As I write this, the industry is still wagging its fingers at the latest big breach. But in the time that it takes to get this published, there could easily be another colossal security disaster that leaves large numbers of people’s private information exposed. And with every headline announcing a security failure comes the anger…
Read MoreWe’ve heard this story before: an employee leaves a laptop in their car and it gets stolen. In January 2018, 43,000 patients had their personal medical history exposed in this manner.1 In fact, stolen physical devices containing confidential data were the cause of over a million records leaked in 2017 alone. A recent article in…
Read MoreLast week, a malware campaign targeting Jenkins automation servers was reported by CheckPoint researchers.1 The attackers exploited a deserialization vulnerability2 in Jenkin’s bidirectional channel (CVE-2017-1000353)3 to deploy Monero cryptomining malware that generated an estimated profit of $3 million. Following this disclosure, F5 researchers observed what appears to be the same threat actor group, as they…
Read More
Breaches are inevitable due to the asymmetry of attacks – carpet checks versus guerilla warfare. Companies – regardless of size – have been breached. For years, security leaders have spoken about the myth of the infallible Protection doctrine and reasons for improving on detection, response, and recovery. We broached on the need for threat intelligence,…
Read MoreOne thing to consider about the Q1 2018 data is that it’s only one quarter in comparison to the annual averages of 2016 and 2017, and that Q1 typically receives the least number of attacks of any quarter. If attacks against North America decline in Q2, as they have done the past 2 years, the…
Read MoreWith the explosive growth of the Internet of Things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks. The Named Data Networking project can play a critical role, Holmes says in an interview with…
Read MoreF5 threat researchers detected attackers actively exploiting the rTorrent client through a previously undisclosed misconfiguration vulnerability and deploying a Monero (XMR) crypto-miner operation. The rTorrent client misconfiguration vulnerabilities include: No authentication required for XML-RPC communication Sensitive XML-RPC method is allowed (direct OS command execution) Attackers are actively exploiting this vulnerability in the wild by scanning…
Read MoreCISOs could always use more help, it’s as simple as that. As part of an upcoming report on protecting applications, F5 engaged Ponemon to survey security professionals. The survey found that 44% of respondents reported “lack of skilled or expert personnel” as the “main barrier to achieving a strong application security posture.” Our previous F5…
Read More
Hypothesis-driven threat hunting is a tailored, proactive, and deeply analytical approach to cybersecurity. It leverages the acumen of seasoned security experts to predict and pre-empt potential attack vectors, delivering a dynamic and robust defense against the sophisticated threats that modern enterprises face. What Is Hypothesis-Driven Threat Hunting? Hypothesis-driven threat hunting is a proactive cybersecurity program…
Read MoreThe security community was just taking a breather because we hadn’t seen a massive DDoS attack since the Mirai thingbot took down Dyn in October 2016 with a 1.2 terabit per second DDoS attack. Yesterday, that world record attack was broken when GitHub was hit with a 1.3 terabit per second DDoS attack.1 This attack…
Read More