Friday, July 23, 2021

What is Mutual TLS (mTLS)?

Mutual Transport Layer Security (#mTLS) establishes an encrypted TLS connection in which both parties use X.509 digital certificates to authenticate and verify each other. MTLS can help mitigate the risk of moving services to the cloud, and prevent malicious third parties from imitating genuine apps. So, let’s start the clock for What is mTLS?

Read the Article on F5 Labs.

Not only does F5 Labs provide freely available Threat Intelligence, they also have an Educational series covering many types of attacks, threats, and essential security concepts. If you are getting started in cyber security or there’s always been that one topic you’ve never quite understood, #F5Labs will help you learn the basics.

Tuesday, June 29, 2021

Cyberattacks at Banks and Financial Services Organizations

As part of the 2021 Application Protection Report, we looked at the top reported security incidents to the #F5 SIRT for the years 2018 through 2020. Now we’re taking a deeper dive into the reported security incidents at financial organizations, sometimes referred to as #BFSI for banking, financial services, and insurance institutions. Peter Silva starts the clock for Cyberattacks at Banks and Financial Services Organizations. Read the Report!


DDoS Attack Trends for 2020

Distributed Denial-of-service, or #DDoS, is a persistent threat facing businesses of all types, regardless of geographic location or target market. DDoS tools are becoming easier to use, while the attacks themselves are becoming more complex—frequently combining many different methods in one assault. With attack data from the F5 Silverline Security Operations Center and incidents logged by the F5 Security Incident Response Team (SIRT), I start the clock to check out DDoS Attack Trends for #2020 and read the article.


2021 Application Protection Report: Of Ransom and Redemption

 Now in its 4th year, the #F5Labs 2021 Application Protection Report (https://www.f5.com/labs/articles/thre...) is our effort to boil the application security risk landscape down to put the initiative back into the hands of defenders. We analyzed more than 700 data breaches from 2020. Peter Silva starts the clock for an extended edition of some the highlights from F5Labs 2021 #APR in this episode of 90 Seconds of Security.

Get your copy of the 2021 APR


Credential Stuffing Tools and Techniques

Credential stuffing is a type of cyberattack that uses credentials obtained from previous breaches to take over accounts on other web or mobile applications. This type of brute force attack relies on the fact that many people use the same usernames and passwords on multiple sites. See how attackers use #OpenBullet​ to create a Credential Stuffing attack. Let's start the clock for #CredentialStuffing Tools and Techniques including #OpenBullet in this 90 Seconds of Security episode. And learn more at F5Labs.com


F5 SIRT’s Top Reported Security Incidents, 2018-2020

The F5 Security Incident Response Team helps customers tackle security incidents in real time. In 2020, we talked about what happened in the beginning of the pandemic based on #F5 #SIRT cases. Now we're looking back at all F5 SIRT cases from the beginning of 2018 to the end of 2020 and break down what changed and what didn’t in the cyberthreat landscape because of the pandemic. So, let’s start the clock to look at SIRT’s Top Reported Security Incidents, 2018-2020. Go to the full article


Thursday, March 4, 2021

Credential Stuffing: Why It’s Here to Stay

Over the last few years, #F5 security researchers have identified credential stuffing as one of today’s foremost threats. The value of stolen credentials has created a vicious circle: organizations suffer network intrusions in pursuit of credentials, and credential stuffing in pursuit of profits. Understanding both the supply and demand sides of the market for stolen credentials is, therefore, key to understanding the risk that cybercriminals pose to organizations today. With 5 years of data, it is definitive: credential spills are here to stay. So, let’s start the clock for some harrowing data from the 2021 Credential Stuffing Report.

Get your copy: https://www.f5.com/labs/articles/threat-intelligence/2021-credential-stuffing-report


Key Trends from F5 State of Application Strategy Report

Get your copy: www.f5.com/stateofappstrategy

We all know how much the world has changed in the last year. And, the results of the most recent #F5​ State of Application Strategy survey make it clear, the pandemic has vastly accelerated a global digital transformation that was already underway. Progress that might normally have taken a decade has leapt forward in a single year—with respondents maturing in their journeys toward digital expansion. So let’s start the clock and take a look at the astonishing progress apparent through several key markers revealed in our seventh annual survey. #SOAS

Tuesday, January 26, 2021

How Ransomware Has Evolved to Be Faster, Stealthier, and Strike Harder

 

Ransomware attacks have reached the boiling point. They’ve gone from nuisance to significant financial burden—as well as a mortal threat to critical infrastructure. Financial damage from ransomware attacks is in the hundreds of millions of dollars for some organizations. And, of course, our F5 Labs threat researchers have something to say about it. So, let’s start the clock to explore How Ransomware Has Evolved to Be Faster, Stealthier, and Strike Harder. 

Full article: https://www.f5.com/labs/articles/threat-intelligence/ransomware-how-it-has-evolved-to-be-faster-stealthier-and-strike-harder