ke4pym Premium Member join:2004-07-24 Charlotte, NC
2 recommendations |
ke4pym
Premium Member
2019-Aug-27 1:14 pm
Imperva Discloses Breach» krebsonsecurity.com/2019 ··· -breach/"... a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users." Hope some folks have been re-issuing their certs!! |
|
4 recommendations |
The quote at the end of the article sums it up pretty well...
“The moral of the story here is that people need to be asking tough questions of software-as-a-service firms they rely upon, because those vendors are being trusted with the keys to the kingdom,” Knight said. “Even if the vendor in question is a cybersecurity company, it doesn’t necessarily mean they’re eating their own dog food.” |
|
2 recommendations |
to ke4pym
» images.app.goo.gl/8NdWB7 ··· dYAWsW59 -- 'Nuff Seid [/sarc] [/cynic] Regards |
|
sivranVive Vivaldi Premium Member join:2003-09-15 Irving, TX
2 recommendations |
to ke4pym
Apparently only Incapsula cloud WAF customers were affected, and not CDN/DDOS mitigation customers. API keys were exposed and any custom SSL keys uploaded by the user. So a cloud WAF customer who just used shared SSL would only have their API keys at risk.
I wonder how it was verified when the unauthorized access stopped. Imperva does make a database auditing product as well, so perhaps once notified of the breach they went back into the archives to correlate the details. But that's just speculation of course.
Any SSL keys that were stolen would be approaching the end of their validity period within the next year or so.
Here's an interesting thought: most, if not all, of Imperva's public-facing websites and services sit behind Incapsula CDN at the very least. Whether they use their SecureSphere WAF or Incapsula WAF I'm not sure. So, there's another wrinkle here: how was the breach perpetrated? Did an attack bypass one or both WAFs to strike the webserver, or was some privileged account compromised by phishing or some other means? |
|
dave Premium Member join:2000-05-04 not in ohio
4 recommendations |
to ke4pym
"Imperva" -- meant to suggest "impervious", I suppose.
Snigger...
Pride comes before a fall, as they say. |
|
|
They used to be WebCohort.
A co-founder of Check Point Software started the company in 2002. |
|