Economic Espionage: How Nation-State-Funded APTs Steal Billions in Secrets

Blog / Jun 12, 2018

By ray pompon

Don’t think your company is immune from nation-state APTs going after your intellectual property. Take these essential steps to protect yourself.

The Eternal Struggle: Security Versus Users

/ Jun 7, 2018

By ray pompon

F5 Labs writes for Help Net Security, explaining how to deal with the often-adversarial relationship between security professionals and the users they support.

Advanced Attackers: Stealthy, Patient, Dangerous

Blog / May 31, 2018

By ray pompon

Advanced attackers are considered a top threat by CISOs. Although they are rare, their stealthy determination to learn everything about a target before they strike makes them especially dangerous.

Panda Malware Broadens Targets to Cryptocurrency Exchanges and Social Media

Article / May 9, 2018

By doron voolf

Panda malware is back in full force with three currently active campaigns that extend its targets beyond banking to new industries and organizations worldwide.

Extend Your Security Program’s Influence with Adjuvants

Blog / Apr 17, 2018

By ray pompon

Savvy CISOs don’t go it alone; they rely on in-house collaborators (outside of the security team) to help achieve the organization’s security objectives.

The Email that Could Steal Your Life Savings and Leave You Homeless

Blog / Feb 8, 2018

By debbie walkowski david holmes

Real estate scams are big business for attackers. Be on the lookout for this one, which can leave home buyers destitute if not caught in time.

Thingbots and Reapers and Cryptominers—Oh, My! F5 Labs’ First Year in Review

Blog / Jan 25, 2018 (MODIFIED: Jan 31, 2018)

By debbie walkowski

F5 Labs covered a multitude of threats, vulnerabilities, botnets, attackers, and attacks in 2017. Here are just some of the highlights you might have missed.

If Your Security Question List Looks Like a Facebook Favorite List, Start Over Now

Blog / Nov 21, 2017 (MODIFIED: Dec 27, 2017)

By lori macvittie

Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?

Phishing: The Secret of Its Success and What You Can Do to Stop It

Report / Nov 16, 2017 (MODIFIED: Jan 4, 2018)

By ray pompon

Learn about the tricks attackers use to dupe unsuspecting users and how you can help protect them—and your organization.

Phishing for Information, Part 5: How Attackers Pull It All Together, and How You Can Fight Back

Blog / Sep 28, 2017 (MODIFIED: Oct 24, 2017)

By ray pompon

Stop feeding attackers every piece of the puzzle they need to pull off their scams.

Phishing for Information, Part 4: Beware of Data Leaking Out of Your Equipment

Blog / Sep 7, 2017 (MODIFIED: Dec 29, 2017)

By ray pompon

Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.

URL Obfuscation—Still a Phisher’s Phriend

Blog / Aug 29, 2017 (MODIFIED: Sep 28, 2017)

By ray pompon

Cyber crooks use several common URL disguising techniques to trick users into thinking their sham sites are legitimate.

Phishing for Information, Part 3: How Attackers Gather Data About Your Organization

Blog / Aug 22, 2017 (MODIFIED: Sep 28, 2017)

By ray pompon

The Internet is full of information about your company that’s easily accessible to anyone and particularly useful to attackers.

Phishing for Information, Part 2: How Attackers Collect Data About Your Employees

Blog / Jul 20, 2017 (MODIFIED: Sep 1, 2017)

By ray pompon

The personal and job-related information that employees often innocently post on various websites makes it easy for phishers to pull off their scams.

Phishing for Information, Part 1: How Phishers Bait Their Hooks With Information You Volunteer

Blog / Jul 6, 2017 (MODIFIED: Aug 17, 2017)

By ray pompon

In this five-part blog series, we look at how cyber scammers vacuum up information across the Internet to build profiles for phishing and other kinds of social engineering attacks.

Executive Impersonation Fraud Is on the Rise—And It Is Working

Blog / Apr 20, 2017 (MODIFIED: Jul 18, 2017)

By mike levin

Your company could lose hundreds of thousands in an impersonation scam, but here are eight things you can do to protect yourself.

Webinject Crafting Goes Professional: Gozi Sharing Tinba Webinjects

Blog / May 26, 2016 (MODIFIED: Jul 6, 2017)

By doron voolf

Webinject crafting is a separate profession now. Hackers write webinjects and sell them to fraudsters, who use them to weaponize Trojans.

Dridex Update: Moving to US Financials with VNC

Article / Apr 26, 2016 (MODIFIED: Jul 6, 2017)

By doron voolf

Ongoing campaign analysis has revealed that Dridex malware's latest focus has strongly shifted in recent months to US banks.

Dridex Botnet 220 Campaign: Targeting UK Financials With Webinjects

Article / Feb 25, 2016 (MODIFIED: Jul 6, 2017)

By maxim zavodchik

Like many other financial Trojans, the notorious Dridex malware keeps evolving and strengthening its presence.

Yasuo-Bot: Flexible, Customized, Fraudulent Content

Report / Dec 14, 2015 (MODIFIED: Jul 6, 2017)

By shaul vilkomir preisman

Standard mobile banking trojans post their own fraudulent content over banking applications. Yasuo-Bot goes further.

Webinject Analysis:

Report / Dec 12, 2015 (MODIFIED: Jul 6, 2017)

By elman reyes

Webinject attacks modify webpages to allow fraudsters to collect credentials, or act more directly against user accounts.

Dyre Update: Moving to Edge and Windows 10 With Anti-Antivirus

Blog / Nov 11, 2015 (MODIFIED: Jul 6, 2017)

By julia karpin

Dyre malware is a well-known threat that keeps security pros on their toes due in part to the frequent changes the authors incorporate.

Slave Malware Analysis: Evolving From IBAN Swaps to Persistent Webinjects

Report / Jun 24, 2015 (MODIFIED: Jul 6, 2017)

By nathan jester elman reyes julia karpin pavel asinovsky

Slave is financial malware written in Visual Basic. Since 2015 it has evolved from relatively simple IBAN swapping.

VBKlip Banking Trojan Goes Man-in-the-Browser

Article / Apr 30, 2015 (MODIFIED: Jul 6, 2017)

By julia karpin

VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.

Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption

Report / Apr 12, 2015 (MODIFIED: Jul 6, 2017)

By anna dorfman avi shulman

Dyre is one of the most sophisticated banking malware agents in the wild.

Tinba Malware: Domain Generation Algorithm Means New, Improved, and Persistent

Report / Oct 15, 2014 (MODIFIED: Jul 6, 2017)

By pavel asinovsky

Tinba, also known as "Tinybanker", "Zusy" and "HµNT€R$", is a banking Trojan.

Follow us on social media.