Lightboard Lessons: What is Phishing and how can I guard against it?
Phishing has been around for years, but it is still a very relevant and dangerous attack.These attacks are a major source of profit for cyber criminals, and they can be very difficult to defend. So, why is there so much phishing still going on? The reason is simple: it’s easy and it works. Attackers don’t have to worry about hacking through a firewall, finding a zero-day exploit, deciphering encryption, etc. The hardest part of these attacks is creating a good email to get people to click on, and a fake website for the victims to land on. In this video, we explore the details of phishing and also talk about how you can defend yourself (or your organization) against these attacks. F5 Labs Phishing and Fraud Report (Note: it's a safe link to click on...I promise!!)How Malware Evades Detection
Malware loves encryption since it can sneak around undetected. F5Labs 2018 Phishing & Fraud Report explains how malware tricks users and evades detection. With the cloning of legitimate emails from well-known companies, the quality of phishing emails is improving and fooling more unsuspecting victims. Attackers disguise the malware installed during phishing attacks from traditional traffic inspection devices by phoning home to encrypted sites. Let's light up how evasion happens & get your F5 Labs 2018 Phishing & Fraud Report today. psLightboard Lessons: Exploiting Cellular IoT Gateways
Critical emergency services such as police, fire, and medical manage their fleets with vulnerable cellular IoT devices. “Vulnerable” doesn’t have to mean a vulnerability within the hardware or software, although we suspect that is the case in some makes and models. In this instance, "vulnerable" can mean beingsusceptible to remote attacks because of weak access control and use of default credentials. An attacker can use these vulnerable device to launch attacks, as we have seen with thingbots like Mirai and Reaper, or they can use that access for nefarious purposes to spy, redirect commands in the case of a fleet taking orders from a remote command, or shut the system off, effectively disabling operations.In this video, John outlines the problem of weak authentication in widely-used cellular gateway devices. Help spread the word, and for the love of all things security, change your default usernames and passwords! Related Resources: F5 Labs Report:Breaking Down the Door to Emergency Services through Cellular IoT Gateways F5 Labs Report:Leveraging Government Transparency to Find Vulnerable Cellular Gateways
