TrickBot Rapidly Expands its Targets in August, Shifting Focus to US Banks and Credit Card Companies

article / Sept 14, 2017

by Sara Boddy, Jesse Smith, Doron Voolf

TrickBot kicked into high gear coming into August with the most targeted URLs since its launch. It released a new worm module, shifted its focus towards the US, and soared past the one thousand target URL mark in a single configuration.

CISOs: Striving Toward Proactive Security Strategies

report / Sept 13, 2017 (MODIFIED: Sept 19, 2017)

by Mike Convertino

As enterprises more closely align their security and IT operations, they still struggle to shift their security programs from reactive to proactive.

Five Reasons the CISO is a Cryptocurrency Skeptic—Starting with Bitcoin

blog / Sept 13, 2017 (MODIFIED: Sept 19, 2017)

by David Holmes

There’s a lot of hype surrounding cryptocurrencies, but what’s good for currency traders may not be great for security-minded professionals.

Phishing for Information, Part 4: Beware of Data Leaking Out of Your Equipment

blog / Sept 07, 2017 (MODIFIED: Sept 19, 2017)

by Ray Pompon

Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.

WireX Android DDoS Malware Adds UDP Flood

blog / Sept 01, 2017 (MODIFIED: Sept 14, 2017)

by Julia Karpin, Liron Segal, Maxim Zavodchik

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

Six Steps to Finding Honey in the OWASP

blog / Aug 31, 2017 (MODIFIED: Sept 19, 2017)

by Ray Pompon

According to Verizon’s 2014 Data Breach Investigations Report, “Web applications remain the proverbial punching bag of the Internet.” Things haven’t improved much since then. What is it about web applications that makes them so...

URL Obfuscation—Still a Phisher's Phriend

blog / Aug 29, 2017 (MODIFIED: Sept 19, 2017)

by Ray Pompon

Cyber crooks use several common URL disguising techniques to trick users into thinking their sham sites are legitimate.

Achieving Multi-Dimensional Security through Information Modeling—Executive Threat Modeling Part 3

blog / Aug 23, 2017 (MODIFIED: Sept 19, 2017)

by Ravila White

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

Phishing for Information, Part 3: How Attackers Gather Data About Your Organization

blog / Aug 22, 2017 (MODIFIED: Sept 13, 2017)

by Ray Pompon

The Internet is full of information about your company that’s easily accessible to anyone and particularly useful to attackers.

"Cry 'Havoc' and Let Loose the Thingbots of War!"

blog / Aug 17, 2017 (MODIFIED: Sept 14, 2017)

by Lori MacVittie

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

Where Do Vulnerabilities Come From?

blog / Aug 15, 2017 (MODIFIED: Sept 14, 2017)

by Ray Pompon

Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled.

The Hunt for IoT: The Rise of Thingbots

report / Aug 09, 2017

by Sara Boddy, Justin Shattuck

With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs are pointing to them becoming the attacker infrastructure of the future.

Can Engineers Build Networks Too Complicated for Humans to Operate?
Part I: Scope of the Problem

blog / Aug 03, 2017 (MODIFIED: Sept 19, 2017)

by Mike Simon

This series explores how InfoSec practitioners can use math, technology, and critical thinking to mitigate risk in a world where networks and data have surpassed the scope of human comprehension.

RSA in a “Pre-Post-Quantum” Computing World

blog / Aug 01, 2017 (MODIFIED: Sept 07, 2017)

by David Holmes

Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon?

TrickBot Focuses on Wealth Management Services from its Dyre Core

article / Jul 27, 2017 (MODIFIED: Sept 01, 2017)

by Sara Boddy, Jesse Smith, Doron Voolf

As TrickBot evolves, we examine version 24, which heavily targets Nordic financial institutions, and we take a close look at the Dyre–TrickBot connection.

What Are You Doing to Protect Critical Infrastructure?

blog / Jul 25, 2017 (MODIFIED: Sept 13, 2017)

by Mike Levin, Center for Information Security Awareness

Protecting our critical infrastructure is everyone’s responsibility, and there are many ways we can all do our part.

Phishing for Information, Part 2: How Attackers Collect Data About Your Employees

blog / Jul 20, 2017 (MODIFIED: Sept 01, 2017)

by Ray Pompon

The personal and job-related information that employees often innocently post on various websites makes it easy for phishers to pull off their scams.

How to Avoid the Six Most Common Audit Failures

blog / Jul 18, 2017 (MODIFIED: Sept 01, 2017)

by Ray Pompon

A veteran auditor told us how organizations fail audits. Here are six detailed strategies to help you achieve success.

How Quantum Computing Will Change Browser Encryption

report / Jul 13, 2017 (MODIFIED: Sept 01, 2017)

by David Holmes

Safeguarding TLS against attack in the quantum computing age will require changes to today’s TLS key exchange algorithms.

Who Should the CISO Report To?

blog / Jul 11, 2017 (MODIFIED: Aug 24, 2017)

by Ray Pompon

Savvy organizations that understand the gravity of cyber security are giving CISOs a voice at the executive table.

Phishing for Information, Part 1: How Phishers Bait Their Hooks with Information You Volunteer

blog / Jul 06, 2017 (MODIFIED: Aug 17, 2017)

by Ray Pompon

In this five-part blog series, we look at how cyber scammers vacuum up information across the Internet to build profiles for phishing and other kinds of social engineering attacks.

