Network and application attacks keep security teams busy all
year long with new attacks discovered each day that target all sectors and
countries. The map below shows different attack types, vectors and trends and
enables interactive filtering on different attack elements. The name of the
customer is displayed only when this information is public.
2 new vulnerabilities were recently found in Bash (CVE-2014-6271, CVE-2014-7169).These vulnerabilities potentially affect certain services and applications and allow remote unauthenticated attackers to exploit this issue and use this flaw to override or bypass environment restrictions.
The vulnerabilities potentially affect certain services and applications and allow remote unauthenticated attackers to inject certain characters into other environments, allowing them to exploit this issue and use this flaw to override or bypass environment restrictions to execute shell commands.
For mitigation options and more details see the attached Security Advisory.
The Brobot malware, also known as ‘itsoknoproblembro' and ‘kamikaze,’ is a general purpose PHP script infecting Content Management Systems (CMSs) using known vulnerabilities. During 2012 and 2013, infected networks were used to launch massive DDoS attacks against US-based banks. This attack, also known as Operation Ababil, was considered the biggest DDoS attack campaign ever.
Recently, the United States Federal Bureau of Investigation (FBI) released an alert through its FBI Liaison Threat Alert System (M-000033-BT) that includes a list of 1,492 URLs of confirmed infected Web sites, with the request that organizations help victims to remove the malware. The FBI threat alert was sent only to its affiliates, and therefore we are unable to provide a direct reference. However the following article explains the alert.
This ERT threat alert provides additional details on how to translate the FBI alert into specific actions using the Radware Attack Mitigation System (AMS).
For additional information regarding the threat, read the full Threat Alert
Due to the growing tension between Palestine and Israel that includes military actions in the
sector of Gaza, several hacktivists groups have united in a cyber-attack campaign against Israel,
From information that was found online (Twitter #OpSaveGaza and Facebook), AnonGhost and
other hacktivist groups claim to have successfully defaced over 500 Israeli websites and leaked
some government email credentials. In addition, some government sites have been targeted for
A link to DoS tools on the #OpSaveGaza page indicates a few of the tools that will be used. Most of them are known, such as HOIC, LOIC and ByteDos.
Radware's Emergency Response Team (ERT) has not yet directly seen any cases related to
2014 FIFA World Cup
Recently it has been reported in the news that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup including its partners and sponsors. The threat gained public attention after an interview with an Anonymous group spokesman, referring to himself as Che Commondore, provided select details about the planned operation.
This threat alert provides insight into potential techniques that will be used by Anonymous. It also outlines for potential targets recommended best practices that should be undertaken before, during, and after attack. The ERT expects Anonymous to cast a wide net and potentially target more than partners and sponsors of the event. Most companies should take note of the cautions/advice offered by this alert.
Ukraine-Russia Global Conflict
The current conflict between Ukraine and Russia following the Ukrainian revolution, the Crimean peninsula crisis, and the recent fighting in Slovyansk and Odessa, has the potential of military and political escalation. This conflict takes a global form following the involvement of the USA, Europe, NATO and other actors.
This Threat Alert calls for multiple countries and organizations to be prepared for cyber-attacks and possibly even cyber-war as a direct result of this global conflict. The reason is simple: cyber-attacks nowadays accompany physical and political conflicts. This is especially true for conflicts in this geographical arena.
For additional information regarding the threat, read the full Threat Alert.
Recently, the United States
Federal Bureau of Investigation (FBI) released an alert through its FBI
Liaison Threat Alert System (M-000033-BT) that includes a list of 1,492 URLs
of confirmed infected W...
We value your opinion! Please take a few moments to provide feedback or suggest additional content.
Under attack? Contact our experts 24*7 to get emergency assistance by dialing one of the toll free numbers available in the list below and provide the code “REDBUTTON” to the support engineers.
Be prepared to face cyber attacks with Radware’s attack mitigation system.
Radware is a leading security solutions provider offering a full spectrum Attack Mitigation System (AMS) comprised of award-winning products DefensePro, AppWall and Vision as well as the top-expert Emergency response team service.