"CISA said a "nation-state affiliated cyber threat actor" compromised F5 systems, including source code tied to the company's BIG-IP traffic management product that helps organizations filter out malicious web traffic should it enter their networks, according to the directive. Seattle-based F5 provides application delivery and security technologies used by hundreds of private companies and government agencies worldwide. An SEC filing released Wednesday said F5 detected the intrusion on Aug. 9 and engaged external cybersecurity experts to contain the breach."
""This cyber threat actor presents an imminent threat to federal networks using F5 devices and software," CISA's directive says. "Successful exploitation of the impacted F5 products could enable a threat actor to access embedded credentials and Application Programming Interface (API) keys, move laterally within an organization's network, exfiltrate data, and establish persistent system access. This could potentially lead to a full compromise of target information systems.""
CISA ordered federal civilian agencies to catalog and patch F5 products after a nation-state affiliated cyber threat actor compromised F5 systems, including source code tied to the BIG-IP traffic management product. F5 detected the intrusion on Aug. 9, engaged external cybersecurity experts, and received DOJ approval to delay public disclosure under a national security exemption. F5 technologies are widely used across federal departments and defense elements. CISA warned that successful exploitation could expose embedded credentials and API keys, enable lateral movement, exfiltrate data, establish persistent access, and potentially result in full compromise of targeted information systems. F5 confirmed extraction of files from BIG-IP development and other platforms.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]