Category: Kamban
Intro The F5 Application Protection Report podcast returns for 2019! Last year, F5 Labs researchers examined the entire landscape of threats facing applications, and offered guidance on how to protect them. This year, they followed up with another research series that examined how both apps and threats are changing, and what security practitioners can do…
Read MoreIntroduction Welcome to F5 Labs’ third annual report on phishing and fraud. Once again, we’re bringing you data from our partner Webroot® as well as the F5 Security Operations Center. Phishing continues to be a major source of profit for cyber-criminals, and a big hassle for cyber-defenders. In the F5 Labs 2019 Application Protection Report,…
Read MoreViewed in this way, our research illuminates some interesting aspects of the current state of security. In 2018, to the extent that new attack techniques and approaches emerged, it was largely in response to changes in how organizations design, create, and manage applications. The context that makes old attack techniques like injection and phishing newly…
Read MoreAttacks Types of Top Attacking IP Addresses Of the top 50 IP addresses attacking systems in the U.S., the most IP addresses were assigned in the U.S. (40%). The remainder of the top 50 attacking IP addresses were geographically distributed around the globe with 14% coming from South Korea, 6% each coming from Russia and…
Read MoreAttacks Types of the Top Attacking IP Addresses The top 50 IP addresses attacking systems in Canada were geographically spread fairly evenly. Eight percent are assigned to South Korea, and closely following, with 7% are assigned in the U.S. Though smaller in number, the three Canadian IP addresses in the top attacking IP address list…
Read MoreCompletely investigating the underlying server architecture and CNC structure of banking trojans such as DanaBot is an area of continuing research for the F5 malware team. Conclusion As with all banking trojans, DanaBot actively updates its tactics, techniques, and target list to both avoid detection and maintain continual operations to optimize the attacker’s financial reward.…
Read MoreF5 Labs, in conjunction with our partner Baffin Bay Networks, research global attack traffic region to region to gain a deeper understanding of the cyber threat landscape. Aside from attack campaigns targeting the entire Internet (IPv4 address space), the attack landscape varied regionally in terms of sources, targets, and attack types. In addition, targeted ports exposed…
Read MoreF5 Networks researchers have detected a new variant of the “Echobot” malware, now consisting of 71 exploits. The authors continue to follow the trend of arming the malware and for the threat group to expand its operation. These newly added exploits target both old and new vulnerabilities, adding as new ones target industrial control system…
Read MoreIntroduction F5 Labs, in conjunction with our partner Baffin Bay Networks, research global attack traffic region to region to gain a deeper understanding of the cyber threat landscape. Aside from attack campaigns targeting the entire Internet (IPv4 address space), the attack landscape varies regionally in terms of sources, targets, and attack types. In addition, targeted…
Read MoreConclusion This latest Gafgyt campaign shows that the malware is evolving and taking on techniques used by other malware authors. Those interested in building botnets don’t need to go far in order to find source code to create their own. Botnets for service are also common and easy to buy. They are advertised on a…
Read More