Tag: Credential theft
We’re celebrating our one-year anniversary here at F5 Labs, the application threat intelligence division of F5! Although F5 researchers have been providing threat-related, F5-specific guidance to our customers for many years through DevCentral, the time was right a year ago today to launch a dedicated website that provides the general public with vendor-neutral, application-focused, actionable…
Read MoreEmail attachment containing wire transfer instructions Many buyers, in their eagerness to follow instructions to the letter so they can get into their new homes quickly, have followed similar wiring instructions and found themselves not only without a new home but stripped of their entire life savings—stolen by scammers. It nearly happened to Brown…
Read MoreIn the F5 and Ponemon report, The Evolving Role of CISOs and their Importance to the Business, security leaders were asked to rank their top threats to their security ecosystem. The number one answer was advanced persistent threats (ranked 8.8 out of 10). We’ve already talked about why CISOs should manage the most likely damaging…
Read MoreApplications are the lifeblood of our enterprises. Not many organizations can survive in a pencil and paper world. They are all dependent on IT with applications doing the heavy lifting of arranging, tracking, processing, communicating, and calculating daily business. But applications are no longer singular programs running on one computer, they are huge collections of…
Read MoreIt’s a sad state of Internet affairs when the US government must publish a US-CERT Alert about Russia targeting US entities through negligent network infrastructure misconfigurations.1 In Alert TA18-106A, US-CERT discloses that since 2015, the US government, in partnership with the UK, has been receiving data from numerous sources that “large numbers” of enterprise-class and…
Read MoreThe rise of poorly secured Internet of Things (IoT) devices has made it possible for attackers to gain access to targets of interest. Nation-states, spies, mercenaries, and others don’t need to dress up as repairmen to plant bugs in rooms anymore; they can just hack into a room that has vulnerable IoT devices. In May,…
Read MoreExecutive Summary Like coral reefs teeming with a variety of life, web applications are “colony creatures.” They consist of a multitude of independent components, running in separate environments with different operational requirements and supporting infrastructure (both in the cloud and on premises) glued together across networks. In this report, we examine that series of interacting…
Read MoreAttack Destination Ports The following ports in order of prevalence were targeted in the Singapore attacks: 5060 — clear text Session Initiation Protocol (SIP) 23 — Telnet remote management 1433 — Microsoft SQL Server database 81 — Alternate web server port for host-to-host communication 7547 — TCP port used by ISPs to remotely manage…
Read MoreIn July 2018, F5 released its first annual Application Protection Report based on the results of an F5-commissioned Ponemon survey of 3,135 IT and security practitioners across the globe. Additional research conducted by Whatcom Community College, University of Washington Tacoma, along with data from White Hat Security and Loryka served to make this one of…
Read MoreAny CISO who’s been around the block understands Erik’s words. So, let’s roll up our sleeves and get started by understanding the scope of the problem. Understand Needs The first step in any security project is to be sure you have a clear inventory of your asset and applications. Everything flows from them. For most,…
Read More