Author: nlqip

We launched the CISO-to-CISO section of F5 Labs in January 2017, with a welcome message from then F5 CISO, Mike Convertino, talking about how we want to encourage security leaders to share and openly discuss ideas on how they protect their organizations. It’s all about security leaders sharing advice for other security leaders. Well, three…

Read More

In part 1, we discussed the various definitions of cloud and looked at cloud incidents related to data breaches, such as outages. In this part, we’re taking a close look at major cloud data breach incidents over the past few years. Are the majority of these breaches associated with sophisticated advanced attackers or malicious insiders?…

Read More

Years ago, I worked on a consulting project for a large financial services company, which had recently invested $20 million into their core offering, a managed services platform for financials that was used by hundreds of customers. We did a Failure Mode Effect Analysis for them, looking at every component making up the major service—every…

Read More

  Web Application Security Our biggest research story of the year was our 2019 Application Protection Series, which focused on looking at an entire year of application-related breaches as well as a year of global web attack traffic. In that story, we noted how PHP vulnerabilities comprise 81% of the attack traffic, much of it…

Read More

Good or bad, the cloud adoption represents a new pathway for anyone to become a software startup without having to hire operations or infrastructure personnel. Although they can quickly get a minimally viable application up and running, that application may lack both robustness and security measures of more traditional, well-engineered systems. I’m pretty sure that…

Read More

EMEA’s mainstream media’s spotlight on ransomware attacks may have dimmed over the last 18 months but that doesn’t mean the threat has disappeared. There is certainly no room for complacency, and we would do well to pay attention to recent events across the pond. Far from diminishing in disruptive impact, ransomware attacks appear to have…

Read More

From tech giants and gamers to politicians and retailers, nobody is safe from today’s mutating threat landscape. 2019 was another frenzied maelstrom of cyberattacks, mitigations, pre-emptions and preventions, with the old (phishing and DDoS et al) rubbing havoc-wreaking shoulders with the new (new vistas in cyberwars, automation and AI). As ever, continuous pressure also begets…

Read More

Black Friday, Cyber Monday and the seasonal ecommerce feeding frenzy are always big news. Hyperactive online activity and potentially compromised purchasing, promotion and sales behaviours are like a red rag to a bull for enterprising cybercriminals. From denial of service (DoS) attacks shutting down retailers in their revenue-generating prime to ransomware campaigns extorting your hard-earned…

Read More

Security researchers at F5 Networks constantly monitor web traffic at various locations all over the world. This allows us to detect “in the wild” malware, and to get an insight into the current threat landscape.  In December 2019, security researchers detected a 100% increase in new threat campaigns as compared to November 2019. This was…

Read More

My Apple News app recently served up some targeted marketing that really hit home. There before me was the opportunity to purchase a limited-edition 11 Herbs & Spices Firelog from KFC and Envirolog, sold through Walmart. In addition to the advertising and sales mechanisms that brought me to this point, there are also all of…

Read More