Cyber Insurance: Read the Fine Print!

blog / 3 25, 2017 (MODIFIED: 3 24, 2017)

by Ray Pompon

Purchasing cyber insurance can be useful, but claims are often denied due to policy exclusions or lapses in controls.

Can Audits Help Us Trust Third Parties?

blog / 3 21, 2017 (MODIFIED: 3 20, 2017)

by Ray Pompon

Organizations who outsource need to measure the risk of entrusting their data to someone else. They aren’t easy or cheap, but audits are really the best tool we have.

Will Deception as a Defense Become Mainstream?

blog / 3 14, 2017 (MODIFIED: 3 20, 2017)

by Ray Pompon

Defensive deception works well, but needs championing before we’ll see it as a best practice or compliance requirement.

DNS Is Still the Achilles’ Heel of the Internet

article / 3 11, 2017 (MODIFIED: 3 24, 2017)

by Ray Pompon

Since the Internet can’t survive without DNS, let’s make our best effort to defend it.

Security’s “Rule Zero” Violated Again with Zero-Day Apache Struts 2 Exploit

blog / 3 10, 2017 (MODIFIED: 3 20, 2017)

by Lori MacVittie

If you’re running Apache Struts 2 and the vulnerable component, stop reading and update now.

Five Steps Users Can Take to Inoculate Themselves against Fake News

blog / 3 07, 2017 (MODIFIED: 3 06, 2017)

by Michael Levin, Center for Information Security Awareness

Security awareness training can significantly curb users' dissemination of fake news.

Why Managing Low-Severity Vulnerabilities Can’t Be Just a Pipe Dream

blog / 3 04, 2017 (MODIFIED: 3 13, 2017)

by Sara Boddy

Putting off fixing low-severity vulnerabilities can have high-impact effects.

Speed Over Security Still Prevalent in Spite of Substantial Risk for IoT Apps

blog / 3 04, 2017 (MODIFIED: 3 20, 2017)

by Lori MacVittie

Speed to market means IoT and mobile apps are being released with known vulnerabilities.

A CISO’s Reflections on RSA 2017

blog / 3 01, 2017 (MODIFIED: 3 24, 2017)

by Mike Convertino

Recapping RSA 2017: Endpoint Protection, Threat Hunting, and Talent Searching Abound!

Cloudbleed: What We Know and What You Should Do

blog / 2 25, 2017 (MODIFIED: 2 27, 2017)

by Lori MacVittie

Definitive steps individuals and organizations can take today to deal with the impact of Cloudbleed.

Building Secure Solutions Successfully Using Systems Theory

blog / 2 24, 2017 (MODIFIED: 3 20, 2017)

by Ray Pompon

When security solutions don’t work as planned, embrace the complexity and use Systems Theory tools to adjust, regulate, and redefine.

Ramnit's Twist: A Disappearing Configuration

blog / 2 18, 2017 (MODIFIED: 2 21, 2017)

by Anna Dorfman

The Ramnit banking Trojan continues to evolve, this time with the intent of making the malware harder to detect.

The Conflicting Obligations of a Security Leader

blog / 2 15, 2017 (MODIFIED: 3 20, 2017)

by Ray Pompon

Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations.

How Three Low-Risk Vulnerabilities Become One High

article / 2 14, 2017 (MODIFIED: 3 20, 2017)

by Keiron Shepherd

It’s easy to brush off low-risk vulnerabilities as trivial—until they’re combined to create a deep-impact attack.

The Risk Pivot: Succeeding with Business Leadership by Quantifying Operational Risk

blog / 2 10, 2017 (MODIFIED: 3 03, 2017)

by Ray Pompon

Getting the security investments you need often comes down to making your case to management in terms of operational risk.

Friendly Reminder: App Security in the Cloud is Your Responsibility

blog / 2 03, 2017 (MODIFIED: 3 03, 2017)

by Lori MacVittie

Nearly 200,000 servers are still vulnerable to Heartbleed—and the organizations who own them might surprise you.

Using F5 Labs Application Threat Intelligence

report / 1 27, 2017 (MODIFIED: 2 22, 2017)

by Ray Pompon

As security professionals, we often feel like we’re fighting a losing battle when it comes to cyber security.

The Humanization of the Security Leader: What CISOs Need to Be Successful

blog / 1 24, 2017 (MODIFIED: 2 27, 2017)

by Ray Pompon

When someone from the IT group gets promoted into security management, a common first lesson is that “geek culture” is ineffective in the boardroom. Just watch one episode of The Big Bang Theory and you’ll recognize the classic nerd character...

The New Insider Threat: Automation Frameworks

blog / 1 20, 2017 (MODIFIED: 2 23, 2017)

by Lori MacVittie

One of the pillars of DevOps is - according to its founders - automation. Along with automation naturally comes orchestration, which as you might guess is automation but at a higher level of abstraction. Where automation focuses on using...

The 2016 TLS Telemetry Report

report / 1 19, 2017 (MODIFIED: 2 22, 2017)

by David Holmes

In just four short years, encryption estimates have gone from almost non-existent (in the low single digits before 2013) to just over 50% by the end of 2016. How much of a victory is this?

Welcome to CISO to CISO

article / 1 19, 2017 (MODIFIED: 3 06, 2017)

by Mike Convertino

Hi. I’m Mike Convertino, CISO of F5 Networks, and I want to welcome you to an experiment we’re conducting here at F5. We’ve laid the foundation of this CISO to CISO portal on an idea that has traditionally been somewhat controversial in the security community: openness.

