F5 Labs

It can be easy to give in to frustration and pessimism during catastrophic events. But there are signs that not all is lost, even in the world of software dependencies.

It can be easy to give in to frustration and pessimism during catastrophic events. But there are signs that not all is lost, even in the world of software dependencies.

As Christmas quickly approaches, seasonal phishing trends once again show that attackers are taking advantage of increased online shopping. Fraudsters doubled their efforts in November attacking ecommerce giants such as Amazon. The real attacker focus, however, was cryptocurrency with fraudulent sites attempting to steal crypto-exchange credentials.

As Christmas quickly approaches, seasonal phishing trends once again show that attackers are taking advantage of increased online shopping. Fraudsters doubled their efforts in November attacking ecommerce giants such as Amazon. The real attacker focus, however, was cryptocurrency with fraudulent sites...

The log4j security vulnerability is one of the most widespread cybersecurity vulnerabilities in recent years. Here's a non-technical explanation of it.

The log4j security vulnerability is one of the most widespread cybersecurity vulnerabilities in recent years. Here's a non-technical explanation of it.

Scans continue against remote logins like VNC, RDP, and SSH, as well as MySQL and Elasticsearch. And what’s going on in Malaysia and Lithuania?

Scans continue against remote logins like VNC, RDP, and SSH, as well as MySQL and Elasticsearch. And what’s going on in Malaysia and Lithuania?

Retail fraud, identity theft, account takeovers, stolen payment cards—it feels like digital fraud is everywhere. Understand it better to fight it more effectively.

Retail fraud, identity theft, account takeovers, stolen payment cards—it feels like digital fraud is everywhere. Understand it better to fight it more effectively.

A look at multi-cloud security strategies, including the emerging practices of omni-cloud, Functions as a Service, Containers as a Service, cloud security posture management, and data sovereignty.

A look at multi-cloud security strategies, including the emerging practices of omni-cloud, Functions as a Service, Containers as a Service, cloud security posture management, and data sovereignty.

Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place.

Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place....

DNS is better known, but some recent high-profile outages are a reminder that Border Gateway Protocol (BGP) failures can take sites down too.

DNS is better known, but some recent high-profile outages are a reminder that Border Gateway Protocol (BGP) failures can take sites down too.

Managing hardened systems without exposing them to unwanted attack vectors is difficult. Jump boxes are one way to do it—learn why and how.

Managing hardened systems without exposing them to unwanted attack vectors is difficult. Jump boxes are one way to do it—learn why and how.

South Africa’s cyberattack landscape saw targeting of Scryba, PHP, and CVE-2017-9841 web vulnerabilities.

South Africa’s cyberattack landscape saw targeting of Scryba, PHP, and CVE-2017-9841 web vulnerabilities.