Cybersecurity company Imperva has disclosed a data breach associated with customers of its Cloud WAF product, with exposed details including email addresses, hashed and salted passwords, API keys and customer-provided SSL certificates.
https://twitter.com/CyberNewsApp/status/1166492133613809665
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
This incident proves that no one is immune from cyberattacks. As the amount, complexity and pace of software development and deployment continues to grow, so does the risk. Every imperfect line of code or misconfigured setting is a potential point of breach. The type of information affected in this incident could effectively render a company’s firewall ineffective, which is why it’s so important to always practice defense in depth. That includes regular security audits and penetration tests, and of course technology such as SIEMs and antivirus. It’s essential that all these measures be applied together and consistently — only then will protection be truly effective. Human research also has a central role to play in defending against threats initiated by people. Only another person can fully understand the underlying psychology and innate creativity displayed by an attacker.