Imperva Hacked: API Keys, SSL Certificates Stolen
Based in California, USA, Imperva offers Cybersecurity software and services designed to protect enterprise data, detect and block malicious attacks and other web-based security measures.
However, Imperva itself suffered a cyber attack last week when a data breach affected users of Imperva’s Cloud Web Application Firewall (WAF). This product aimed at mitigating Denial of service attacks along with offering web application security.
Imperva Company CEO Chris Hylen released a statement about the breach and expressed regret for the inconvenience caused by it. Email addresses of users who began to use the WAF from September 2017, SSL certificates and API keys are among the information exposed to the breach. An internal investigation and exhaustive attempts to recover the information will be made as per the statement.
While Imperva’s security experts are yet not aware of the methods used by the hackers, investigation continues. Clients impacted by the breach are being notified. Users are recommended to reset their passwords along with taking care to implement security measures. These include resetting API keys, generation and uploading new SSL certificates.
Rich Mogull, founder of cloud security firm, DisruptOps, revealed to Brian Krebs– the stolen customer API keys and SSL certificates could enable a malicious attacker “to intercept, view or modify traffic destined for an Incapsula client web site, and even to divert all traffic for that site to or through a site owned by the attacker.”
The implications of such a breach cannot be ignored. Protecting your network from malicious attackers is a dire need of the times and a challenge for organizations worldwide. To add to these challenges, the growing complexities such as continuously evolving automated targeted cyber threats on the network require applications & programs to keep abreast with the most current security patch updates.
We at Logix realize deeply the need for Cyber Security measures to be constantly evolving in order to keep with the rapidly evolving cyber threats and malicious hackers. To give you the best protection, you should choose a Cyber security service that that adapts and evolves according to the need of the hour.
This awareness is why Logix is dedicated to proving our clients with constant patch updates, regular VAPT checks and round the clock network health checks. Keeping in mind the different needs of the wide variety of clients, we offer a varied range of products and services to help you protect your network and your system from malicious threats according to our unique requirements. These services range from Antivirus, Firewall, Web Applications Firewall and much more. For more details, visit this page