NCC Group providing ongoing threat intelligence on F5 Networks vulnerability
Our Research Intelligence Fusion Team (RIFT) is continually monitoring attempts to exploit the F5 Networks BIG-IP vulnerability. Keep up to date with the latest developments over at our Research Blog here.
Last week, a new vulnerability which could allow remote compromise of F5 Networks BIG-IP networking devices was disclosed.
The vulnerability was given a severity score of 10, which is the maximum on the CVSS (Common Vulnerability Scoring System) severity scale, meaning that it is easy to automate, can be used over the internet, and doesn't require valid credentials or advanced coding skills to take advantage of.
BIG-IP devices are popular networking devices which underpin many large and sensitive networks. These include government and military networks, internet service providers, cloud computing data centres and enterprise networks.
In the days following the initial disclosure, NCC Group’s Research Intelligence Fusion Team (RIFT) has closely monitored the vulnerability – setting up a honeypot to learn more about the behavior of threat actors.
Within a day of setting up the honeypot, the RIFT observed the first active exploitation and has continued to receive insight into further exploits carried out.
Commenting on this, Ollie Whitehouse, global CTO at NCC Group said: “F5 Networks deserves praise for disclosing the vulnerability and supporting their customers, but we estimate that between 4,500 and 5,000 organisations could still be at risk of exploitation as of Monday.
“We are continually monitoring and flagging any new and novel attempts to exploit this vulnerability through our honeypot and other intelligence activities, and we'd encourage any organisation to act now if they think they have been compromised.
"What this shows is the time between patching and exploitation is getting ever shorter. This requires organisations to have agility in order to be able to manage cyber risk in 2020."
About NCC Group
NCC Group exists to make the world safer and more secure.
As global experts in cyber security and risk mitigation, NCC Group is trusted by over 15,000 clients worldwide to protect their most critical assets from the ever-changing threat landscape.
With the company’s knowledge, experience and global footprint, it is best placed to help businesses identify, assess, mitigate and respond to the evolving cyber risks they face.
To support its mission, NCC Group continually invests in research and innovation, and is passionate about developing the next generation of cyber scientists.
With over 1,800 colleagues in 12 countries, NCC Group has a significant market presence in North America, continental Europe and the UK, and a rapidly growing footprint in Asia Pacific with offices in Australia and Singapore.