Reacting to a Big Breach

/ mars 15, 2018

by Ray Pompon

A big public breach is a teachable moment for both you and your organization.

The Hunt for IoT: The Growth and Evolution of Thingbots Ensures Chaos

report / mars 13, 2018

by Sara Boddy, Justin Shattuck

IoT attacks show no signs of decreasing while infected IoT devices go un-remediated, and discovery of new thingbots is at a decade-long high.

Threat Modeling the Internet of Things: Modeling Reaper

/ mars 09, 2018

by David Holmes

Reaper is just one more blinking light in the faces of the InfoSec community reminding us that we need to get ahead of IOT madness.

rTorrent Vulnerability Leveraged in Campaign Spoofing RIAA and NYU User-Agents?

article / mars 08, 2018 (MODIFIED: mars 13, 2018)

by Andrey Shalnev

The same rTorrent XML-RPC function configuration error that was targeted to mine Monero in February was also targeted in January in a campaign apparently spoofing user-agents for RIAA and NYU.

Exploited Memcached Servers Lead to Record-Setting 1.3Tbps DDoS Attack

blog / mars 02, 2018 (MODIFIED: mars 13, 2018)

by Sara Boddy

Memcached is just one of many application infrastructure systems that could launch the same types of attacks if they were also misconfigured.

rTorrent Client Exploited In The Wild To Deploy Monero Crypto-Miner

article / févr. 28, 2018 (MODIFIED: mars 13, 2018)

by Andrey Shalnev

A previously undisclosed misconfiguration vulnerability in the rTorrent client is being exploited in the wild to mine Monero.

User Experience and Security Should be Complementary, Not Contradictory

/ févr. 23, 2018

by Preston Hogue

When new technology initiatives are approached in the right way, organizations can implement them, mitigate risk, and provide the best user experience.

XMRig Miner Now Targeting Oracle WebLogic and Jenkins Servers to Mine Monero

blog / févr. 21, 2018 (MODIFIED: mars 13, 2018)

by Andrey Shalnev

The same drop zone server used last week to mine Monero on compromised Jenkins automation servers is now being used in a new Monero mining campaign targeting Oracle Web Logic servers.

Beware of Attackers Stealing Your Computing Power for their Cryptomining Operations

blog / févr. 15, 2018 (MODIFIED: mars 13, 2018)

by Travis Kreikemeier

As the black-market price for stolen data declines, attackers turn to cryptojacking schemes to maximize their profits—all at your expense.

Risky Business (Part 3): The Beauty of Risk Transfer

/ févr. 13, 2018 (MODIFIED: mars 15, 2018)

by Preston Hogue

Risk transfer strategies allow you more time to focus on your business.

The Email that Could Steal Your Life Savings and Leave You Homeless

blog / févr. 08, 2018 (MODIFIED: mars 13, 2018)

by Debbie Walkowski, David Holmes

Real estate scams are big business for attackers. Be on the lookout for this one, which can leave home buyers destitute if not caught in time.

CISOs Look to Machine Learning to Augment Security Staffing Shortages

blog / févr. 06, 2018 (MODIFIED: mars 08, 2018)

by Ray Pompon

As security expertise becomes more scarce, CISOs are turning to machine learning to do more with fewer people.

86 Your Cyber Attackers! Avoid Data Breaches by Protecting Your Most Likely Attack Targets

blog / janv. 31, 2018 (MODIFIED: mars 08, 2018)

by Sara Boddy

Critical lessons can be learned from others’ mistakes. Don’t learn the hard way; heed the warnings from our research.

Thingbots and Reapers and CryptoMiners—Oh, My! F5 Labs’ First Year in Review

blog / janv. 25, 2018 (MODIFIED: mars 09, 2018)

by Debbie Walkowski

F5 Labs covered a multitude of threats, vulnerabilities, botnets, attackers, and attacks in 2017. Here are just some of the highlights you might have missed.

Risk vs. Reality: Don’t Solve the Wrong Problem

blog / janv. 24, 2018 (MODIFIED: mars 02, 2018)

by Ray Pompon

If you’re not evaluating risk in terms of likelihood and impact, you could be focusing your security efforts in all the wrong places.

Everything is Compromised—Now What?

blog / janv. 18, 2018 (MODIFIED: mars 15, 2018)

by Jared B. Reimer

Accept that breaches are inevitable in today’s world, then take these steps to reduce the chances of a large-scale, headline-making compromise.

State of App Delivery 2018: Security Again Edges Out Availability as Most Important App Service

blog / janv. 16, 2018 (MODIFIED: févr. 21, 2018)

by Lori MacVittie

Forty-three percent of organizations say security is essential when deploying apps, and more than two thirds use multiple security solutions to protect clients, infrastructure, and web apps.

Ramnit Goes on a Holiday Shopping Spree, Targeting Retailers and Banks

article / janv. 15, 2018 (MODIFIED: mars 02, 2018)

by Doron Voolf

Ramnit’s latest twist includes targeting the most widely used web services during the holidays: online retailers, entertainment, banking, food delivery, and shipping sites.

Risky Business (Part 2): Why You Need a Risk Treatment Plan

/ janv. 12, 2018 (MODIFIED: févr. 23, 2018)

by Preston Hogue

Performing a risk analysis and taking due care are no longer optional.

