SMTP Smugglers Blues
The SMTP protocol has been vulnerable to email smuggling for decades. Many of the mail servers out there have mitigations in place to handle this vulnerability but not all of them, especially the quick libraries and add-ons you can find on web sites. Protecting your server from these attacks is simple with F5 BIG-IP Advanced WAF and our SMTP Protocol Security profiles. Read to learn how to give those bad actors the “Smugglers Blues”GLOBAL Live Webinar: Key Takeaways for the 2023 F5 Identity Threat Report
This event is open to all F5 users regardless of geographic location. Date: Thursday, February 29, 2024 Time:10:00am PT | 1:00pm ET Speakers: Sander Vinberg, Threat Research Evangelist, F5 and Corey Marshall, Director Solutions Engineering What's the webinar about? Changes in how organizations build, run, and secure information systems have also shifted how we look at authentication and access control. The emerging concept of identity is transforming the ways humans and non-human actors use data and compute power. Meanwhile, organizations’ focus on identity also means that it has become a focus for attackers. Organizations must stay vigilant by addressing the latest attack techniques– and take a proactive approach to mitigating identity risks. Join Corey Marshall, Director of Solutions Engineering,and Sander Vinberg, Threat Researcher and lead author on the 2023 Identity Threat Report: The Unpatchables, as they share findings from the report and discuss their practical implications for securing digital identities. They will explore the top threats, highlight what you need to watch for, and specific F5 technologies that can help you address these threats. Attend this webinar to discover: The state of credential stuffing, including preferred targets The evolution of phishing, including tactics and counter-countermeasures What the growth of MFA bypass techniques could mean for you Learn more, register today
F5 Labs 2019 TLS Telemetry Report Summary
Encryption standards are constantly evolving, so it is important to stay up to date with best practices. The 2019 F5 Labs TLS Telemetry Summary Report by David Warburton with additional contributions from Remi Cohen and Debbie Walkowski expands the scope of our research to bring you deeper insights into how encryption on the web is constantly evolving. We look into which ciphers and SSL/TLS versions are being used to secure the Internet’s top websites and, for the first time, examine the use of digital certificates on the web and look at supporting protocols (such as DNS) and application layer headers. On average, almost 86% of all page loads over the web are now encrypted with HTTPS. This is a win for consumer privacy and security, but it’s also posing a problem for those scanning web traffic. In our research we found that 71% of phishing sites in July 2019 were using secure HTTPS connections with valid digital certificates. This means we have to stop training users to “look for the HTTPS at the start of the address” since attackers are using deceptive URLs to emulate secure connections for their phishing and malware sites. Read our report for details and recommendations on how to bolster your HTTPS connections.The F5 Labs 2019 Application Protection Report
For the past years, F5 Labs has produced the Application Protection Research Series. First as individual reports and then as a series of episodes released during the year. We have just released the 2019 report final edition, which places years of security trends and patterns into a single long-term picture, to get away from news cycles and hype that only focus on new threats or vulnerabilities that may not even be applicable. This perspective also allows us to see linkages between the different subdomains and foci that make up the complex and porous field we call information security. This new comprehensive report pulls together the various threats, data sources, and patterns in the previous episodes into a unified line of inquiry that began in early 2019, picking up where the 2018 Application Protection Report left off, and concluded in early 2020 with updated data on 2019 breaches and architectural risk. One of the underlying themes for the 2019 series has been that changes in the ways that we design, build, and deploy applications have been drivers for risk. From third-party services driving the rise of an injection attack known as formjacking, to a growing list of seemingly avoidable API breaches, to the prevalence of platforms running on languages with old and documented flaws, there has been a good deal of goalpost movement for defenders. The implication is that many of the people who are making decisions with significant ramifications for security—system owners, application architects, DevOps teams—are generally placing other priorities ahead of security. Based on the acceleration of trends in 2019 that we identified from 2018, it seems that this tension will characterize the next few years of the security arms race. Our top conclusions in this report include: Access attacks predominant except for retail Retail breaches increasingly dominated by formjacking Breach modes driven more by application architecture than by traditional sector Get the Full report here https://www.f5.com/labs/articles/threat-intelligence/2019-application-protection-report Executive Summary https://www.f5.com/labs/articles/threat-intelligence/application-protection-research-series-executive-summaryF5 Labs 2018 Phishing & Fraud Report
The F5 Labs 2018 Phishing & Fraud Report is out! In this report, the F5 Labs team specifically investigated the rise of phishing and fraud during the 'holiday shopping season,' beginning in October and continuing through January. Fraud and phishing attempts increase 50% right now, from October to January and phishing was the root cause of 48% of the data breaches that F5Labs investigated. It's important to check out the report because it explains how phishing works, how to defend yourself against phishing attacks and the importance of training employees to recognize malicious emails. Some of the crazy stats they found include 93% of phishing domains offered a secure (https) version of the site to appear more legitimate and 68% of malware sites used encryption certificates (https), meaning 68% of Command & Control servers use port 443. The crooks are going through the trouble of getting SSL certificates for their fake, but real looking sites. Take a look at some of these. Do any of these web logins look familiar? How about this one? Or maybe this one? If so then you need to check out the 2018 Phishing and Fraud report from F5 Labs because they were all fake. Attackers are getting so good at creating fake websites that impersonate the real thing, most people can’t tell the difference. One thing is for certain, employee click-through rates on phishing emails drop from 33% to 13% with security awareness training: 33% — 1-5 training events 28% — 6-10 training events 13% — 11 or more training events You can check out the Preview Video here and get your report at https://www.f5.com/labs ps
