ARTICLES

article /Jul 27, 2017

TrickBot Focuses on Wealth Management Services from its Dyre Core

by Sara Boddy

As TrickBot evolves, we examine version 24, which heavily targets Nordic financial institutions, and we take a close look at the Dyre–TrickBot connection.

article /Apr 12, 2017

Doxing, DoS, and Defacement: Today’s Mainstream Hacktivism Tools

by Ray Pompon

Readily available hacking tools provide new ways for civil disobedience groups to antagonize their targets anonymously.

article /Apr 07, 2017

Marcher Gets Close to Users by Targeting Mobile Banking, Android Apps, Social Media, and Email

by Doron Voolf

Marcher targets focused on European, Australian, and Latin American banks, along with PayPal, eBay, Facebook, WhatsApp, Viber, Gmail, and Yahoo—all in the month of March.

article /Mrz 27, 2017

From DDoS to Server Ransomware: APACHE STRUTS 2 - CVE-2017-5638 Campaign

by Maxim Zavodchik

A common infection vector used by botnet creators is scanning the Internet for web vulnerabilities to exploit for malware or back doors. The advantage of hitting servers over personal consumer devices is the ability to leverage powerful hardware that is...

article /Mrz 10, 2017

DNS Is Still the Achilles’ Heel of the Internet

by Ray Pompon

Since the Internet can’t survive without DNS, let’s make our best effort to defend it.

article /Feb 13, 2017

How Three Low-Risk Vulnerabilities Become One High

by Keiron Shepherd

It’s easy to brush off low-risk vulnerabilities as trivial—until they’re combined to create a deep-impact attack.

article /Jan 19, 2017

The New Insider Threat: Automation Frameworks

by Lori MacVittie

One of the pillars of DevOps is - according to its founders - automation. Along with automation naturally comes orchestration, which as you might guess is automation but at a higher level of abstraction. Where automation focuses on using...

article /Jan 18, 2017

Welcome to CISO to CISO

by Mike Convertino

Hi. I’m Mike Convertino, CISO of F5 Networks, and I want to welcome you to an experiment we’re conducting here at F5. We’ve laid the foundation of this CISO to CISO portal on an idea that has traditionally been somewhat controversial in the security community: openness.

article /Nov 15, 2016

Old Protocols, New Exploits: LDAP Unwittingly Serves DDoS Amplification Attacks

by Liron Segal

A new DDoS attack vector that leverages LDAP for reflection-amplification attacks is seeing increased usage.

article /Okt 23, 2016

DARPA Proves Automated Systems Can Detect, Patch Software Flaws at Machine Speed

by Debbie Walkowski

According to DARPA, it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc.

article /Okt 06, 2016

Mirai: The IoT Bot that Took Down Krebs and Launched a Tbps Attack on OVH

by Liron Segal

The Mirai botnet has infected hundreds of thousands of Internet of Things (IoT) devices, specifically security cameras, by using vendor default passwords for Telnet access.

article /Sep 01, 2016

Malware Targeting Bank Accounts Has a Swapping Pattern

by Doron Voolf

F5 Labs analysts discovered a target pattern in the IBAN number formats as well as weekly changes to the script injection content. In May 2016, the F5 Security Operations Center (SOC) detected a generic form grabber and IBAN (International Bank...

article /Aug 24, 2016

When Securing Your Applications, Seeing Is Believing

by Mike Convertino

While the cloud is amazing, a worrying lack of visibility goes along with it. F5 CISO Mike Convertino on things to keep in mind when developing a security approach.  When Securing Your Applications, Seeing is Believing

article /Aug 02, 2016

We Expected SSL Everywhere, and It's Well on the Way

by David Holmes

Malicious actors and eavesdroppers are forcing Internet communication into a single cryptographic protocol: SSL.

article /Jul 22, 2016

Web Injection Threats: The Cost of Community Engagement on Your Site

by Sara Boddy

Customer engagement drives web application design, but user-generated content brings inherent security challenges.

article /Jun 21, 2016

Privacy and Security: Where Do We Go From Here?

by Mike Convertino

Some of you may remember a time when national security was a question of police officers protecting individuals from crime on the street, or the Army’s defence against international threats. Today, that picture looks very different. If anything,...

article /Jun 17, 2016

Dridex is Watching You

by Anna Dorfman

And we're watching Dridex. Here's the latest in this malware's evolution.

article /Jun 13, 2016

Are You Ready to Handle 100+ Gbps DDoS Attacks—the New Normal?

by Ilan Meller

DDoS attacks have been common since the late 2000s, but average attack peaks have increased to 100+ Gbps.

article /Jun 01, 2016

Thanks to Anonymous' Latest Toolset, Anyone Can Play the DDoS Game

by Liron Segal

Anonymous commoditizes well-known DDoS attacks by making easy-to-use tools, available to even the most unsophisticated user.

article /Apr 26, 2016

Dridex Update: Moving to US Financials with VNC

by Doron Voolf

Ongoing campaign analysis has revealed that Dridex malware's latest focus has strongly shifted in recent months to US banks.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.