Skip to content
Shutterstock: Royalty-free stock vector ID: 558060373
Shutterstock: Royalty-free stock vector ID: 558060373

News -

NCC Group providing ongoing threat intelligence on F5 Networks vulnerability

Our Research Intelligence Fusion Team (RIFT) is continually monitoring attempts to exploit the F5 Networks BIG-IP vulnerability. Keep up to date with the latest developments over at our Research Blog here.

Last week, a new vulnerability which could allow remote compromise of F5 Networks BIG-IP networking devices was disclosed.

The vulnerability was given a severity score of 10, which is the maximum on the CVSS (Common Vulnerability Scoring System) severity scale, meaning that it is easy to automate, can be used over the internet, and doesn't require valid credentials or advanced coding skills to take advantage of.

BIG-IP devices are popular networking devices which underpin many large and sensitive networks. These include government and military networks, internet service providers, cloud computing data centres and enterprise networks.

In the days following the initial disclosure, NCC Group’s Research Intelligence Fusion Team (RIFT) has closely monitored the vulnerability – setting up a honeypot to learn more about the behavior of threat actors.

Within a day of setting up the honeypot, the RIFT observed the first active exploitation and has continued to receive insight into further exploits carried out.

Commenting on this, Ollie Whitehouse, global CTO at NCC Group said: “F5 Networks deserves praise for disclosing the vulnerability and supporting their customers, but we estimate that between 4,500 and 5,000 organisations could still be at risk of exploitation as of Monday.

“We are continually monitoring and flagging any new and novel attempts to exploit this vulnerability through our honeypot and other intelligence activities, and we'd encourage any organisation to act now if they think they have been compromised.

"What this shows is the time between patching and exploitation is getting ever shorter. This requires organisations to have agility in order to be able to manage cyber risk in 2020."

Keep up to date with the latest developments here. You can also take a look at our analysis into the root cause of the vulnerability here.


Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405

Related content

Related events

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom