"Cybersecurity firm F5 has confirmed state-sponsored hackers have stolen source code and customer information following a cyber attack. In an alert to customers, the company said threat actors maintained long-term, persistent access to its BIG-IP product development environment and engineering knowledge management systems. As part of the attack, threat actors exfiltrated files containing some BIG-IP source code, along with information pertaining to undisclosed vulnerabilities that the company was in the process of remediating."
"Notably, hackers don't appear to have accessed data from its CRM, financial, support case management, or iHealth systems. Similarly, the company's software supply chain, including its source code and build and release pipelines, doesn't appear to have been modified. "We have no knowledge of undisclosed critical or remote code vulnerabilities, and we are not aware of active exploitation of any undisclosed F5 vulnerabilities," F5 said in its advisory."
State-sponsored actors maintained long-term access to F5's BIG-IP product development environment and engineering knowledge management systems, allowing exfiltration of files. Stolen materials included portions of BIG-IP source code and information related to undisclosed vulnerabilities that were in the process of remediation. Hackers do not appear to have accessed CRM, financial, support case management, or iHealth systems, and the software supply chain and build/release pipelines appear unmodified. F5 reports no knowledge of undisclosed critical or remote code vulnerabilities or active exploitation and says containment actions have halted new unauthorized activity. Some knowledge-management files contained configuration details for a small percentage of customers who are being contacted. CISA and the UK NCSC urged vigilance and warned the incident could enable static and dynamic analysis to identify logical flaws.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]