Author: nlqip
There is no cease-fire in the continuing battle against malware. Qbot, a banking trojan malware active since 2008, is back in business with new functions and new stealth capabilities. In the past 12 years, this malware has gone by a handful of names, including Qakbot and Pinkslipbot. Despite all the variations and evolutions, Qbot’s main…
Read MoreDifficult security incidents are unique and valuable opportunities. They are the sort of testing you can’t buy: real-world, un-simulated, and direct. No pen-test or code review is going to do what a serious incident will. They are priceless jewels, but only if you use them for all they’re worth. Capturing that value is only possible…
Read MoreThis is the first in a three-part series on the new Department of Defense (DoD) audit requirement called Cybersecurity Maturity Model Certification (CMMC). This first part introduces CMMC and what it means for the future of U.S. government suppliers of cybersecurity. Part two will discuss how to prepare for a CMMC audit. Part 3 will…
Read MoreThe Application Protection Research Series is an ongoing project at F5 Labs that provides an overarching view of the application security landscape. While detailed analyses of specific attacks are critical for defenders to adapt to emerging techniques, it is easy to overemphasize tactics over strategy if those kinds of analyses are the only thing we…
Read MoreEditor’s Note: F5 Labs is a threat research and analysis team within F5 Networks. As a relatively small team of researchers, evangelists, and writers who produce vendor-neutral threat-related content, we look forward every summer to the opportunity to bring in a college intern to help us with special research and data analysis projects. In the…
Read MoreRansomware is not the hottest topic around right now. But that may be deceptive as to its proliferation, because figures show it is still very much alive and kicking. It only takes a quick glance at the rest of the world to see the devastating effects ransomware attacks can have on public and private sector…
Read MoreCredential Stuffing Causes Outages It’s not hard for attackers to find poorly defended web logins. Many sites often have only a basic web application firewall (WAF), or nothing at all. Many WAFs do not detect or defend against credential stuffing attacks. In general, WAFs are designed to block application attacks, malformed requests, and web exploits.…
Read MoreThese kinds of incidents make it clear that the development teams behind these applications assumed that APIs were difficult to find. In all likelihood, they were prioritizing both application functionality and development speed over security. In other words, they “just had to get it to work.” This is a practical illustration of our thesis from…
Read MoreLooking back at 2020, it was obvious even at the time that everything had changed forever. The COVID-19 pandemic left nothing as it was. It brought disruption and loss to everyone. For security and IT staff, it also ushered in the Great Remote Access Experiment. Our work was suddenly thrust into the limelight, but without…
Read MoreThe sight of empty supermarket shelves during the COVID-19 pandemic brought home the fragility of our food supply chain. We can all see the importance of ensuring the security of the farming and agriculture industry. However, farming is becoming increasingly automated. This means new cybersecurity risks are emerging to stand alongside traditional risks like the…
Read More