F5 Labs

With device developers rushing to build IoT as fast as they can, security can suffer.

Seven steps for improving the security of critical infrastructure systems—and protecting the public from unnecessary risk.

Laptops full of confidential data are still getting stolen, and public Wi-Fi hotspots are being booby-trapped. CISOs need to make users aware of the threat to prevent this from happening.

A big public breach is a teachable moment for both you and your organization.

IoT attacks show no signs of decreasing while infected IoT devices go un-remediated, and discovery of new thingbots is at a decade-long high.

Reaper is just one more blinking light in the faces of the InfoSec community reminding us that we need to get ahead of IOT madness.

F5 Labs' David Holmes writes for Security Week, discussing the adoption and barriers of Perfect Forward Secrecy.

The same rTorrent XML-RPC function configuration error that was targeted to mine Monero in February was also targeted in January in a campaign apparently spoofing user-agents for RIAA and NYU.

Memcached is just one of many application infrastructure systems that could launch the same types of attacks if they were also misconfigured.

A previously undisclosed misconfiguration vulnerability in the rTorrent client is being exploited in the wild to mine Monero.

When new technology initiatives are approached in the right way, organizations can implement them, mitigate risk, and provide the best user experience.

The same drop zone server used last week to mine Monero on compromised Jenkins automation servers is now being used in a new Monero mining campaign targeting Oracle Web Logic servers.

As the black-market price for stolen data declines, attackers turn to cryptojacking schemes to maximize their profits—all at your expense.

Risk transfer strategies allow you more time to focus on your business.

Real estate scams are big business for attackers. Be on the lookout for this one, which can leave home buyers destitute if not caught in time.

As security expertise becomes more scarce, CISOs are turning to machine learning to do more with fewer people.

Critical lessons can be learned from others’ mistakes. Don’t learn the hard way; heed the warnings from our research.

F5 Labs covered a multitude of threats, vulnerabilities, botnets, attackers, and attacks in 2017. Here are just some of the highlights you might have missed.

If you’re not evaluating risk in terms of likelihood and impact, you could be focusing your security efforts in all the wrong places.

Accept that breaches are inevitable in today’s world, then take these steps to reduce the chances of a large-scale, headline-making compromise.