and-Run DDoS?

February 25, 2016 — by Ben Zilberman2

beyond-volumetric-attacks-sharks.png

Can you guess where a network breach first occurs?

When a CISO asked this question during a recent business trip my answer was simple:  “Sure! In the first line of defense.”  Trying to improve my chances, I quickly added, “You know what, it’s when employees share on social networks and unintentionally provide puzzle pieces to potential perpetrators.”

“No,” he said. “It happens in the CISO’s mind. At the very moment they feel secure enough…”

Security

The Value of Letting the Technical Professionals Select a Security Vendor

February 23, 2016 — by David Monahan0

security-vendor-2-960x639.jpg

David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger.

Management is ultimately responsible for the security of an organization. At each level, the appropriate manager decides which of the precious dollars, assets, and personnel under his or her control should be allocated for each aspect of the business, security being one of the many competing functions.

HacksSecurity

Online Credit Theft Happened to Me

February 4, 2016 — by Werner Thalmeier2

online-credit-theft-2-960x640.jpg

Pling Pling!  You all know the tone when a new message arrives to your private mail inbox.

Recently, when this happened to me, I checked the message subject and was shocked right away. “Urgent: Please call me back!”  In our business world this kind of e-mail happens, but in this case the sender was my personal bank manager. In the last 10 years, I have never received a message like this from him.  I gave him a call and my manager told me that my wife’s credit card was compromised. An unknown person had used it for shopping at a sporting goods store in the US and to set up a VPN account to hide his criminal activities.

HacksSecurity

The Stadium of the Future Is Smart, But Is It Safe? How Hackers Could Target the Super Bowl – And How to Stop It

January 28, 2016 — by Daniel Smith0

superbowl-hack-2-960x639.jpg

Levi’s Stadium is one of the most technologically advanced stadiums ever built.

It features 12,000 network ports, 1,200 access points, 1,700 beacons, and a DAS system, looking to accommodate an audience of 68,500 visitors. The stadium’s bandwidth capacity is 40Gbps (4x greater than the NFL stadium mandate put into place in 2015). Fans follow the game on 2,000 IPTVs.

SecuritySSL

Is Your Organization Prepared for Cyber Attacks? The 2015-2016 Global Application & Network Security Report

January 19, 2016 — by Shira Sagiv3

is-your-organization-prepared-2-960x640.jpg

Few organizations are well prepared when it comes to cyber-attacks.

Blending statistical research and front-line experience, and with more than 20 industries represented, Radware’s new 2015-2016 Global Application & Network Security Report reflects this.  The report outlines findings and analysis from our 2015 industry survey, reflects our Emergency Response Team’s (ERT) in-the-trenches experiences fighting cyber-attacks, and incorporates the perspectives of two 3rd party service providers.

Attack Types & VectorsSecuritySSL

Ways to Protect Against Modern Day Spear Phishing

January 13, 2016 — by Snir Karat2

spearphishing-2-960x640.jpg

Anyone who works in the cyber-security field knows that phishing attacks – especially those against large enterprises – are on the rise.  The odd of success are in the attacker’s favor because these attacks rely on uniquely human factors that are notoriously exploitable.

Phishing attacks have evolved throughout the years and in the past, they were simple attacks.  Attackers would send a message with a link to a bogus site to trick a user into running malicious code on their computer.  Today, however, phishing attacks are highly complex and the damage to the victim can be extremely severe and even irreversible.

Attack Types & VectorsDDoSSecurity

The Top 5 DDoS Attack Types We Saw in 2015

January 7, 2016 — by Snir Karat0

tips-before-during-after-cyber-attack.jpg

There were no “common” DDoS attacks in 2015.  The ones studied by Radware researchers were often volumetric; however, sophisticated, combined attacks such as Proton Mail were also fought by the Radware Emergency Response Team (ERT).  The combined attacks they experienced involved UDP floods, SYN floods, DNS reflection, ICMP floods and TCP out-of-sequence floods.

Application DeliveryDDoSSDNSecurityService ProviderWPO

Your Favorite Posts of 2015

December 30, 2015 — by Radware1

Over the past twelve months, our team of authors has offered advice, expertise, and analysis on a variety of topics facing the application delivery and security communities.  The articles below are the most read and shared ones we published this year.  Our goal was (and is) to share our experience and knowledge so you, our readers, can better prepare, implement, and gain insights that you can apply to your business.