How to Combat Ransomware to Stay Online

Recently we discussed the heavy cost of ransomware, both in the form astronomical ransoms that have been paid recently as well as the cost of dealing with the aftermath of an attack.  When it comes to most serious cyberattacks, a pound of prevention is worth a pound of cure.  The truth is that in most […]

Those Vulnerable 3rd-Party Web Services

Just when you think things are getting safer on the web, somebody comes up with a startling claim and spoils your party: “Our analysis paints a somewhat bleak situation on the state of modern web ecosystem.” That’s the conclusion of a 2016 study conducted by Carnegie Mellon University. The full title is worth noting: Oh, […]

Zero Day Exploit Protection

They say what you don’t know can’t hurt you — but that’s not really true. One example is a zero-day exploit. This is a network vulnerability that hasn’t been identified yet, at least not by the people who need to fix it. These IT professionals have zero days to fix the problem because they don’t […]

Protocol Anomaly Detection

It’s late at night and you’re walking to your car after attending a community event. Your car is still a block away. As you walk, you scan the scene before you. Something is just not right, you say to yourself. On the dark sidewalk ahead of you, you see two silhouettes. They are moving about, […]

What You Should Know About APIs

We all know how a computer user interface (UI) works — at least in general terms. Humans interact with digital machines using input devices, and we watch everything real-time on computer monitors. When we think of user input, we usually think of Input devices like a mouse, keyboard, touchscreen, trackball, or pointing stick. But we […]

Guarding Against Data Loss

In 2013, a U.S. military judge sentenced PFC Bradley Manning to 35 years in prison. His crime, as everyone knows, was leaking confidential information. Manning illegally downloaded data to a CD and gave it to Wikileaks. The intentional release of sensitive information is just one way that data loss occurs within an organization. Sometimes it […]

And You Thought Your Transactions Were Safe: SSL Based Attacks

Your plaintext internet traffic is subject to attack. You already knew this.  And it probably won’t surprise you to learn that your encrypted internet traffic is also vulnerable. It’s an unfortunate situation. Carl Herberger, Radware’s VP for Security Solutions, says that the prospect of SSL-based attacks “makes a folly of our existing security infrastructure”. The […]

Be on Guard for Forceful Browsers

When you go to a store to look around, the clerk may ask if they can help you. No, you’re just browsing, you say. You’re not necessarily in search of anything in particular. We do the same thing online. Web browsing is a way to satisfy our curiosity, to delve into areas that interest us, […]

An Introduction to Form Field Manipulation

You use web forms all the time. All across the internet, you are called upon to give certain information about yourself in order to access a site, use an application, or purchase a product. And the truth is most of us have become more open to these kinds of interactions as we have become immersed […]

Cookie Manipulation and Poisoning

Everybody loves cookies. They’re hard to resist — sweet and delicious. So why is something as flavorless as a computer cookie blessed with the same name? You can blame Lou Monulli. He created the technology for Netscape Communications and received a patent for it in 1998. In the beginning, nobody knew that cookies were being […]