F5 Labs

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled.

With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure of the future.

This series explores how InfoSec practitioners can use math, technology, and critical thinking to mitigate risk in a world where networks and data have surpassed the scope of human comprehension.

Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon?

As TrickBot evolves, we examine version 24, which heavily targets Nordic financial institutions, and we take a close look at the Dyre–TrickBot connection.

Protecting our critical infrastructure is everyone’s responsibility, and there are many ways we can all do our part.

The personal and job-related information that employees often innocently post on various websites makes it easy for phishers to pull off their scams.

A veteran auditor told us how organizations fail audits. Here are six detailed strategies to help you achieve success.

Safeguarding TLS against attack in the quantum computing age will require changes to today’s TLS key exchange algorithms.

Savvy organizations that understand the gravity of cyber security are giving CISOs a voice at the executive table.

In this five-part blog series, we look at how cyber scammers vacuum up information across the Internet to build profiles for phishing and other kinds of social engineering attacks.

A veteran auditor walks through where he’s seen organizations fail during audit.

Recent NSA and CIA leaks exposed advanced new techniques for building automated malware factories that churn out threats like SambaCry and Petya/NotPetya, which deploy over untraceable networks.

Understanding the customer segment of your organization is critical to developing a strategy that ensures regulatory compliance.

An undercover interview of two infamous Russian hackers speak volumes about skills, passion, and motivation of some of the world’s most dangerous cybercriminals.

TrickBot shows no signs of slowing down as new targets are added and command and control servers hide within web hosting providers’ networks.

Sometimes, CISOs spin their wheels doing useless security activity that only looks productive from the outside.

Facing data breach disclosure requirements across the globe, organizations need to be prepare in advance to respond well.

Providers and manufacturers could go a long way toward reducing the very real threat of IoT.