Application Threat Intelligence: What Do CISOs Need?

blog / 1 19, 2017 (MODIFIED: 3 13, 2017)

by Mike Convertino

I’ve mentioned before how important strong risk management is to a CISO. When it comes to risk, the applications our users depend on are a big concern. In F5's 2016 State of Application Security survey, a majority of respondents cited security around applications as an area of great concern.

IoT Threats: A First Step into a Much Larger World of Mayhem

blog / 1 18, 2017 (MODIFIED: 3 03, 2017)

by Ray Pompon

So far, we’ve seen IoT DDoS attacks on a Death Star scale. What's next for those of us that may be caught in the blast?

TrickBot Now Targeting German Banking Group Sparkassen-Finanzgruppe

blog / 12 02, 2016 (MODIFIED: 1 27, 2017)

by Shaul Vilkomir-Preisman

TrickBot, the latest arrival to the banking malware scene and successor to the infamous Dyre botnet, is in constant flux.

Old Protocols, New Exploits: LDAP Unwittingly Serves DDoS Amplification Attacks

article / 11 16, 2016 (MODIFIED: 3 03, 2017)

by Liron Segal

A new DDoS attack vector that leverages LDAP for reflection-amplification attacks is seeing increased usage.

Security’s Blind Spot: Application Layer Visibility

blog / 11 15, 2016 (MODIFIED: 2 24, 2017)

by Lori MacVittie

We’ve all seen after-the-fact security camera footage of a wide variety of crimes splashed across social media and news sites. This visibility is a critical component of any judicial system, as it helps identify who did what and provides crucial, objective evidence of what actually happened.

Little TrickBot Growing Up: New Campaign

blog / 11 08, 2016 (MODIFIED: 2 13, 2017)

by Julia Karpin

Recently there have been several reports of a financial malware named TrickBot; this malware's code looks similar to Dyre.

DARPA Proves Automated Systems Can Detect, Patch Software Flaws at Machine Speed

article / 10 24, 2016 (MODIFIED: 2 13, 2017)

by Debbie Walkowski

According to DARPA, it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc.

DDoS's Newest Minions: IoT Devices (Volume 1)

quarterly report / 10 08, 2016 (MODIFIED: 2 22, 2017)

by Justin Shattuck

The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices.

Mirai: The IoT Bot that Took Down Krebs and Launched a Tbps Attack on OVH

article / 10 06, 2016 (MODIFIED: 3 03, 2017)

by Liron Segal

The Mirai botnet has infected hundreds of thousands of Internet of Things (IoT) devices, specifically security cameras, by using vendor default passwords for Telnet access.

Bug Bounty Programs Only Half the Battle

blog / 10 05, 2016 (MODIFIED: 2 24, 2017)

by Lori MacVittie

What's the other half? And why don't organizations just find and fix their own bugs?

Malware Targeting Bank Accounts Has a Swapping Pattern

article / 9 01, 2016 (MODIFIED: 3 03, 2017)

by Doron Voolf

F5 Labs analysts discovered a target pattern in the IBAN number formats as well as weekly changes to the script injection content. In May 2016, the F5 Security Operations Center (SOC) detected a generic form grabber and IBAN (International Bank...

When Securing Your Applications, Seeing Is Believing

article / 8 25, 2016 (MODIFIED: 2 24, 2017)

by Mike Convertino

While the cloud is amazing, a worrying lack of visibility goes along with it. F5 CISO Mike Convertino on things to keep in mind when developing a security approach.  When Securing Your Applications, Seeing is Believing

Is HEIST a Risk or a Threat?

blog / 8 13, 2016 (MODIFIED: 1 19, 2017)

by Lori MacVittie

HEIST is an example of how risk and threat are different, and why the distinction matters.

We Expected SSL Everywhere, and It's Well on the Way

article / 8 02, 2016 (MODIFIED: 1 27, 2017)

by David Holmes

Malicious actors and eavesdroppers are forcing Internet communication into a single cryptographic protocol: SSL.

Web Injection Threats: The Cost of Community Engagement on Your Site

article / 7 23, 2016 (MODIFIED: 3 03, 2017)

by Sara Boddy

Customer engagement drives web application design, but user-generated content brings inherent security challenges.

Privacy and Security: Where Do We Go From Here?

article / 6 22, 2016 (MODIFIED: 2 24, 2017)

by Mike Convertino

Some of you may remember a time when national security was a question of police officers protecting individuals from crime on the street, or the Army’s defence against international threats. Today, that picture looks very different. If anything,...

Dridex is Watching You

article / 6 18, 2016 (MODIFIED: 1 27, 2017)

by Anna Dorfman

And we're watching Dridex. Here's the latest in this malware's evolution.

Are You Ready to Handle 100+ Gbps DDoS Attacks—the New Normal?

article / 6 14, 2016 (MODIFIED: 1 27, 2017)

by Ilan Meller

DDoS attacks have been common since the late 2000s, but average attack peaks have increased to 100+ Gbps.

Thanks to Anonymous' Latest Toolset, Anyone Can Play the DDoS Game

article / 6 01, 2016 (MODIFIED: 1 27, 2017)

by Liron Segal

Anonymous commoditizes well-known DDoS attacks by making easy-to-use tools, available to even the most unsophisticated user.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.