F5 Labs

A Mirai variant named Echobot appeared mid-2019. Echobot has been seen expanding its arsenal to 71 exploits, targeting SCADA systems and IoT devices.

Europe saw more in-region attack traffic—the hardest kind to filter out—than any of the 8 regions of the world we analyzed.

Europe saw more in-region attack traffic—the hardest kind to filter out—than any of the 8 regions of the world we analyzed.

Attackers probed Australian applications for vulnerabilities on the most commonly used ports, and credential stuffing attacks were prevalent.

Attackers probed Australian applications for vulnerabilities on the most commonly used ports, and credential stuffing attacks were prevalent.

Cloud security breaches happen, but how prevalent and dangerous are they? More than you might think.

Cloud security breaches happen, but how prevalent and dangerous are they? More than you might think.

DanaBot makes a strong resurgence at the end of 2019, using new tactics and techniques and expanding beyond its traditional banking targets.

DanaBot makes a strong resurgence at the end of 2019, using new tactics and techniques and expanding beyond its traditional banking targets.

Learn from the best CISOs how to handle the challenges of aligning technology and compliance with security architecture.

Learn from the best CISOs how to handle the challenges of aligning technology and compliance with security architecture.

Latin American systems received more attacks from IP addresses within the region that coincidentally did not attack anywhere else in the world.

Latin American systems received more attacks from IP addresses within the region that coincidentally did not attack anywhere else in the world.

The U.S. and Canada have 95% of top source traffic countries in common.

The U.S. and Canada have 95% of top source traffic countries in common.

Vulnerable web servers are the top target for threat actors, who continue to exploit known vulnerabilities with the goal of running commands remotely.

Vulnerable web servers are the top target for threat actors, who continue to exploit known vulnerabilities with the goal of running commands remotely.

U.S. systems were heavily targeted by IP addresses in Russia, Moldova, and France that launched credential stuffing attacks on VNC port 5900 beginning in June 2019.

U.S. systems were heavily targeted by IP addresses in Russia, Moldova, and France that launched credential stuffing attacks on VNC port 5900 beginning in June 2019.

IP addresses assigned in Russia launched significantly more attacks against Middle East systems than any other regions of the world.