Date: Monday, June 1, 2015
Time: 2:00 PM ET/ 11:00 AM PT
With mega breaches springing up one after another, many industry players have registered both disbelief and awe at the sheer numbers of individual credentials stolen. For instance, last year, a Russian hacker group called CyberVor was able to pilfer 4.5 billion unique records, the majority of which were credentials, such as IDs and passwords. Reportedly, the thieves took advantage of pre-existing holes in website code to launch SQL injection attacks to prompt web apps to execute malicious commands. In this instance, about 400,000 sites were vulnerable to the assault. But this is just one type of offensive scheme that cybercriminals enlist by exploiting well-known and sometimes long-standing vulnerabilities in the applications on which companies rely — even though there are readily available mitigations for them. So what can organizations do to take care of the myriad holes on which online thieves seem to rely? We review some of the more common attacks used by cybercriminal rings, and identify the techniques and over-arching best practices to block them.
Mark Kraynak, Chief Product Officer, Imperva
Illena Armstrong, VP, Editorial, SC Magazine