What is Mutual TLS (mTLS)?
Mutual Transport Layer Security (#mTLS) establishes an encrypted TLS connection in which both parties use X.509 digital certificates to authenticate and verify each other. MTLS can help mitigate the risk of moving services to the cloud, and prevent malicious third parties from imitating genuine apps. So, let’s start the clock for What is mTLS? Read What is mTLS? on F5 Labs. Not only does F5 Labs provide freely available Threat Intelligence, they also have an Educational series covering many types of attacks, threats, and essential security concepts. If you are getting started in cyber security or there’s always been that one topic you’ve never quite understood, #F5Labs will help you learn the basics.
F5 Labs Publishes the 2022 Application Protection Report
F5 Labs is elated to announce that we’ve published the 2022 Application Protection Report, our annual attempt to document the ongoing evolution of the threat landscape and provide mitigation guidance for security practitioners. As always, the report is long and detailed, and pulls from multiple different sources to try to get as close as possible to the messy truths of information security. It includes an analysis of about 1,000 publicly disclosed breaches from 2021 using three different data models, a snapshot of cloud risk from several different angles, and the (slightly modified) MITRE ATT&CK analysis and visualizations that we first used in the 2021 Application Protection Report. If you’ve got the time and the inclination, we think the full report’s worth the time, but if you just want the conclusions, here’s a precis: Malware grew in prevalence, playing a role in more than 30% of known U.S. data breach in 2021. While ransomware attacks continued to increase, many malware breaches exfiltrated data without encryption and a ransom, demonstrating the enduring demand for stolen data for use in later fraud. Exfiltration was the ATT&CK tactic that grew the most, featuring in nearly 80% of application attacks in 2021. Web exploits declined in prevalence, but became more focused on formjacking attacks (such as Magecart) against retail targets. Access attacks, such as phishing and credential stuffing, remained the single most common breach cause, and 24% of 2021 breaches were characterized by business email compromise. According to our analysis, the single most important mitigation is data backup, reflecting the threat of ransomware, but since modern ransomware strategies often compromise backups, a more holistic approach, including environment-wide hardening, is necessary. We hope it helps security practitioners stay one step ahead of attackers. Feedback is welcome at f5labs@f5.com.The 2021 TLS Telemetry Report
Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. As old protocols prove to be insecure and new standards emerge, it has never been more important to keep HTTPS configurations up to date. Even though encryption can feel like a “solved problem,” the devil is still in the details. Today, the state of encryption on the Web is a case of taking two steps forward and one step back. So let’s start the clock to take a look at some of the highlights from F5 Labs 2021 TLS Telemetry Report.Cyberattacks at Banks and Financial Services Organizations
As part of F5 Labs 2021 Application Protection Report, we looked at the top reported security incidents to the F5 SIRT for the years 2018 through 2020. Now we’re taking a deeper dive into the reported security incidents at financial organizations, sometimes referred to as #BFSI for banking, financial services, and insurance institutions. Peter Silva starts the clock for Cyberattacks at Banks and Financial Services Organizations.DDoS Attack Trends for 2020
Distributed Denial-of-service, or #DDoS, is a persistent threat facing businesses of all types, regardless of geographic location or target market. DDoS tools are becoming easier to use, while the attacks themselves are becoming more complex—frequently combining many different methods in one assault. With attack data from the F5 Silverline Security Operations Center and incidents logged by the F5 Security Incident Response Team (SIRT), Peter Silva starts the clock to check out DDoS Attack Trends for #2020 and read the F5 Labs article, DDoS Attack Trends for 20202021 Application Protection Report - Of Ransom and Redemption
Now in its 4th year, the #F5Labs 2021 Application Protection Report is our effort to boil the application security risk landscape down to put the initiative back into the hands of defenders. We analyzed more than 700 data breaches from 2020. I start the clock for an extended edition of some the highlights from F5 Labs 2021 #APR in this episode of 90 Seconds of Security. Get your copy of the F5 Labs 2021 Application Protection ReportCredential Stuffing Tools and Techniques
Credential stuffing is a type of cyberattack that uses credentials obtained from previous breaches to take over accounts on other web or mobile applications. This type of brute force attack relies on the fact that many people use the same usernames and passwords on multiple sites. Peter Silva starts the clock for #CredentialStuffing Tools and Techniques including #OpenBullet in this 90 Seconds of Security episode.Credential Stuffing: Why It’s Here to Stay
Over the last few years, F5 security researchers have identified credential stuffing as one of today’s foremost threats. The value of stolen credentials has created a vicious circle: organizations suffer network intrusions in pursuit of credentials, and credential stuffing in pursuit of profits. Understanding both the supply and demand sides of the market for stolen credentials is, therefore, key to understanding the risk that cybercriminals pose to organizations today. With 5 years of data, it is definitive: credential spills are here to stay. So, let’s start the clock for some harrowing data from the 2021 Credential Stuffing Report. Get your copy: https://www.f5.com/labs/articles/threat-intelligence/2021-credential-stuffing-report
