Tag: Services Tier
Good or bad, the cloud adoption represents a new pathway for anyone to become a software startup without having to hire operations or infrastructure personnel. Although they can quickly get a minimally viable application up and running, that application may lack both robustness and security measures of more traditional, well-engineered systems. I’m pretty sure that…
Read MoreSecurity researchers at F5 Networks constantly monitor web traffic at various locations all over the world. This allows us to detect “in the wild” malware, and to get an insight into the current threat landscape. In December 2019, security researchers detected a 100% increase in new threat campaigns as compared to November 2019. This was…
Read MoreWhat Does a Typical Brute Force Attack Look Like at a Service Provider? Brute force attack methods vary. It’s not uncommon, for example, for mobile phone service providers to encounter unauthorized online account activity in which an attacker accesses accounts by trying a phone number in combination with a PIN code. These types of attacks…
Read MoreWelcome to the Summary of the 2019 F5 Labs TLS Telemetry Report. This year, we expanded the scope of our research to bring you deeper insights into how encryption on the web is constantly evolving. We look into which ciphers and SSL/TLS versions are being used to secure the Internet’s top websites and, for the…
Read MoreAttack Types of Top Attacking IP Addresses Many of the IP addresses attacking American systems during the winter of 2019 were involved with abusive port scanning activity. As noted in the Top Target Ports section, Microsoft SMB port 445 was the highest targeted port. We continue to observe high levels of attack traffic pointed toward…
Read MoreF5 Labs, in conjunction with our partner Baffin Bay Networks, researches global attack traffic region to region to gain a deeper understanding of the cyberthreat landscape. Aside from attack campaigns targeting the entire Internet (IPv4 address space), the attack landscape varies regionally in terms of sources, targets, and attack types. In addition, targeted ports expose…
Read MoreMirai is an IoT botnet (or thingbot) that F5 has discussed since 2016. It infamously took down large sections of the Internet in late 2016 and has remained active ever since. Its source code was released online in September 2016, allowing unskilled attackers to create a malicious botnet with relative ease. Mirai continues to target…
Read MoreAuthentication Attacks: Growing Every Year Credential stuffing and brute force attacks have been the biggest threats for financial services recently, and the trend shows no sign of slowing. This is unsurprising, given the capability that legitimate credentials represent for attackers. If attackers are able to guess or simply re-use already compromised credentials and gain access…
Read MoreThis is the full-spectrum, director’s cut version of the Application Protection Report, untrammeled by petty concerns like brevity or toner prices (for the shorter version, please see our Summary). This report pulls together the various threats, data sources, and patterns in the episodes into a unified line of inquiry that began in early 2019, picking…
Read MoreThe Application Protection Research Series is an ongoing project at F5 Labs that provides an overarching view of the application security landscape. While detailed analyses of specific attacks are critical for defenders to adapt to emerging techniques, it is easy to overemphasize tactics over strategy if those kinds of analyses are the only thing we…
Read More