Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Crowd Sourced Intelligence Increases Threat Blocking Efficiency: Imperva

According to a report released by Imperva this week, threat-blocking efficiency is greatly increased with the addition of crowd-sourced threat intelligence.

According to a report released by Imperva this week, threat-blocking efficiency is greatly increased with the addition of crowd-sourced threat intelligence.

Imperva’s findings were published in their latest Hacker Intelligence Report for April. Through a study of 60 web applications, a memo on the report explains, Imperva identified common attack patterns and concluded that information sharing among organizations ultimately resulted in enhanced protection against large-scale attack campaigns.

“These findings indicate that identifying a noisy attack source – an attacker, payload or tool that repeatedly attacks – is of high importance. Recognizing one noisy attack source can aid other organizations in their defenses,” the report says.

Information Sharing 

“While surgically targeted web application attacks are still occurring, we also witness large campaigns with common characteristics across different organizations and verticals. Consequently, security cooperation between organizations that suffer from web attacks can create a ‘network effect’ in which all members of the cooperating community can benefit by exchanging security and threat information.”

Imperva identified the four most common attacks, which are the same ones organizations have struggled with for years. The top attack was SQL Injection, followed by Remote File Includes, Local File Includes, and comment spam.

Related to Imperva’s findings another firm said that in Q1 2013, Cross-Site Request Forgery (CSRF) attacks jumped more than 132% when compares to last year.  Secure cloud hosting firm, FireHost, who presented their research during the InfoSecurity Europe conference this week, said that the jump is due to a group of four cyberattacks that hammered organizations this quarter, which they’ve named “The Superfecta”.

“The Superfecta represents the most dangerous type of cyberattack traffic, but these are by no means advanced or difficult attacks for cybercriminals to launch,” said Chris Hinkley, CISSP – a Senior Security Engineer at FireHost and a SecurityWeek columnist.

Advertisement. Scroll to continue reading.

“For example, cross-site request forgery attacks and cross site scripting attacks are extremely automated and require very little knowledge to implement.”

In addition to CSRF attacks, Cross-site Scripting (XSS), SQL Injection, and Directory Traversal were also used in the Superfecta campaign.

Related Reading: What the Debates on Information Sharing Seem to be Missing

Related ReadingThreat Information Sharing – Fighting Fire with Fire

Related ReadingCombating Emerging Threats Through Security Collaboration

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.