Rental Scams Are Pervasive, Even Years After the Housing Recession

Blog / Jul 24, 2018

By joyce wu

Rental scams are getting more sophisticated and are making it harder for legitimate landlords and renters to find each other.

BackSwap Defrauds Online Banking Customers Using Hidden Input Fields

Article / Jun 29, 2018

By ruby cohen doron voolf

BackSwap demonstrates unique behavior in its manipulation of user input fields and its handling of International Bank Account Numbers (IBANs).

Advanced Attackers: Stealthy, Patient, Dangerous

Blog / May 31, 2018

By ray pompon

Advanced attackers are considered a top threat by CISOs. Although they are rare, their stealthy determination to learn everything about a target before they strike makes them especially dangerous.

Hacker Fashion Review

Blog / May 30, 2018

By ray pompon

It’s important for the fashion-conscious hacker to know what’s on trend! Here’s a preview of APT Group Purple Aardvark’s summer line—a few hits, some misses.

Drupalgeddon 2 Highlights the Need for AppSecOps

Blog / May 11, 2018

By lori macvittie

If you aren’t aware of Drupalgeddon 2, then you’ve either been living off the grid or don’t use the popular content management system (CMS).

Russia Attacks Global Network Infrastructure Through Vulnerabilities That Extend Far Beyond Their Targets

Blog / May 4, 2018

By sara boddy

US-CERT TL18-106A alert underscores how insecure Internet systems really are and that ignoring the problem only increases the collateral damage.

Breach Costs Are Rising with the Prevalence of Lawsuits

Blog / May 2, 2018

By ray pompon

When it comes to tallying the total cost of a data breach, lawsuits figure prominently, alongside repair costs, loss of reputation and sales, compliance penalties, and operational downtime.

The 2017 TLS Telemetry Report

Report / Apr 23, 2018

By david holmes

Privacy today isn’t just about staying away from prying eyes. The very act of communicating across the Internet with open, non-confidential protocols invites exposure to multiple threat types.

The Hunt for IoT: The Growth and Evolution of Thingbots Ensures Chaos

Report / Mar 13, 2018

By sara boddy justin shattuck

IoT attacks show no signs of decreasing while infected IoT devices go un-remediated, and discovery of new thingbots is at a decade-long high.

A Spectre of Meltdowns Could be in Store for 2018, Including Fileless Malware Attacks and More Costly Bots

Blog / Jan 10, 2018 (MODIFIED: Jan 15, 2018)

By lori macvittie

Every week, another bug, vulnerability, or exploit is released—we need a multi-layered security strategy to deal with threats like Spectre and Meltdown.

Mirai is Attacking Again, So We’re Outing its Hilarious, Explicit C&C Hostnames

Blog / Jan 4, 2018 (MODIFIED: Jan 18, 2018)

By david holmes

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their blacklists and protect themselves.

New Python-Based Crypto-Miner Botnet Flying Under the Radar

Article / Jan 3, 2018 (MODIFIED: Jan 25, 2018)

By maxim zavodchik liron segal aaron brailsford

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

Liability in an Assume Breach World

Blog / Jan 2, 2018 (MODIFIED: Jan 18, 2018)

By ray pompon sara boddy

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

Bleichenbacher Rears Its Head Again with the ROBOT Attack

Blog / Dec 27, 2017 (MODIFIED: Jan 15, 2018)

By david holmes

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

Zealot: New Apache Struts Campaign Uses EternalBlue and EternalSynergy to Mine Monero on Internal Networks

Article / Dec 15, 2017 (MODIFIED: Jan 18, 2018)

By maxim zavodchik liron segal

Zealot Apache Struts campaign targets vulnerabilities in Windows, Linux, and DotNetNuke, then uses leaked NSA exploits to mine Monero on internal networks.

The Credential Crisis: It’s Really Happening

Blog / Dec 14, 2017 (MODIFIED: Jan 10, 2018)

By lori macvittie

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

Lessons Learned From a Decade of Data Breaches

Report / Dec 7, 2017 (MODIFIED: Jan 31, 2018)

By sara boddy ray pompon

F5 Labs researched 433 breach cases spanning 12 years, 37 industries, and 27 countries to discover patterns in the initial attacks that lead to the breach.

The Startup Security Challenge: Safe in the Cloud From Day One

Blog / Nov 30, 2017 (MODIFIED: Jan 3, 2018)

By ray pompon

How this cloud startup met its goals for security and availability right out of the gate by setting goals, doing a risk analysis, and examining tradeoffs.

If Your Security Question List Looks Like a Facebook Favorite List, Start Over Now

Blog / Nov 21, 2017 (MODIFIED: Dec 27, 2017)

By lori macvittie

Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?

Phishing: The Secret of Its Success and What You Can Do to Stop It

Report / Nov 16, 2017 (MODIFIED: Jan 4, 2018)

By ray pompon

Learn about the tricks attackers use to dupe unsuspecting users and how you can help protect them—and your organization.

What Happens to Encryption in a Post-Quantum Computing World?

Blog / Nov 7, 2017 (MODIFIED: Dec 15, 2017)

By debbie walkowski

As the possibility of quantum computing draws nearer, changes to today’s TLS key exchange algorithms will be required.

Academic Research: A Survey of Email Attacks

Article / Oct 31, 2017 (MODIFIED: Dec 14, 2017)

By david hammerstrom sara mcgarvey russel parham kyle uecker anthony wade

Email has become such an ordinary part of our daily lives that we can forget how vulnerable it is.

Interview With the Experts: The Future of IoT Security Through the Eyes of F5 Threat Researchers

Blog / Oct 19, 2017 (MODIFIED: Nov 30, 2017)

By debbie walkowski

When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.

New Threat May Slip Through the KRACK in BYOD Policies

Blog / Oct 17, 2017 (MODIFIED: Nov 26, 2017)

By lori macvittie

Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.

Joining Forces With Criminals, Deviants, and Spies to Defend Privacy

Blog / Oct 12, 2017 (MODIFIED: Nov 7, 2017)

By jennifer chermoshnyuk matt beland

Organizations need to provide clear and specific guidance to employees who travel across national borders when it comes to giving up passwords and surrendering devices.

Academic Research: Web Application Attacks

Article / Oct 10, 2017 (MODIFIED: Nov 9, 2017)

By andrew cox daniel freese matthew martin daniel massie

Personally identifiable information and user credentials are the primary nuggets attackers are after when they exploit known vulnerabilities in web applications.

The Good News About Breaches

Blog / Oct 4, 2017 (MODIFIED: Oct 31, 2017)

By lori macvittie

Security breaches in the news serve as a good reminder to check and make sure you have a solid application protection strategy in place, starting with never trusting user input.

Phishing for Information, Part 5: How Attackers Pull It All Together, and How You Can Fight Back

Blog / Sep 28, 2017 (MODIFIED: Oct 24, 2017)

By ray pompon

Stop feeding attackers every piece of the puzzle they need to pull off their scams.

Trickbot Rapidly Expands its Targets in August, Shifting Focus to US Banks and Credit Card Companies

Article / Sep 14, 2017 (MODIFIED: Oct 17, 2017)

By sara boddy jesse smith doron voolf

TrickBot released a new worm module, shifted its focus towards the US, and soared past the one thousand target URLs mark in a single configuration.

Phishing for Information, Part 4: Beware of Data Leaking Out of Your Equipment

Blog / Sep 7, 2017 (MODIFIED: Dec 29, 2017)

By ray pompon

Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.

Follow us on social media.