Recently there have been several reports of a financial malware named TrickBot; this malware's code looks similar to Dyre. Source link lol
Read MoreThe problem is that real-time, actionable visibility – especially at the application layer where it’s increasingly critical – is often elusive to achieve. Even though we know it’s important to security efforts. To wit, in our State of Application Security 2016, the majority (57%) of respondents said a lack of visibility in the application layer is preventing strong…
Read MoreFigure 1: How an LDAP reflection-amplification attack works LDAP’s Weak Spot LDAP is used to query resources such as networks, systems, applications, and services throughout an organization network. This protocol is typically served over TCP, which requires a connection to be established before data is transferred. But, in this case, because the source IP address…
Read MoreTrickbot, the latest arrival to the banking malware scene and successor to the infamous Dyre botnet, is in constant flux, and its authors are continually adding new targets and functionality. F5 malware researchers have been monitoring Trickbot and have uncovered a new variant that substantially increases the number of German banks being targeted. Trickbot was…
Read MoreI’ve mentioned before how important strong risk management is to a CISO1. When it comes to risk, the applications our users depend on are a big concern. In a 2016 security survey2 conducted by Ponemon Institute on behalf of F5, a majority of respondents cited security around applications as an area of great concern. It makes…
Read MoreSo far, we’ve seen IoT Distributed Denial-of-Service (DDoS) attacks on a Death Star scale. Even if your organization wasn’t a direct target of these giant barrages, many others were caught up as collateral damage because they had services adjacent or dependent on the direct target. Because of this, many organizations are preparing or strengthening their…
Read More
Apr 24, 2024NewsroomMalware / Data Security A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected…
Read MoreHi. I’m Mike Convertino, CISO of F5 Networks, and I want to welcome you to an experiment we’re conducting here at F5. We’ve laid the foundation of this CISO to CISO portal on an idea that has traditionally been somewhat controversial in the security community: openness. As you may or may not know, I spent…
Read MoreAutomation Risks There are a number of container and automation frameworks out there that seek to make scale as effortless as the click of a mouse. Some of them are rising quickly due to the excitement over containers, like Mesos and Kubernetes. Others have been around for a while—think Puppet, Chef, VMware, Cisco, and OpenStack.…
Read MoreIn just four short years, a healthy dose of paranoia about individual privacy as well as emerging support for encryption by browsers, social media sites, webmail, and SaaS applications have pushed encryption estimates from almost non-existent (in the low single digits before 2013) to just over 50% by the end of 2016. That’s quite a…
Read More