F5 Labs

There’s a lot of hype surrounding cryptocurrencies, but what’s good for currency traders may not be great for security-minded professionals.

Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

According to Verizon’s 2014 Data Breach Investigations Report, “Web applications remain the proverbial punching bag of the Internet.” Things haven’t improved much since then. What is it about web applications that makes them so...

Cyber crooks use several common URL disguising techniques to trick users into thinking their sham sites are legitimate.

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

The Internet is full of information about your company that’s easily accessible to anyone and particularly useful to attackers.

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled.

With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure of the future.

This series explores how InfoSec practitioners can use math, technology, and critical thinking to mitigate risk in a world where networks and data have surpassed the scope of human comprehension.

Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon?

As TrickBot evolves, we examine version 24, which heavily targets Nordic financial institutions, and we take a close look at the Dyre–TrickBot connection.

Protecting our critical infrastructure is everyone’s responsibility, and there are many ways we can all do our part.

The personal and job-related information that employees often innocently post on various websites makes it easy for phishers to pull off their scams.

A veteran auditor told us how organizations fail audits. Here are six detailed strategies to help you achieve success.

Safeguarding TLS against attack in the quantum computing age will require changes to today’s TLS key exchange algorithms.

Savvy organizations that understand the gravity of cyber security are giving CISOs a voice at the executive table.

In this five-part blog series, we look at how cyber scammers vacuum up information across the Internet to build profiles for phishing and other kinds of social engineering attacks.

A veteran auditor walks through where he’s seen organizations fail during audit.