Tag: Credential stuffing
Sure, the C&C list is a small sample size, and C&C hosts come and go quickly. This list is in no way exhaustive—it’s just a snapshot in time from last quarter. But for a breakdown of the domain hosting services, see the end of this article. “Yes, I really am a C&C server.” A…
Read MoreWe’re celebrating our one-year anniversary here at F5 Labs, the application threat intelligence division of F5! Although F5 researchers have been providing threat-related, F5-specific guidance to our customers for many years through DevCentral, the time was right a year ago today to launch a dedicated website that provides the general public with vendor-neutral, application-focused, actionable…
Read MoreThe first time I heard about distributed brute-force login attacks was from master web application firewall (WAF) administrator Marc LeBeau. At the time he was defending a hotel chain against attackers who were brute-force guessing customer passwords and withdrawing hotel points. According to LeBeau, there’s a popular attack vector among brute-force attackers right now that…
Read MoreRussia Attacks Global Network Infrastructure Through Vulnerabilities That Extend Far Beyond Their Targets
- by nlqip
It’s a sad state of Internet affairs when the US government must publish a US-CERT Alert about Russia targeting US entities through negligent network infrastructure misconfigurations.1 In Alert TA18-106A, US-CERT discloses that since 2015, the US government, in partnership with the UK, has been receiving data from numerous sources that “large numbers” of enterprise-class and…
Read MoreThe rise of poorly secured Internet of Things (IoT) devices has made it possible for attackers to gain access to targets of interest. Nation-states, spies, mercenaries, and others don’t need to dress up as repairmen to plant bugs in rooms anymore; they can just hack into a room that has vulnerable IoT devices. In May,…
Read MoreExecutive Summary Like coral reefs teeming with a variety of life, web applications are “colony creatures.” They consist of a multitude of independent components, running in separate environments with different operational requirements and supporting infrastructure (both in the cloud and on premises) glued together across networks. In this report, we examine that series of interacting…
Read MoreEver wonder what security professionals see as their main barrier to achieving a strong application security posture? We wondered that, too, so we asked them. As part of F5 Labs’ first annual Application Protection Report, F5, in conjunction with Ponemon Institute, surveyed security professionals on a slew of security-related topics. In answer to this particular…
Read MoreAttack Destination Ports The following ports in order of prevalence were targeted in the Singapore attacks: 5060 — clear text Session Initiation Protocol (SIP) 23 — Telnet remote management 1433 — Microsoft SQL Server database 81 — Alternate web server port for host-to-host communication 7547 — TCP port used by ISPs to remotely manage…
Read MoreIn July 2018, F5 released its first annual Application Protection Report based on the results of an F5-commissioned Ponemon survey of 3,135 IT and security practitioners across the globe. Additional research conducted by Whatcom Community College, University of Washington Tacoma, along with data from White Hat Security and Loryka served to make this one of…
Read MoreAny CISO who’s been around the block understands Erik’s words. So, let’s roll up our sleeves and get started by understanding the scope of the problem. Understand Needs The first step in any security project is to be sure you have a clear inventory of your asset and applications. Everything flows from them. For most,…
Read MoreRecent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA