"F5 has released security updates following a large-scale cyberattack believed to have been carried out by Chinese state hackers. The intruders gained prolonged access to the BIG-IP software development environment and stole parts of the source code. The incident is forcing customers worldwide to patch their systems urgently. The infiltration of the BIG-IP development environment at F5 was immediately linked to state hackers. F5 did not specify the exact country in its October 15 public announcement."
"The intruders gained "long-term, persistent access" to certain systems and stole files, including parts of the source code for the BIG-IP suite. According to F5 representatives, the hackers were in the company's network for at least twelve months. Sources who spoke to Bloomberg reported that F5 sent a threat hunting guide to customers on Wednesday. The focus of this guide is the Brickstorm malware. According to Mandiant, the hackers behind Brickstorm are known for stealing source code from popular technology providers."
State-linked attackers gained long-term access to F5's BIG-IP development environment, stealing files and portions of source code and remaining undetected for at least twelve months. The intrusion has been internally linked to a China-origin state-sponsored group associated with UNC5221 and the Brickstorm malware, which is known for targeting technology providers to exfiltrate source code. F5 issued security updates and a threat-hunting guide focused on Brickstorm. U.S. CISA and U.K. authorities warned of a significant cyber risk and urged customers to apply patches immediately. The compromise affects many large organizations, with 48 of the Fortune 50 among F5 customers.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]