SafeLine Bot Management: Self-hosted alternative to Cloudflare

Modern websites are under constant pressure from automated traffic: scraping, credential stuffing, inventory hoarding, and other malicious bot behaviors. While Cloudflare Bot Management is a powerful cloud-native solution that leverages massive data an… Continue reading SafeLine Bot Management: Self-hosted alternative to Cloudflare

F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)

Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP Next Central Manager. About the vulnerabilities BIG-IP Next is “a complete… Continue reading F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability (CVE-2023-46747) that could lead to unauthenticated remote code executio… Continue reading F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

The role of streaming machine learning in encrypted traffic analysis

Organizations now create and move more data than at any time ever before in human history. Network traffic continues to increase, and global internet bandwidth grew by 29% in 2021, reaching 786 Tbps. In addition to record traffic volumes, 95% of traffi… Continue reading The role of streaming machine learning in encrypted traffic analysis

Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)

F5 Networks‘ BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388. “This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system thr… Continue reading Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)

What analytics can unveil about bot mitigation tactics

25% of internet traffic on any given day is made up of bots, the Kasada Research Team has found. In fact, there is a synthetic counterpart for almost every human interaction online. Bot mitigation tactics These bots work to expose and take advantage of… Continue reading What analytics can unveil about bot mitigation tactics

What is flowing through your enterprise network?

Since Edward Snowden’s revelations of sweeping internet surveillance by the NSA, the push to encrypt the web has been unrelenting. Bolstered by Google’s various initiatives (e.g., its prioritizing of websites that use encryption in Google Search result… Continue reading What is flowing through your enterprise network?

Mobile is the new frontier for malicious bots

Distil Networks analyzed over 100 million mobile devices on its networks. The findings suggest that sophisticated cybercriminals and bot operators now implement a new technique—leveraging mobile devices – to avoid detection and execute a number o… Continue reading Mobile is the new frontier for malicious bots

Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can … Continue reading Real-time detection of consumer IoT devices participating in DDoS attacks

You Can Now Help Identify Middleboxes Holding Back TLS 1.3 Adoption

TLS 1.3 promises great improvements for the encrypted Web, both in terms of security and performance. However, its adoption has been held back for the past year by SSL/TLS proxies and other load balancing and traffic monitoring middleboxes that break c… Continue reading You Can Now Help Identify Middleboxes Holding Back TLS 1.3 Adoption