F5 Labs

When you must depend on third parties for a variety of products and services, it’s critical that you hold them to high security standards.

When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.

Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.

Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.

Organizations need to provide clear and specific guidance to employees who travel across national borders when it comes to giving up passwords and surrendering devices.

Personally identifiable information and user credentials are the primary nuggets attackers are after when they exploit known vulnerabilities in web applications.

Security breaches in the news serve as a good reminder to check and make sure you have a solid application protection strategy in place, starting with never trusting user input.

What's the other half? And why don't organizations just find and fix their own bugs?

Legislation is a good first step toward persuading IoT manufacturers (who want to stay in business) to do the right thing when it comes to the security of their devices.

Stop feeding attackers every piece of the puzzle they need to pull off their scams.

Far from a dying breed, cryptocurrencies are not only evolving but being accepted in countless new markets. CISOs need to know the ins and outs, pros and cons.

As enterprises more closely align their security and IT operations, they still struggle to shift their security programs from reactive to proactive.

TrickBot kicked into high gear coming into August with the most targeted URLs since its launch. It released a new worm module, shifted its focus towards the US, and soared past the one thousand target URL mark in a single configuration.

There’s a lot of hype surrounding cryptocurrencies, but what’s good for currency traders may not be great for security-minded professionals.

Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

According to Verizon’s 2014 Data Breach Investigations Report, “Web applications remain the proverbial punching bag of the Internet.” Things haven’t improved much since then. What is it about web applications that makes them so...

Cyber crooks use several common URL disguising techniques to trick users into thinking their sham sites are legitimate.

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

The Internet is full of information about your company that’s easily accessible to anyone and particularly useful to attackers.