The Six Most Common Audit Failures

blog / Jun 29, 2017 (MODIFIED: Aug 15, 2017)

by Kyle Robinson, Senior Manager at Grant Thornton

A veteran auditor walks through where he’s seen organizations fail during audit.

NSA, CIA Leaks Provide a Roadmap to Stealthier, Faster, More Powerful Malware Like SambaCry and NotPetya

blog / Jun 27, 2017 (MODIFIED: Aug 09, 2017)

by Mike Convertino

Recent NSA and CIA leaks exposed advanced new techniques for building automated malware factories that churn out threats like SambaCry and Petya/NotPetya, which deploy over untraceable networks.

Achieving Multi-Dimensional Security through Information Modeling—The Master Model Part 2

blog / Jun 22, 2017 (MODIFIED: Aug 03, 2017)

by Ravila White

Understanding the customer segment of your organization is critical to developing a strategy that ensures regulatory compliance.

Russian Hackers, Face to Face

blog / Jun 21, 2017 (MODIFIED: Aug 01, 2017)

by Ray Pompon

An undercover interview of two infamous Russian hackers speak volumes about skills, passion, and motivation of some of the world’s most dangerous cybercriminals.

TrickBot Expands Global Targets Beyond Banks and Payment Processors to CRMs

blog / Jun 15, 2017 (MODIFIED: Aug 01, 2017)

by Sara Boddy, Jesse Smith, Doron Voolf

TrickBot shows no signs of slowing down as new targets are added and command and control servers hide within web hosting providers’ networks.

Yak Shaving: CISOs Aren’t Immune

blog / Jun 14, 2017 (MODIFIED: Jul 25, 2017)

by Ray Pompon

Sometimes, CISOs spin their wheels doing useless security activity that only looks productive from the outside.

10 Ways Organizations Can Get Ready for Breach Disclosure

blog / Jun 08, 2017 (MODIFIED: Jul 20, 2017)

by Ray Pompon

Facing data breach disclosure requirements across the globe, organizations need to be prepare in advance to respond well.

Default Passwords Are Not the Biggest Part of the IoT Botnet Problem

blog / Jun 06, 2017 (MODIFIED: Jul 20, 2017)

by Lori MacVittie

Providers and manufacturers could go a long way toward reducing the very real threat of IoT.

The CISO: A Field Guide

blog / Jun 01, 2017 (MODIFIED: Jul 18, 2017)

by Bill Hughes

Learn to recognize different types of CISOs so you can ensure you’re hiring the right one.

Fight Credential Stuffing by Taking a New Approach to Authorization

blog / May 31, 2017 (MODIFIED: Jul 06, 2017)

by Michael Koyfman

How a token-based authorization model can help organizations dramatically reduce credential stuffing attacks.

SambaCry: The Linux Sequel to WannaCry

blog / May 26, 2017 (MODIFIED: Jul 11, 2017)

by Malcolm Heath, Ray Pompon

With simple exploits plaguing Windows and Linux SMB week over week, do yourself a favor and patch for CVE-2017-7494 now to avoid having to do it in panic mode.

How I Learned to Love Cyber Security

blog / May 25, 2017 (MODIFIED: Jul 18, 2017)

by Todd Plesco, CISO of Prescribe Wellness

Cyber security can be a difficult and thankless job, but you can learn to love it when you know how to go about it.

How a CISO Can Play a Role in Selling Security

blog / May 23, 2017 (MODIFIED: Jul 06, 2017)

by Ray Pompon

More and more CISOs are finding themselves pulled into the sales cycle to defend and sell their security programs. Here’s how to do it right.

Why Cloud Sprawl is a Security Risk

blog / May 18, 2017 (MODIFIED: Jul 24, 2017)

by Lori MacVittie

Cloud sprawl isn’t just a budget sinkhole; it’s quickly becoming a security blind spot and potential attack vector for data theft.

Strike Back at Silent Bob: Scan and Block Ports Used by Intel AMT

blog / May 16, 2017 (MODIFIED: Jul 24, 2017)

by David Holmes

Is the Intel AMT vulnerability as bad as we all first thought? Either way, here are some suggestions for protecting yourself.

From NSA Exploit to Widespread Ransomware: WannaCry is on the Loose

blog / May 12, 2017 (MODIFIED: Jul 24, 2017)

by Ray Pompon

The new EternalBlue NSA exploit is powering a wave of virulent ransomware sweeping across Europe.

THE HUNT FOR IoT: The Networks Building Death Star-Sized Botnets

report / May 10, 2017 (MODIFIED: Aug 07, 2017)

by Sara Boddy, Justin Shattuck

With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on...

Can Your Risk Assessment Stand Up Under Scrutiny?

blog / May 09, 2017 (MODIFIED: Jul 24, 2017)

by Ray Pompon

Risk assessments are a key part of a security program, but their execution and format are highly variable. Regulators can sanction organizations that perform improper or inadequate risk assessments.

Achieving Multi-Dimensional Security through Information Modeling – Part 1

blog / May 04, 2017 (MODIFIED: Jul 18, 2017)

by Ravila White

Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls that minimizes risk and achieves continuous compliance.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.