About A10 PSIRT Team

A10 announces the immediate availability of its Harmony Controller SaaS with Lightning ADC for AWS GovCloud. A10 was invited to deliver the keynote address…

Distributed denial of service (DDoS) attackers have mastered the art of control when it comes to unsecured, connected devices, causing chaos and breeding…

The game has changed. Attackers now weaponize connected devices to launch destructive distributed denial-of-service (DDoS) attacks. Massive botnets can be created from these…

Freely Flowing SSL Encrypted Traffic The popular Netflix series “Stranger Things” – with all of its nods to 80’s sci-fi and nostalgia – is based…

The A10 Networks Security Engineering Research Team recently reviewed the paper titled, “The Security Impact of HTTPS Interception,” which examines and grades the…

A10 Thunder ADC appliances running ACOS versions 2.7.2 P3 or earlier are susceptible to a TLS padding attack. The TLS padding flaw, identified…

Back in February we were contacted by Hanno Böck who had discovered an issue with how certain devices generate the nonce for AES-GCM…

On January 28th, the OpenSSL project published an advisory which addressed CVE-2016-0701 (DH small subgroups) and CVE-2015-3197 (SSLv2 doesn’t block disabled ciphers). ACOS does not…

On December 3rd, 2015, OpenSSL released a security advisory covering CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 and CVE-2015-1794 across multiple version of OpenSSL. Out of…

On July 9th, OpenSSL released a security advisory containing a single item with "high" severity. This vulnerability was introduced by OpenSSL version 1.0.1n/1.0.1o…