September 18, 2018

Leveraging Government Transparency to Find Vulnerable Cellular Gateways

article

9 min. read

A simple search of public records confirms the astounding number of potentially vulnerable cellular gateways in use in many cities’ emergency services vehicles.

RELATED INTELLIGENCE:
MORE ON IoT

All

Threats

CISO

Featured Data

Top Risks

July 25, 2018

2018 Application Protection Report

report

90 min. read

In this report, we demystify the complexities of apps, explore how and where they’re attacked, and provide practical steps to take now to start winning the app protection battle.

Read the full report

No articles found matching your filter criteria

F5 Labs in the Industry

Understand the Application

Explore threats and app components

App Tiers

Client

Client

Most applications need a client interface to push or pull data to users. Increasingly, applications themselves are also running on active scripting in the browser itself. This creates new security consequences and therefore new requirements for testing and defense.

Affects these layers: Client

Ready or Not, Cyberwarfare Is Here

Industry Breakdowns for the 2018 Application Protection Report

Trickbot Gets Trickier by Adding an Encryption Layer
Services

Services

A typical web application often makes use of at least one or more web server add-ons in its architecture. These servers are the basis for web applications, but they also allow add-ons such as modules, plugins, libraries, frameworks, and extensions that add functionality. This increases complexity and broadens the attack surface of an application.

Affects these layers: App services

Abusing Googlebot Services to Deliver Crypto-Mining Malware

Trickbot Gets Trickier by Adding an Encryption Layer

Ready or Not, Cyberwarfare Is Here
Access

Access

The application access control tier is the gateway that users pass through for authentication and authorization. Client credentials are often stored in a database or apps can leverage shared on-premises solutions, or they can connect to SSO gateways.

Affects these layers: Access

Ready or Not, Cyberwarfare Is Here

Apps Are Like Onions; They Have Layers

Industry Breakdowns for the 2018 Application Protection Report
TLS

TLS

The transport layer tier provides encryption as network packets pass over untrusted networks like the Internet or convenience WiFi services. Transport Layer Security (TLS) also ensures that attackers haven’t tampered with the data in transit and verifies the application with a proper domain certificate from a trusted certificate authority.

Affects these layers: TLS

Industry Breakdowns for the 2018 Application Protection Report

2018 Application Protection Report

Apps Are Like Onions; They Have Layers
DNS

DNS

DNS is a globally distributed service running on agreed-upon standards of operation. If DNS is disrupted or tampered with, applications can suffer severe security impacts. Since the apps themselves may need connectivity to other services outside the application’s direct control, the app is also dependent on accurate and functional DNS.

Affects these layers: DNS

Industry Breakdowns for the 2018 Application Protection Report

2018 Application Protection Report

Apps Are Like Onions; They Have Layers
Network

Network

Clients need to connect to application servers, which almost always happens over the Internet. The network tier also includes all application network services such as Internet Service Providers (ISPs), last-mile connections from ISPs to their customers’ premises, and Internet routing protocols.

Affects these layers: Network

Ready or Not, Cyberwarfare Is Here

Attacking Air-Gap-Segregated Computers

Organizations Seek Help Fighting App-Focused DDoS Attacks Even as Total DDoS Attack Rates Stay Flat

Attack Types

App Infrastructure Attack

App Infrastructure Attack

Affects these layers: TLS , DNS , Network

Dictionary Attacks

DNS Hijacking

Eavesdropping

MitM

Protocol Abuse

DNS Cache Poisoning

DNS Spoofing

Key Disclosure

PDoS
Client-side Attack

Client-side Attack

Affects these layers: Client

Client-Platform Malware

MitB

Phishing

XSRF

Injection

MitM

Session Hijacking
DDoS Attack

DDoS Attack

Affects these layers: App services , Access , TLS , DNS , Network

DNS Amplification

SYN, UDP, and HTTP Floods
Web Application Attack

Web Application Attack

Affects these layers: App services , Access

Abuse of Functionality

Credential Stuffing

Injection

MitM

Protocol Abuse

XSS

Brute Force

Credential Theft

Malware

Phishing

XSRF

Back

If you were the world's best IoT botnet builder and you wanted to show the world how well-crafted an IoT botnet could be, Reaper is what you'd build.

-David Holmes

Read the article

Need-to-Know

Expertly picked stories on threat intelligence

/breach impact/

A by-the-numbers breakdown from the latest threat intelligence

1.3

terabit per second DDoS attack

51,000x

amplification factor

11211

UDP port used to launch attacks

Hundreds of apps will be attacked by the time you read this.

So, we get to work. We obsess over effective attack methods. We monitor the growth of IoT and its evolving threats. We dive deep into the latest crypto-mining campaigns. We analyze banking Trojan targets. We dissect exploits. We hunt for the latest malware. And then our team of experts share it all with you. For more than 20 years, F5 has been leading the app delivery space. With our experience, we are passionate about educating the security community-providing the intel you need to stay informed so your apps can stay safe.

Every

9 hrs

a critical vulnerability—with the potential for remote code execution—is released.

Attack types

DDoS Attack

Client-side Attack

Web Application Attack

App Infrastructure Attack

Application Tier