Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Crowd Sourced Intelligence Increases Threat Blocking Efficiency: Imperva

According to a report released by Imperva this week, threat-blocking efficiency is greatly increased with the addition of crowd-sourced threat intelligence.

According to a report released by Imperva this week, threat-blocking efficiency is greatly increased with the addition of crowd-sourced threat intelligence.

Imperva’s findings were published in their latest Hacker Intelligence Report for April. Through a study of 60 web applications, a memo on the report explains, Imperva identified common attack patterns and concluded that information sharing among organizations ultimately resulted in enhanced protection against large-scale attack campaigns.

“These findings indicate that identifying a noisy attack source – an attacker, payload or tool that repeatedly attacks – is of high importance. Recognizing one noisy attack source can aid other organizations in their defenses,” the report says.

Information Sharing 

“While surgically targeted web application attacks are still occurring, we also witness large campaigns with common characteristics across different organizations and verticals. Consequently, security cooperation between organizations that suffer from web attacks can create a ‘network effect’ in which all members of the cooperating community can benefit by exchanging security and threat information.”

Imperva identified the four most common attacks, which are the same ones organizations have struggled with for years. The top attack was SQL Injection, followed by Remote File Includes, Local File Includes, and comment spam.

Related to Imperva’s findings another firm said that in Q1 2013, Cross-Site Request Forgery (CSRF) attacks jumped more than 132% when compares to last year.  Secure cloud hosting firm, FireHost, who presented their research during the InfoSecurity Europe conference this week, said that the jump is due to a group of four cyberattacks that hammered organizations this quarter, which they’ve named “The Superfecta”.

“The Superfecta represents the most dangerous type of cyberattack traffic, but these are by no means advanced or difficult attacks for cybercriminals to launch,” said Chris Hinkley, CISSP – a Senior Security Engineer at FireHost and a SecurityWeek columnist.

“For example, cross-site request forgery attacks and cross site scripting attacks are extremely automated and require very little knowledge to implement.”

Advertisement. Scroll to continue reading.

In addition to CSRF attacks, Cross-site Scripting (XSS), SQL Injection, and Directory Traversal were also used in the Superfecta campaign.

Related Reading: What the Debates on Information Sharing Seem to be Missing

Related ReadingThreat Information Sharing – Fighting Fire with Fire

Related ReadingCombating Emerging Threats Through Security Collaboration

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

Former Wiz executive Trish Cagliostro has joined Orchid Security as Chief Revenue Officer.

Transcend has named former UnitedHealth Group CISO Aimee Cardwell as CISO in Residence.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.