F5 Labs

Performing a risk analysis and taking due care are no longer optional.

Every week another bug, vulnerability, or exploit is released - we need a multi-layered security strategy (beyond our standard patch “spin cycles”) to deal with threats like Spectre and Meltdown.

Every week another bug, vulnerability, or exploit is released - we need a multi-layered security strategy (beyond our standard patch “spin cycles”) to deal with threats like Spectre and Meltdown.

How moving application into the cloud can make your organization stronger and more valuable to your customers.

How moving application into the cloud can make your organization stronger and more valuable to your customers.

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their denylists and protect themselves.

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their denylists and protect themselves.

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.

Most security researchers have good intentions, but ethics must play a central role in the decisions they make.

Most security researchers have good intentions, but ethics must play a central role in the decisions they make.

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

Security teams can fulfill the CISOs responsibilities and help business groups become more security-savvy by working through the due diligence and due care process together.

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.