A Spectre of Meltdowns Could be in Store for 2018, Including Fileless Malware Attacks and More Costly Bots

blog / janv. 10, 2018 (MODIFIED: mars 01, 2018)

by Lori MacVittie

Every week another bug, vulnerability, or exploit is released - we need a multi-layered security strategy (beyond our standard patch “spin cycles”) to deal with threats like Spectre and Meltdown.

Global Consultancy Overcomes Cloud Security Risks

blog / janv. 09, 2018 (MODIFIED: févr. 13, 2018)

by Ray Pompon

How moving application into the cloud can make your organization stronger and more valuable to your customers.

Mirai is Attacking Again, So We’re Outing its Hilarious, Explicit C&C Hostnames

blog / janv. 04, 2018 (MODIFIED: févr. 21, 2018)

by David Holmes

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their blacklists and protect themselves.

New Python-Based Crypto-Miner Botnet Flying Under the Radar

article / janv. 03, 2018 (MODIFIED: mars 08, 2018)

by Maxim Zavodchik, Liron Segal, Aaron Brailsford

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

Liability in an Assume Breach World

blog / janv. 02, 2018 (MODIFIED: févr. 09, 2018)

by Ray Pompon, Sara Boddy

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

BrickerBot: Do “Good Intentions” Justify the Means—or Deliver Meaningful Results?

blog / déc. 28, 2017 (MODIFIED: janv. 23, 2018)

by Justin Shattuck

Most security researchers have good intentions, but ethics must play a central role in the decisions they make.

Bleichenbacher Rears its Head Again with the ROBOT Attack

blog / déc. 27, 2017 (MODIFIED: janv. 15, 2018)

by David Holmes

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

Achieving Multi-Dimensional Security through Information Modeling—Modeling Inversion Part 5

blog / déc. 26, 2017 (MODIFIED: janv. 24, 2018)

by Ravila White

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

Risky Business: Understand Your Assets and Align Security with the Business

/ déc. 19, 2017 (MODIFIED: janv. 18, 2018)

by Preston Hogue

Security teams can fulfill the CISOs responsibilities and help business groups become more security-savvy by working through the due diligence and due care process together.

Zealot: New Apache Struts Campaign Uses EternalBlue and EternalSynergy to Mine Monero on Internal Networks

article / déc. 15, 2017 (MODIFIED: mars 08, 2018)

by Maxim Zavodchik, Liron Segal

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.

The Credential Crisis: It’s Really Happening

blog / déc. 14, 2017 (MODIFIED: janv. 10, 2018)

by Lori MacVittie

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

To Protect Your Network, You Must First Know Your Network

/ déc. 13, 2017 (MODIFIED: janv. 12, 2018)

by Ray Pompon

Strong security starts with understanding exactly what you need to protect and where it resides within your organization.

Lessons Learned from a Decade of Data Breaches

report / déc. 07, 2017 (MODIFIED: mars 13, 2018)

by Sara Boddy, Ray Pompon

F5 Labs researched 433 breach cases spanning 12 years, 37 industries, and 27 countries to discover patterns in the initial attacks that lead to the breach.

Avoiding the Epidemic of Hospital Hacks

blog / déc. 05, 2017 (MODIFIED: janv. 09, 2018)

by Ray Pompon

Good security is highly dependent on hospital staff being well trained and having the discipline to follow security processes—manual and otherwise—to the letter.

The Startup Security Challenge: Safe in the Cloud from Day One

blog / nov. 30, 2017 (MODIFIED: janv. 03, 2018)

by Ray Pompon

How this cloud startup met its goals for security and availability right out of the gate by setting goals, doing a risk analysis, and examining tradeoffs.

Achieving Multi-Dimensional Security through Information Modeling—Unwrapping Controls Part 4

blog / nov. 28, 2017 (MODIFIED: janv. 02, 2018)

by Ravila White

In Part 3 of this blog series, we demonstrated modeling the threat landscape along with executive threat-modeling. In this blog, we discuss the importance of defining controls.

If Your Security Question List Looks like a Facebook Favorite List, Start Over Now

blog / nov. 21, 2017 (MODIFIED: déc. 27, 2017)

by Lori MacVittie

Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?

Phishing: The Secret of its Success and What You Can Do to Stop It

report / nov. 16, 2017 (MODIFIED: janv. 04, 2018)

by Ray Pompon

Learn about the tricks attackers use to dupe unsuspecting users and how you can help protect them—and your organization.

A CISO Landmine: No Security Awareness Training

blog / nov. 14, 2017 (MODIFIED: mars 19, 2018)

by Mike Levin, Center for Information Security Awareness

CISOs who fail to prioritize security awareness training are putting their business and assets at serious risk.

Is a Good Offense the Best Defense Against Hackers?

blog / nov. 09, 2017 (MODIFIED: déc. 19, 2017)

by Ray Pompon

Proposed legislation could change existing laws that bars victims of hacking attacks from striking back.

What Happens to Encryption in a Post-Quantum Computing World?

blog / nov. 07, 2017 (MODIFIED: déc. 15, 2017)

by Debbie Walkowski

As the possibility of quantum computing draws nearer, changes to today’s TLS key exchange algorithms will be required.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.