Imperva Deconstructs Local and Remote File Inclusion Attack Vectors
(Thomson Reuters ONE) -
Media Contact
Katherine Nellums
415.321.2347
Katherine.nellums(at)lewispulse.com
Latest report from Hacker Intelligence Initiative provides detailed overview of
widely used but lesser known Internet threat
Redwood Shores, Calif., April 2, 2012 - Imperva (NYSE: IMPV), a pioneer and
leader of a new category of data security solutions for high-value business data
in the data center, today released its latest Hacker Intelligence Initiative
report exploring how Local and Remote File Inclusion (RFI/LFI) attacks enable
hackers to execute malicious code and steal data through the manipulation of a
company's web server. RFI/LFI attacks made up 21% of all application attacks
observed by Imperva in its review of attacks across 40 applications from June -
November 2011.
RFI and LFI attacks take advantage of vulnerable PHP Web application parameters
by including a URL reference to remotely host arbitrary code, enabling remote
execution. PHP is a programming language designed for Web development and whose
use is prevalent in applications on the Internet.
"LFI and RFI are popular attack vectors for hackers because it is less known and
extremely powerful when successful," said Tal Be'ery, Imperva's senior web
researcher. "We observed that hacktivists and for-profit hackers utilized these
techniques extensively in 2011, and we believe it is time for the security
community to devote more attention to the issue."
Highlights from the report include:
RFI/LFI "In the Wild" - A discussion of real-world RFI/LFI attacks, such as how
LFI compromised 1.2M WordPress websites via a TimThumb vulnerability, provides
the context needed into the importance of awareness of the technique.
RFI/LFI Deconstructed - A visual step-by-step technical analysis of an RFI-
infected file demonstrates how shell code obfuscates the attack vector,
highlighting how it can avoid traditional detection and mitigation techniques.
Evolution of RFI/LFI - From Remote File Inclusion to Local File Inclusion,
hackers continue to develop new attack vectors to evade anti-malware by
splitting across multiple fields in infected files.
Techniques to Mitigate RFI/LFI - Introduces a novel approach to mitigate against
RFI attacks by utilizing a shell hosting feed.
To download the full report, please visit:
http://www.imperva.com/download.asp?id=314.
About Imperva
Imperva is a pioneer and leader of a new category of data security solutions for
high-value business data in the data center. With more than 1,700 end-user
customers and thousands of organizations protected through cloud-based
deployments, Imperva's customers include leading enterprises, government
organizations, and managed service providers who rely on Imperva to prevent
sensitive data theft from hackers and insiders. The award-winning Imperva
SecureSphere identifies and secures high-value data across file systems, web
applications and databases. For more information, visit www.imperva.com, follow
us on Twitter or visit our blog.
© 2012 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and
SecureSphere are trademarks of Imperva, Inc.
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Imperva Inc. via Thomson Reuters ONE
[HUG#1599123]
Datum: 02.04.2012 - 09:01 Uhr
Sprache: Deutsch
News-ID 130774
Anzahl Zeichen: 4080
contact information:
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 177 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Imperva Deconstructs Local and Remote File Inclusion Attack Vectors"
steht unter der journalistisch-redaktionellen Verantwortung von
Imperva Inc. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
