Security News

Vulnerability Exposes F5 BIG-IP to Kerberos KDC Hijacking Attacks
2021-04-29 15:04

F5 Networks this week released patches to address an authentication bypass vulnerability affecting BIG-IP Access Policy Manager, but fixes are not available for all impacted versions. Tracked as CVE-2021-23008, the high-severity vulnerability allows for the bypass of BIG-IP APM AD authentication if the attacker can hijack a Kerberos KDC connection using a spoofed AS-REP. Authentication bypass is also possible from an AD server that the attacker has already compromised, F5 explains.

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability
2021-04-28 19:35

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability in the Kerberos Key Distribution Center security feature impacting F5 Big-IP application delivery services. "The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to Big-IP Access Policy Manager, bypass security policies and gain unfettered access to sensitive workloads," Silverfort researchers Yaron Kassner and Rotem Zach said in a report.

F5 enhances its application security portfolio to help protect customers against fraud and evolving threats
2021-04-22 00:00

F5 announced enhancements to its application security portfolio. "To help today's customers succeed, security must be native to applications and APIs, continuous, applied in real time, and powered by data and AI.".

F5 appoints two senior executives to boost business transformation and cybersecurity
2021-03-22 23:15

F5 announced the appointment of two senior executives as the company bolsters its focus on customer success, business transformation, and cybersecurity. Yvette Smith joins the company today as Senior Vice President of Customer Success and Business Transformation, where she will lead a newly formed group combining both functions and multiple other teams into a single organization committed to delighting customers.

Researchers Raise Alarm for F5 BIG-IP Malware Attacks
2021-03-22 14:00

The urgency to patch gaping security holes in F5 Networks BIG-IP and BIG-IQ products escalated over the weekend after researchers spotted malicious in-the-wild attack activity. Malware hunters at U.K.-based NCC Group are raising the alarm for mass scanning and "Multiple exploitation attempts" with exploits targeting critical security flaws in the F5 enterprise networking infrastructure products.

Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
2021-03-22 07:27

Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation comes on the heels of a proof-of-concept exploit code that surfaced online earlier this week by reverse-engineering the Java software patch in BIG-IP. The mass scans are said to have spiked since March 18.

Critical F5 BIG-IP Flaw Now Under Active Attack
2021-03-19 20:52

Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.

Critical F5 BIG-IP vulnerability now targeted in ongoing attacks
2021-03-19 17:09

On Thursday, cybersecurity firm NCC Group said that it detected successful in the wild exploitation of a recently patched critical vulnerability in F5 BIG-IP and BIG-IQ networking devices. The security vulnerability these attackers attempt to exploit is an unauthenticated remote command execution tracked as CVE-2021-22986, and it affects most F5 BIG-IP and BIG-IQ software versions.

F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs
2021-03-11 14:21

F5 Networks is warning users to patch four critical remote command execution flaws in its BIG-IP and BIG-IQ enterprise networking infrastructure. The company released an advisory, Wednesday, on seven bugs in total, with two others rated as high risk and one rated as medium risk, respectively.

Now it is F5’s turn to reveal critical security bugs – and the Feds were quick to sound the alarm on these BIG-IP flaws
2021-03-11 02:03

To kick off, there's CVE-2021-22987, which scores a 9.9 on the ten-point CVSS scale of severity as it "Allows authenticated users with network access to the Configuration utility, through the BIG-IP management port, or self IP addresses, to execute arbitrary system commands, create or delete files, or disable services." Administrators are advised the flaw allows "Complete system compromise and breakout of Appliance mode." Note that this can only be exploited via the control plane, and it does require an attacker to have a valid login - so a rogue insider or someone using stolen credentials, perhaps. At a mere 9.8 rating, CVE-2021-22986 "Allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services." Complete system compromise is again a possible consequence.