Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

AppSec Made Easy: Credential Protection

Learn how to use the F5 Advanced Web Application Firewall to protect your credentials. Identities are the keys to our applications and criminals can steal them right from the browser. DataSafe protects the credentials at the most vulnerable point. Read more
1 Review

What is HTML Field Obfuscation?

And why do you need to know, anyway? I am so glad you asked! A great deal of app security focuses on the server-side component. Whether comprised of multiple microservices fronted by an API or a monolith, there is no question that a significant... Read more
2 Reviews

Mazar Bot Overview

Mazar Bot targets multiple banks with malware that is spread through SMS text messages. Read more
0 Reviews

CloudBleed: Guess What? There was 0-day protection

About CloudBleed If you aren’t familiar with CloudBleed, take a moment to read the following articles to get an understanding how it was found, what happened, and what PII/PCI data was (possibly) leaked: Vulnerability Disclosure from Tavis... Read more
Average Rating: 4.9
3 Reviews

Achtung! TrickBot!

TrickBot does not rest. Following the recent addition of its first targeted US-based bank, a new version of the malware has been spotted in the wild. Now in its 11th incarnation, TrickBot has expanded its ever growing target portfolio yet again –... Read more
1 Review

TrickBot targets its first US bank

The latest arrival to the banking malware scene, and successor to the infamous Dyre Trojan continues to evolve. TrickBot previously targeted banks and businesses in Australia, New Zealand, Germany, UK, Ireland, Canada, India and Singapore. In a... Read more
1 Review

Is "Xmaker" the new “TrickLoader”?

Overview During November of 2015, the Dyre banking Trojan, which was very prolific at the time and targeted countless financial institutions worldwide, vanished from the wild almost overnight. It was only during February of 2016 that the... Read more
2 Reviews

Comment les institutions françaises peuvent se protéger contre la cybercriminalité

Les institutions financières sont la première cible des cybercriminels et exposent le plus de données sensibles sur Internet. Un compte utilisateur d’une institution financière héberge à la fois de la donnée... Read more
0 Reviews

Lock Down Your Login

Last week we talked about WebSafe and how it can help protect against phishing attacks with a little piece of code. This is important since malware can steal credentials from every visited web application from an infected machine. This time we’re... Read more
1 Review

Don’t Take the Impostor’s Bait

Phishing has been around since the dawn of the internet. The term was first used in an AOL Usenet group back in 1996 but it wasn’t until 2003 when many baited hooks and lures started dropping. Popular transaction destinations like PayPal and eBay... Read more
1 Review

Lightboard Lessons: WebSafe and MobileSafe

The Web, while convenient and necessary for business, can be a dangerous and scary place. The good news is that F5 offers a security solution called WebSafe.     Related Resources: Read more
Average Rating: 4.9
3 Reviews

Protection des credentials de vos employés se connectant à votre portail APM

Donner accès au SI à ses employés via une passerelle SSL est devenu indispensable. Cette gateway SSL peut très être utilisé en VPN SSL ou en extranet. Pour se faire, les employés doivent saisir leurs... Read more
2 Reviews

Webinject Crafting Goes Professional: Gozi sharing Tinba webinjects

Researched and co-authored by the F5 SOC and the F5 Security Research team Webinject crafting is a separate profession now. There are people who write webinjects and sell them to fraudsters, who use them to weaponize Trojans. Based on our... Read more
2 Reviews

Agility 2016 guest speakers – sneak preview Q&A

Two of the many highlights at this year’s Agility 2016 conference in Vienna are set to be our guest speakers – Misha Glenny and Thimon De Jong. This week we caught up with both of them to gain a sneak preview of their talks, their opinions on the key themes of Agility and any previous experiences or tips they have regarding this year’s host city, Vienna! Read more
0 Reviews

Dridex Malware – New Week, New Targets

Our ongoing campaign analysis has revealed that Dridex malware’s latest campaign focus has strongly shifted in recent months from U.K. banks, which had been the main targets previously, to US banks today. Dridex and its latest trends are... Read more
1 Review

Is Slempo/GM-Bot the new standard for mobile malware?

Introduction Slempo/GM-Bot requires little introduction, as it has been the focal point of many recent publications, and is a well known threat in the world of mobile malware. In most cases Slempo/GM-bot presents itself as “Adobe Flash Player... Read more
1 Review

Dridex BOTnet 220 Campaign

Like many other financial Trojans, the notorious Dridex malware keeps evolving and strengthening its presence in the financial threat landscape. The Dridex campaign attributed to BOTnet #220 is very UK financials focused and tries to accomplish... Read more
2 Reviews

Gootkit Malware, New Targets around the World

During the last campaign of Gootkit malware, detected by F5 in February 2016, new targets were spotted while analyzing its configuration. Gootkit, identified in some cases as Waldek, is a banking Trojan that was first seen in the wild around... Read more
2 Reviews

Tinbapore: Millions of Dollars at Risk

Detected by F5 WebSafe security solutions during November 2015, Tinbapore attack has put millions of US dollars at risk. F5 Security experts investigation revealed that Tinbapore is actually a new variant of the good old Tinba Malware that so far... Read more
1 Review

Yasuo-Bot–the flexible mobile banker targeting Russia and East-Europe

Mobile financial malware needs little introduction, since 2010 mobile malware is on the rise. The first mobile Trojan launched was ‘Zitmo’ (Zeus-In-The-Mobile. A Mobile version of the most common PC Trojan – ZeuS) which was then followed by many... Read more
Average Rating: 4.9
3 Reviews

F5 SOC webinject Analysis

Recently several e-banking Trojans (Dyre, Cridex, and Tinba, for instance) have used script injection techniques to modify the original web page. The modification may enable the attacker to perform money transactions using victims’ credentials.... Read more
1 Review

Yuck a RAT infestation! How concerned are you?

RAT's are becoming more of a problem than ever before. Using RATs ‘cyber thieves’ are now more successful than ever at gaining unsuspected control over a victim’s computer and executing malicious exploits. Although, companies are very much challenged in their efforts to protect against RATs, there are steps one can take to stop RAT infestation, safe guard against credential theft and protect against malicious transactions or data exfiltration. Read more
0 Reviews

Identity Theft: Not So Scary Anymore?

This article originally appeared on F5.com on 10.20.15. With Halloween in our rearview mirror and the holiday shopping season upon us, a couple surveys are out examining our fears and in particular, our concerns about identity theft. Apparently,... Read more
0 Reviews

Dyre - No Rest for the Wicked

Dyre malware requires little introduction as it had been the focus of many publications and it is a well-known threat in the financial malware world. One of the reasons for it being so infamous is the frequent changes the authors incorporate in... Read more
Average Rating: 4.5
6 Reviews

Domain name holders hit with personalized, malware-laden suspension notices

This according to Zeljka Zorz, HNS Managing Editor from Help Net Security. In his article, Zeljka mention that new email spam campaign has been spotted targeting domain name holders, trying to trick them into downloading malware on their systems.... Read more
1 Review