F5 Labs

DDoS attacks have been common since the late 2000s, but average attack peaks have increased to 100+ Gbps.

Anonymous commoditizes well-known DDoS attacks by making easy-to-use tools, available to even the most unsophisticated user.

Webinject crafting is a separate profession now. Hackers write webinjects and sell them to fraudsters, who use them to weaponize Trojans.

Ongoing campaign analysis has revealed that Dridex malware's latest focus has strongly shifted in recent months to US banks.

Like many other financial Trojans, the notorious Dridex malware keeps evolving and strengthening its presence.

Standard mobile banking trojans post their own fraudulent content over banking applications. Yasuo-Bot goes further.

Webinject attacks modify webpages to allow fraudsters to collect credentials, or act more directly against user accounts.

Dyre malware requires little introduction as it has been the focus of many publications, and it is a well-known threat. One of the reasons for it being so infamous is the frequent changes the authors incorporate in...

Slave is financial malware written in Visual Basic. Since 2015 it has evolved from relatively simple IBAN swapping.

VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.

Dyre is one of the most sophisticated banking malware agents in the wild.

Tinba, also known as "Tinybanker", "Zusy" and "HµNT€R$", is a banking Trojan.

Shellshock can take advantage of HTTP headers as well as other mechanisms to enable unauthorized access to Bash.

Despite being around since 2005, perlb0t is still being used against unpatched servers.