F5 Labs

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their denylists and protect themselves.

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their denylists and protect themselves.

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

Most security researchers have good intentions, but ethics must play a central role in the decisions they make.

Most security researchers have good intentions, but ethics must play a central role in the decisions they make.

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

Security teams can fulfill the CISOs responsibilities and help business groups become more security-savvy by working through the due diligence and due care process together.

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

Strong security starts with understanding exactly what you need to protect and where it resides within your organization.

F5 Labs researched 433 breach cases spanning 12 years, 37 industries, and 27 countries to discover patterns in the initial attacks that lead to the breach.

F5 Labs researched 433 breach cases spanning 12 years, 37 industries, and 27 countries to discover patterns in the initial attacks that lead to the breach.