Author: nlqip
There’s something undeniably compelling about a good myth. Maybe that’s because a dose of escapism does our brain good, and it’s fun to spend a few moments wondering about deadly alligators populating the New York City sewer system or Walt Disney’s cryogenically frozen head waiting to be brought back to life. But while those myths…
Read MorePassword login attacks, especially credential stuffing attacks, are still one of the most common cyberattacks on the Internet. F5 Labs and Shape Security extensively looked at the patterns and trends associated with credential stuffing in the 2021 Credential Stuffing Report. In part 2 of this series on credential stuffing tools and techniques, we dive deeper…
Read MoreApply the stable channel update provided by Apple to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read MorePig Butchering Scam: How Bitcoin, Ethereum, Litecoin and Spot Gold (XAUUSD) Investments Are Used in Romance Scams to Steal Hundreds of Millions
- by nlqip
This is the second part of a two-part series based on firsthand research into pig butchering scams from the end of 2022 into early 2024. In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form of cryptocurrency…
Read MoreSo How Good Are Sectors for Predicting Risk? Based on these analyses, it appears that the answer is “not bad, but it depends.” On one hand, we can identify specific patterns that seem to map to characteristics about those sectors. We already knew that the Retail Trade sector is heavily targeted by attacks that are…
Read MoreIn general, organizations should implement just enough necessary cybersecurity to mitigate risk and meet compliance requirements. We’ve talked about how to mitigate known, foreseeable cyberthreats, but what is the lowest bar for a typical organization with respect to cybersecurity? To figure this out, we need to think about universal compliance and legal obligations for any…
Read MoreF5 Labs in collaboration with Effluxio researches global attack traffic to gain a better understanding of the cyberthreat landscape. In this installment of regional threat analysis, F5 Labs researchers break down the data collected by our sensors on attacks targeting Latin America from January 1 through March 31, 2021. Cyberattacks happen in many forms, but…
Read MoreWhat Is SQL Injection? SQL injection is a technique used by attackers to gain unauthorized access to one of an organization’s most critical assets: the database that supports its website. In most cases, it is website vulnerabilities that allow an attacker to insert (or inject) instructions where the application is expecting only data. SQL injection…
Read MorePig Butchering Scam: From Tinder and TikTok to WhatsApp and Telegram, How Scammers Are Stealing Millions in a Long Con
- by nlqip
In part one of a two-part series on Pig butchering, we detail the pervasive scam that has impacted thousands of victims around the world, resulting in the loss of hundreds of millions of dollars. This blog highlights the who and the how of pig butchering scams, and details the pig butchering playbook. Background Pig butchering…
Read MorePredictions are a risky business. If you play it too conservatively, you tell everyone what they already know and just get an eye roll for your trouble. If you go out on a limb and get it wrong, people stop listening to you. That’s why, as we unwisely return to the task of predicting the…
Read MoreRecent Posts
- CISA Releases One Industrial Control Systems Advisory | CISA
- Botnet fueling residential proxies disrupted in cybercrime crackdown
- Microsoft Ignite 2024: The Biggest News In Devices, Security
- New Windows 11 recovery tool to let admins remotely fix unbootable devices
- Google: DOJ Pushing ‘A Radical Agenda’ With Forced Chrome Sell-Off