Blog
About A10 PSIRT Team
A10 Blog / Author / A10 PSIRT Team
A10 PSIRT Team
The A10 SERT Team is A10 Networks' Security Engineering Research Team.
Recent Posts By the Author
June 20, 2018
Application Load Balancer with Analytics for AWS GovCloud
A10 announces the immediate availability of its Harmony Controller SaaS with Lightning ADC for AWS GovCloud. A10 was invited to deliver the keynote address…
March 12, 2018
5 Ways IoT Threats Can Crumble Your DDoS Defenses
Distributed denial of service (DDoS) attackers have mastered the art of control when it comes to unsecured, connected devices, causing chaos and breeding…
March 7, 2018
Dawn of a New Threat: The IoT DDoS Invasion
The game has changed. Attackers now weaponize connected devices to launch destructive distributed denial-of-service (DDoS) attacks. Massive botnets can be created from these…
February 12, 2018
Avoid the SSL Encryption Shadow Monster: A Look at SSL Decryption
Freely Flowing SSL Encrypted Traffic The popular Netflix series “Stranger Things” – with all of its nods to 80’s sci-fi and nostalgia – is based…
February 9, 2017
HTTPS Interception and the Truth About Thunder SSLi Cipher Support
The A10 Networks Security Engineering Research Team recently reviewed the paper titled, “The Security Impact of HTTPS Interception,” which examines and grades the…
September 23, 2016
Patch Available for CVE-2014-8730 Padding Flaw
A10 Thunder ADC appliances running ACOS versions 2.7.2 P3 or earlier are susceptible to a TLS padding attack. The TLS padding flaw, identified…
June 10, 2016
CVE-2016-0270 GCM nonce vulnerability
Back in February we were contacted by Hanno Böck who had discovered an issue with how certain devices generate the nonce for AES-GCM…
January 31, 2016
OpenSSL Advisory from 2016-01-28
On January 28th, the OpenSSL project published an advisory which addressed CVE-2016-0701 (DH small subgroups) and CVE-2015-3197 (SSLv2 doesn’t block disabled ciphers). ACOS does not…
December 10, 2015
OpenSSL Advisory from 2015-12-03
On December 3rd, 2015, OpenSSL released a security advisory covering CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 and CVE-2015-1794 across multiple version of OpenSSL. Out of…
July 9, 2015
CVE-2015-1793: OpenSSL Alternative chains certificate forgery
On July 9th, OpenSSL released a security advisory containing a single item with "high" severity. This vulnerability was introduced by OpenSSL version 1.0.1n/1.0.1o…