F5 Labs

Attackers probed Australian applications for vulnerabilities on the most commonly used ports, and credential stuffing attacks were prevalent.

Cloud security breaches happen, but how prevalent and dangerous are they? More than you might think.

DanaBot makes a strong resurgence at the end of 2019, using new tactics and techniques and expanding beyond its traditional banking targets.

Learn from the best CISOs how to handle the challenges of aligning technology and compliance with security architecture.

Latin American systems received more attacks from IP addresses within the region that coincidentally did not attack anywhere else in the world.

The U.S. and Canada have 95% of top source traffic countries in common.

Vulnerable web servers are the top target for threat actors, who continue to exploit known vulnerabilities with the goal of running commands remotely.

U.S. systems were heavily targeted by IP addresses in Russia, Moldova, and France that launched credential stuffing attacks on VNC port 5900 beginning in June 2019.

IP addresses assigned in Russia launched significantly more attacks against Middle East systems than any other regions of the world.

The widespread adoption of cloud services is causing a widespread expansion of the attack surface. F5 Labs' David Warburton writes for CSO Australia, discussing how you can still manage risk in an outsourced world.

A good starting point for improving API security is to develop a technical security standard (sometimes called API security policies) for each API. F5 Labs' Ray Pompon writes for Help Net Security, discussing how we can improve our API security.

Insertion point security used to be easy: protect the perimeter. F5 Labs' Preston Hogue writes for SecurityWeek, discussing the new reality of insertion point security in a world where apps are your perimeter.

The short, concentrated brief on the 2019 application threat landscape, and what you can do to protect your apps.

Threat actors shift focus away from cryptominers and back to remote code execution—this month with a new zero-day exploits.

In our 2019 edition of the Phishing and Fraud Report, we look at the latest methods and trends attackers are using to exploit the most vulnerable part of your defensive posture: your users.

There are three primary avenues to hack a U.S. election: voter registration, voting machines, and the voters themselves. We’ll dig into each and see which offers the most bang for the buck.

In this companion podcast, the 2019 F5 Labs Application Protection Report researchers examine how both apps and threats are changing, and what security practitioners can do to stay ahead of these changes.

How a Jenkins dynamic routing vulnerability becomes an attacker’s infection vector for installing and executing a cryptominer.

Learn what SQL injection is, how attackers use it to access sensitive data, and how to protect your organization from these attacks.

August 2019 was slowest month on record F5 researchers have seen in new threat activity. But while active exploitation slowed, new reconnaissance campaigns grew.