Attackers are breaching F5 BIG-IP devices

-

 Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, IoT malware, or to scrape administrator credentials from the hacked devices.

Attackers are breaching F5 BIG-IP devices, check whether you've ...

Vulnerability Details:

Mikhail Klyuchnikov, the security researcher from Positive Technologies who discovered the vulnerability, says, “By exploiting this vulnerability, a remote attacker with access to the BIG-IP configuration utility could, without authorization, perform remote code execution (RCE1). The attacker can create or delete files, disable services, intercept information, run arbitrary system commands and Java code, completely compromise the system, and pursue further targets, such as the internal network. RCE in this case results from security flaws in multiple components, such as one that allows directory traversal exploitation. This is particularly dangerous for companies whose F5 BIG-IP web interface is listed on search engines such as Shodan. Fortunately, most companies using the product do not enable access to the interface from the internet.”

This vulnerability is observed in the wild to be actively exploited and causing credentials to be stolen.

US-Cyber Command tweeted to immediately patch your system

Comments

Post a Comment

Popular posts from this blog

Jack Reacher: Never Go Back' Review

-
Image
Tom Cruise, putting a dimmer on his mega-watt smile, is back busting heads in Jack Reacher: Never Go Back,  once again playing the ex-military-cop-turned-road-warrior in defense of the disenfranchised. Critics were snotty four years ago when Cruise first played Reacher, because the 5'7" actor is the physical opposite of the six-five, 250-pound bruiser that crime novelist Lee Child created on the page. Get over it. The admirably defiant star, still a force of nature at 54, brings his own agility and quick wit to the role.  Never Go Back  comes closer to nailing that concept than its predecessor, though it's marching orders are still to deliver a fun, action-plus ride. Edward Zwick, who worked with Cruise on 2003's  The Last Samurai,  replaces Christopher McQuarrie in the director's chair and keeps the mayhem going gangbusters – or at least enough to cover up the plot holes in the scrip, written by Zwick, Marshall Herskovitz and Richard Wenk. The Cruise-Zw...
Read more

DNS Tunneling Attack - You might know this !

-
Image
  Introduction: In the world of cybersecurity, attackers continuously explore new techniques to bypass network defenses and exfiltrate sensitive information. One such technique gaining prominence is DNS tunneling. DNS tunneling allows attackers to use the DNS protocol as a covert communication channel, exploiting its ubiquitous nature and inherent characteristics. This blog post delves into the concept of DNS tunneling, its working mechanism, potential risks, and methods to mitigate this emerging threat. Understanding DNS Tunneling: DNS (Domain Name System) is the backbone of the internet, responsible for translating domain names into IP addresses. Its primary purpose is to facilitate communication between devices. However, this fundamental protocol can be manipulated to serve as a covert channel for data transmission. DNS tunneling involves encapsulating data within DNS queries and responses, effectively bypassing network security measures that may not scrutinize DNS traffic as c...
Read more

Tips to Speed up your PC or Laptop ( Only For Windows Operating System)

-
Image
Try the Performance troubleshooter The first thing that you can try is the Performance troubleshooter, which can automatically find and fix problems. The Performance troubleshooter checks issues that might slow down your computer's performance, such as how many users are currently logged on to the computer and whether multiple programs are running at the same time. Open the Performance troubleshooter by clicking the  Start  button  , and then clicking  Control Panel . In the search box, type  troubleshooter , and then click  Troubleshooting . Under  System and Security , click  Check for performance issues Delete programs you never use Many PC manufacturers pack new computers with programs you didn't order and might not want. These often include trial editions and limited-edition versions of programs that software companies hope you'll try, find useful, and then pay to upgrade to full versions or newer versions. If you decide you...
Read more