Tag: Phishing
Black Friday, Cyber Monday and the seasonal ecommerce feeding frenzy are always big news. Hyperactive online activity and potentially compromised purchasing, promotion and sales behaviours are like a red rag to a bull for enterprising cybercriminals. From denial of service (DoS) attacks shutting down retailers in their revenue-generating prime to ransomware campaigns extorting your hard-earned…
Read MoreWelcome to the Summary of the 2019 F5 Labs TLS Telemetry Report. This year, we expanded the scope of our research to bring you deeper insights into how encryption on the web is constantly evolving. We look into which ciphers and SSL/TLS versions are being used to secure the Internet’s top websites and, for the…
Read MoreAuthentication Attacks: Growing Every Year Credential stuffing and brute force attacks have been the biggest threats for financial services recently, and the trend shows no sign of slowing. This is unsurprising, given the capability that legitimate credentials represent for attackers. If attackers are able to guess or simply re-use already compromised credentials and gain access…
Read MoreThis is the full-spectrum, director’s cut version of the Application Protection Report, untrammeled by petty concerns like brevity or toner prices (for the shorter version, please see our Summary). This report pulls together the various threats, data sources, and patterns in the episodes into a unified line of inquiry that began in early 2019, picking…
Read MoreHidden Malware, Crouching Ransom One reason ransomware can appear to strike so quickly is because you only notice it once it’s too late. “Just because they’re in your network doesn’t mean you’ll see them,” notes Peck. “Ransomware and attackers often linger long before the ransomware goes active and begins encrypting your data.” The ransomware may…
Read MoreExecutive Summary Phishing remains a popular method of stealing credentials, committing fraud, and distributing malware. But what appears on the surface to be a juvenile form of cybercrime can be, in practice, a well-orchestrated, multi-faceted, and sustained attack campaign by organized crime groups. From finding victims and creating phishing sites to harvesting and fraudulently using…
Read MoreIn the fall of 2020, many countries began to require that travelers test negative for the new coronavirus before crossing their borders. As with anything of value, a black market soon emerged. Travelers could illicitly purchase forged negative COVID-19 test results and try to fake their way through the checkpoint. Goodness knows, we’ve already seen…
Read More
APIs and Sectors As more APIs are published, both by large enterprises who want to make their data more available (such as Google) and by smaller, industry-specific organizations hoping to generate value, some interesting industry patterns are also emerging. Of the organizations for which we had sector information, social networking organizations made up the largest…
Read MoreSo How Good Are Sectors for Predicting Risk? Based on these analyses, it appears that the answer is “not bad, but it depends.” On one hand, we can identify specific patterns that seem to map to characteristics about those sectors. We already knew that the Retail Trade sector is heavily targeted by attacks that are…
Read MoreAttackers are always on the lookout to compromise digital identities. A successful account takeover allows a cybercriminal to impersonate a genuine user for monetization purposes. Enterprises large and small have utilized various means to secure someone’s digital identity, and credentials are the starting point. F5 Labs 2021 Credential Stuffing Report indicates that 1.8 billion credential…
Read More