F5 Labs

Despite an overall downward trend, an old favorite comes back into play.

Did automation targeting retail companies rise towards Black Friday 2022?

Part three of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.

Welcome to the fun-size version of our 2023 Identity Threat Report! If you only have 5 minutes to spare this is the place to start - and you can always download the full PDF for later.

We are excited to announce a new report covering threats to digital identities. This report goes into detail on credential stuffing, phishing, and multifactor authentication bypass techniques.

We added another signature (for CVE-2020-0618) and we take a look at a cred stuffing attack from last month. One formerly prevalent CVE has disappeared entirely, and we investigate why that happened.

Part two of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.

A few formerly popular CVEs fell in traffic in August, leaving an old router vuln to resume its normal position at the top. Plus seven new CVEs added to the list of signatures.

Learn how attackers use server initiated connections and other clever tricks to deliver shells to attackers, circumventing inbound firewalls and access controls.

Part one of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.

One old favorite CVE declined by more than half in July, and a new one (to us) was so heavily targeted it ended up ranked fifth out of 72.

Bot traffic for the first half of 2023 was fairly typical, some rapid change in a few industries notwithstanding. Learn who got hit hard and who got off easy.

The term identity is everywhere in security, but we rarely discuss or deal with all of the depth and complexity it entails. Sam Bisbee explores the layers inherent in identity and what they mean for managing risk.

In terms of attacker interest, it was more about continuity than change in June, with many of the same old CVEs being targeted.

Explore the concept of web shells, their usage by attackers, and effective defenses against this post-exploit activity in this article by F5 Labs.

AI tools are spreading rapidly and CISOs need to be ready.

Relative stability in attacker activity this past month serves to highlight the ongoing importance of Exchange Server vulnerabilities and poorly-secured IoT devices to attackers.

Explore a highly automated attack against a sneaker manufacturer and learn how resellers optimize their bots for success, and profit!

A new vuln popped up in our traffic this month, as well as lots of the same old CVEs—IoT and Microsoft Exchange.

Some IoT vulnerabilities, some Microsoft Exchange vulnerabilities, but not too much going on in March.