F5 Labs

A little mistake in security controls can have disastrous consequences. How common are they and how do you prevent them?

Advanced attackers are considered a top threat by CISOs. Although they are rare, their stealthy determination to learn everything about a target before they strike makes them especially dangerous.

It’s important for the fashion-conscious hacker to know what’s on trend! Here’s a preview of APT Group Purple Aardvark’s summer line—a few hits, some misses.

Align your compliance requirements with your other business requirements so you can distinguish what you must do from what’s nice to do.

If you aren’t aware of Drupalgeddon 2, then you’ve either been living off the grid or don’t use the popular content management system (CMS).

Panda malware is back in full force with three currently active campaigns that extend its targets beyond banking to new industries and organizations worldwide.

Preston Hogue writes for Security Week, explaining the fifth element of risk transfer: Sec-aaS.

US-CERT TL18-106A alert underscores how insecure Internet systems really are and that ignoring the problem only increases the collateral damage.

When it comes to tallying the total cost of a data breach, lawsuits figure prominently, alongside repair costs, loss of reputation and sales, compliance penalties, and operational downtime.

You can’t assume that your third-party web apps are secure! You need to assess them yourself using this multi-step process.

Privacy today isn’t just about staying away from prying eyes. The very act of communicating across the Internet with open, non-confidential protocols invites exposure to multiple threat types.

Fun Fact #2: the author is looking forward to being a card-carrying Singaporean crime fighter (temporarily) someday.

Savvy CISOs don’t go it alone; they rely on in-house collaborators (outside of the security team) to help achieve the organization’s security objectives.

Attacks are back to targeting a Windows IIS vulnerability first disclosed a year ago to mine Electroneum.

Critical apps are the ones that must never go down or be hacked. They are also the hardest to defend because they are often massive, ancient, and touch everything.

The latest DDoS trends include the return of large volumetric DDoS attacks, the rise of application targeted attacks, and businesses in Europe and Asia are growing targets.

People are mining coins all over the place-all it costs is money for the power bill. So, of course, clever people are figuring out how to use other people’s power to mine cryptocurrency.

Apache Struts 2 Jakarta Multipart Parser RCE crypto-mining campaign is now targeting Windows, not just Linux systems.

With device developers rushing to build IoT as fast as they can, security can suffer.

Seven steps for improving the security of critical infrastructure systems—and protecting the public from unnecessary risk.