Editor’s Note: F5 Labs is a threat research and analysis team within F5 Networks. As a relatively small team of researchers, evangelists, and writers who produce vendor-neutral threat-related content, we look forward every summer to the opportunity to bring in a college intern to help us with special research and data analysis projects. In the…
Read MoreRansomware is not the hottest topic around right now. But that may be deceptive as to its proliferation, because figures show it is still very much alive and kicking. It only takes a quick glance at the rest of the world to see the devastating effects ransomware attacks can have on public and private sector…
Read MoreCredential Stuffing Causes Outages It’s not hard for attackers to find poorly defended web logins. Many sites often have only a basic web application firewall (WAF), or nothing at all. Many WAFs do not detect or defend against credential stuffing attacks. In general, WAFs are designed to block application attacks, malformed requests, and web exploits.…
Read MoreThese kinds of incidents make it clear that the development teams behind these applications assumed that APIs were difficult to find. In all likelihood, they were prioritizing both application functionality and development speed over security. In other words, they “just had to get it to work.” This is a practical illustration of our thesis from…
Read MoreLooking back at 2020, it was obvious even at the time that everything had changed forever. The COVID-19 pandemic left nothing as it was. It brought disruption and loss to everyone. For security and IT staff, it also ushered in the Great Remote Access Experiment. Our work was suddenly thrust into the limelight, but without…
Read MoreThe sight of empty supermarket shelves during the COVID-19 pandemic brought home the fragility of our food supply chain. We can all see the importance of ensuring the security of the farming and agriculture industry. However, farming is becoming increasingly automated. This means new cybersecurity risks are emerging to stand alongside traditional risks like the…
Read MoreHidden Malware, Crouching Ransom One reason ransomware can appear to strike so quickly is because you only notice it once it’s too late. “Just because they’re in your network doesn’t mean you’ll see them,” notes Peck. “Ransomware and attackers often linger long before the ransomware goes active and begins encrypting your data.” The ransomware may…
Read MoreBack in the day, the theft and loss of backup tapes and laptops were the primary causes of data breaches. That all changed when systems were redesigned and data at rest was encrypted on portable devices. Not only did we use technology to mitigate a predictable human problem, we also increased the tolerance of failure.…
Read MoreJWT brings performance to identity assertion and is being widely adopted, but it’s also garnering the attention of cybercriminals. Source link lol
Read MoreBy now, it is obvious to everyone that widespread remote working is accelerating the trend of digitization in society that has been happening for decades. What takes longer for most people to identify are the derivative trends. One such trend is that increased reliance on online applications means that cybercrime is becoming even more lucrative.…
Read More