Contact
QR code for the current URL

Press release Box-ID: 361943

Imperva Inc. 3400 Bridge Parkway, Suite 101 94065 Redwood Shores, CA, United States http://www.imperva.com
Contact Ms Darshna Kamani +44 20 7183 2834
Company logo of Imperva Inc.
Imperva Inc.

Imperva Launches Hacker Intelligence Initiative

Two New Hacking Schemes Uncovered Using Surveillance & Hack-Back Techniques

(PresseBox) ( London, )
Imperva, the leader in data security, announced today its hacker intelligence initiative (HII), a research effort focused on providing deeper insight on how cybercriminals conduct large scale cyber attacks as well as shedding light on the evolution of the underground business of cybercrime. Part of Imperva's Application Defense Center (ADC), the hacker intelligence initiative will investigate the anatomy of attacks as well as key hacking trends by exploring the cybercrime industry utilizing techniques including hackback, forum monitoring and internet traffic surveillance.

"Today, security research focuses heavily on vulnerabilities and problems. But to truly protect an organization, security professionals must have a deep understanding of their enemy," said Amichai Shulman, Imperva's CTO, referencing Sun Tzu's observation, 'If ignorant both of your enemy and yourself, you are certain to be in peril.'

Imperva's HII researchers will conduct and release research on attacks as they are uncovered. To date, the HII has released research on four significant cybercrime activities, among others:

- Pyramid-Scam Phishing Scheme: Employing simple hackback techniques, Imperva uncovered a pyramid scamstyle phishing scheme where a sophisticated hacker siphons data from individual phishing attacks through a backdoor in a phishing kit; the attack also capitalizes on a second dropserver to store stolen data.
- Startto-Finish Execution of a Cross-Site Scripting Attack: By observing the hacker's own vulnerable code, Imperva was able to witness a XSS attack impacting 3000 individuals; Imperva found that XSS attacks require little expertise and less than an hour to carryout when using readily available tutorials and free hosting sites.
- New Type of DDoS Attack: By monitoring a TOR, Imperva traced DDOS attacks to find that, unlike traditional botnets made up of infected PCs, the attacks were leveraging a botnet of infected servers, creating a stronger, more effective and lessdiscoverable attack.
- The publication of 32 million passwords: By monitoring hacker forums, Imperva uncovered a list of user passwords for the popular site RockYou and provided analysis of the most commonly used words and phrases.

"Cybercrime is a business like any other," continued Shulman. "Hackers are becoming more automated and their techniques are sophisticated and industrialized. Modern cyber defenses need to keep pace with this growing industry and our intelligence initiative will help uncover the trends, techniques and tactics utilized by today's cybercriminals."

Imperva Inc.

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. With more than 1,500 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The awardwinning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2022, All rights reserved

The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.