Kartwheel News

Cyber stories

Tag: Threat Modeling

IoT: Moving to Security by Design

With the explosive growth of the Internet of Things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks. The Named Data Networking project can play a critical role, Holmes says in an interview with…

Read More

How Secure Are Your Third-Party Web Apps?

It’s inevitable. Every organization needs externally-developed applications to some degree or another. Increasingly, these apps are web-based and accessed over the Internet. As part of a forthcoming report on protecting applications, F5 commissioned a survey with Ponemon. In it, we asked security professionals what percentage of their applications (by category) were outsourced. The top answers…

Read More

The Business of Organised Cybercrime

Team leader, network administrator, data miner, money specialist. These are just some of the roles making a difference at today’s enterprises. The same is also true for sophisticated cyber-gangs. Many still wrongly believe that the dark web is exclusively inhabited by hoodie-clad teenagers and legions of disaffected disruptors. The truth is, the average hacker is…

Read More

What To Do When Your Company Tells You They’re Making a Mobile App, Part 1

Then there are the technical questions that need to be answered. What data will be captured, shared, and processed? What mobile platforms will the app run on? What server-side platforms will it need to talk to? Internal platforms? Third-party services? You also need to dig into the questions of expectations and dependencies. How important will…

Read More

What To Do When Your Company Tells You They’re Making a Mobile App, Part 2

In part one, we laid out how we should react when our organization tells us they want to roll out a mobile app. Short answer: don’t say no, but instead ask lots of questions. After that, we built a threat model that includes the mobile-specific twists on traditional IT security problems. Using this model, we…

Read More

MITRE ATT&CK: What It Is, How it Works, Who Uses It and Why | F5 Labs

What Is MITRE ATT&CK®? MITRE ATT&CK is a documented collection of information about the malicious behaviors advanced persistent threat (APT) groups have used at various stages in real-world cyberattacks. ATT&CK, which stands for Adversarial Tactics, Techniques, and Common Knowledge, includes detailed descriptions of these groups’ observed tactics (the technical objectives they’re trying to achieve), techniques…

Read More

Recent Posts

Recent Comments

No comments to show.