Saturday, December 26, 2020

Phishing During a Pandemic

 #F5Labs 2020 Phishing and Fraud Report. #Phishing remains a popular method of stealing credentials, committing fraud, and distributing malware. In its crudest forms it might appear to be juvenile; but it’s often part of a well-orchestrated, multi-faceted, and sustained attack campaign by organized crime groups. Get all the details of Phishing & Fraud trends for 2020: https://www.f5.com/labs/articles/threat-intelligence/2020-phishing-and-fraud-report


How Cyber Attacks Changed During the Pandemic

 #F5 SIRT reviewed all the reported security incidents from January through August 2020 to see how the pandemic changed the cyberthreat landscape. Hint: #DDoS attacks dominated the pandemic lockdown. Learn more: https://www.f5.com/labs/articles/threat-intelligence/how-cyber-attacks-changed-during-the-pandemic

So let’s start the clock to see How Cyber Attacks Changed During the #Pandemic.


Friday, November 6, 2020

How Credential Stuffing Bots Bypass Defenses

 Learn more about #Credential Stuffing #Bots and how you can defend against them. Read the full article: https://www.f5.com/labs/articles/threat-intelligence/how-credential-stuffing-bots-bypass-defenses

Cloud Interconnection with F5 & Equinix

 Learn how the simplified Interconnection Oriented Architecture (IOA) from #F5 and #Equinix helps IT departments solve the need for mobile and dispersed user access to their cloud infrastructure(s) in a multi-cloud environment.

Learn more: https://www.f5.com/services/resources/use-cases/a-secure-equinix-gateway-to-the-cloud
This architecture allows for services to be deployed at the edge of, or next to the cloud resulting in Fewer hops, Dramatically lower latency, Fault-proof security & Lower Network transport costs - as much as 80% lower. This ‘edge’ architecture provides a natural point for traffic control by having centralized policy control and Security policy enforcement, access control and other services like DDoS protection, AAA and WAF.


Wednesday, September 2, 2020

F5 Labs' 2020 Application Protection Report - Volume 1

The Application Protection Research Series is an ongoing project at #F5Labs that provides an overarching view of the application security landscape. This Volume covers Application programming interfaces, or #API, which are the most prominent and grave example of an architectural change driving actualized risk. To learn more about the 2020 #APR and understand security controls that are recommended to protect against API attacks, visit F5Labs for the full research.


Prioritizing Vulnerability Management Using Machine Learning

Learn about a A Data-Driven Approach to Vulnerability Management. Cyentia Institute and Kenna Security teamed up to analyze several years of vulnerability data using machine learning to create a predictive model called Exploit Prediction Scoring System (#EPSS) model. #F5Labs has all the details


Top Attacks Against Financial Services Orgs 2017-19

The Financial Services industry has distinct needs when it comes to information security. It’s one of the largest targets with Attackers looking for that big score. It is also heavily regulated, with a low appetite for risk. Peter Silva shares how attackers have been realizing their dreams via two vectors and why smart attackers take a less aggressive, more patient approach. F5 Labs has all the details


F5 Labs 2019 TLS Telemetry Report

 #TLS Trends for 2019! With some data from GitHub Security Lab, the F5 Labs Threat Intelligence team recently published their 2019 TLS Telemetry Report. Transport Layer Security is the current iteration of SSL and over 86% of web pages are delivered over secure HTTPS connections. Encryption on the web is constantly evolving and TLS is the protocol of choice. So, let’s start the clock for some insights from F5 Labs 2019 TLS Telemetry Report.


F5 SIRT's Top Threats for Spring 2020

Find out what threats topped F5 Security Incident Response Team's (f5.com/SIRT) emergency response list for Spring 2020. Last year we gave you the F5 SIRT’s Top Threat for Summer 2019 – Credential Stuffing – so let’s start the clock to see how things are shaping up as we make our way into 2020. And, if you're under attack F5 SIRT can help: f5.com/sirt


#f5SIRT #90SecondsOfSecurity

Sunday, April 5, 2020

Connect to the F5 VPN with BIG-IP Edge Client

Your organization may have F5 BIG-IP APM for VPN access. See how you can connect to your org's VPN using the BIG-IP Edge Client along with Chrome, Microsoft Edge and Firefox browsers. How to authenticate, do MFA, check settings and what is split-tunneling. You can also get the F5 Access mobile app for iOS, Android and Windows Phone from the respective app stores.


 

ps

Remote Desktop Protocol (RDP) using an SSL VPN

Returning to the F5 DevCentral Lightboard, I explain why its a bad idea to expose RDP to the internet and how using a SSL VPN like BIG-IP APM is a much safer and better idea.



ps

Wednesday, March 4, 2020

90 Seconds of Security: What is Common Vulnerability Scoring System (CVSS)

CVSS is an open framework for communicating the characteristics and severity of software vulnerabilities. Learn how a vulnerability gets scored by using the Base, Temporal, and Environmental metric groups. #CVSS helps organizations determine what’s the risk and what vulnerability do I patch first?!? F5 SIRT (https://f5.com/sirt) can also help if you have exposed vulnerabilities being exploited.


90 Seconds of Security: What is Common Vulnerabilities & Exposures (CVE)

The Common Vulnerability & Exposures or CVE provides definitions for all publicly known cybersecurity vulnerabilities and exposures. Understand what happens when a potential security vulnerability or exposure is reported, how it’s assigned a CVE ID by a CVE Numbering Authority and how they describe vulnerabilities. And if you're under attack, contact F5 SIRT: f5.com/sirt


Wednesday, January 29, 2020

90 Seconds of Security: Tales from the Darknet

What happens to your data once it’s been compromised by a phishing attack or data breach? In this episode Peter Silva explores where your data goes and how much it is worth once it’s stolen in a data breach or phishing attack. If you're under attack, visit f5.com/sirt to get immediate help!




#f5Labs #90SecondsOfSecurity