F5 Labs

Known for redirection attacks, recent Trickbot banking trojan campaigns use server-side injection and target fewer victims.

Attacks against exchanges, exit scams and nation-state threats mean that cryptocurrencies retain their Wild West character in 2019.

Ransomware is ramping up, especially in the public sector. The key to stopping these attacks is to focus on the ransomware attack vectors.

We detail the steps for decrypting and decompressing IcedID webinject files, enabling researchers to analyze IcedID samples and pull out target and web injection files.

Security in the cloud can be even stronger than on-premises, but only if the security team gets involved early and understands some critical differences from on-premises.

In July, vulnerable web servers continued to be the target of threat actors attempting to install cryptominers.

For every digital transformation enabled by apps, the application itself is a primary target, along with the business logic it supports and all its underlying data. F5 Labs' Preston Hogue writes for SecurityWeek, discussing how we can keep up with digital complexity in an app-enabled world.

An overview of the types of countermeasures security practitioners use to reduce risk.

Cloud security is not as straightforward as we’ve been led to believe, but it’s achievable by focusing first on control objectives instead of controls.

The way we build, provision, maintain and secure apps continues to evolve. F5 Labs' Preston Hogue writes for SecurityWeek, discussing the adaptation ChatOps, a DevSecOps model.

API use has grown tremendously, but security is lagging, creating easy targets for attackers.

Learn about banking trojans, how they work, and how the various malware families continually evolve to remain virulent.

This episode in The Hunt for IoT Volume 6 series focuses on the threat actors building IoT botnets, how easy IoT devices are to exploit, recent thingbot discoveries, and the status of Mirai infections worldwide.

Kazakhstan is now asking its citizens to install digital certificates so that it can decrypt all online communications. Their methods, however, may leave the population vulnerable to cyber attacks for many years to come.

Similar to April and May, threat actors in June continued targeting the deserialization vulnerabilities found in Oracle WebLogic to mine cryptocurrency.

A vast majority of organisations have no visibility into encrypted traffic, nor do they have protection against automated attackers. F5 Labs' Preston Hogue writes for CSO Australia, discussing the integrity of encryption.

Attackers use the Domain Name System (DNS) as a weapon against unsuspecting victims to bring down their websites.

Find out why we care so much about application security, how applications have grown into the weird beasts that they are today, and how our work fits into the bigger picture of securing and running an application.

Lori Mac Vittie writes for Network Computing, describing why serverless security doesn't have to be a struggle if you pay attention to the apps and focus on securing them.

In this companion podcast, the researchers who created the F5 Labs Application Protection Report discuss their findings, and share the details and backstories that helped shape the final report.