That didn’t take long.
Just days after enterprise IT provider F5 Networks disclosed critical vulnerabilities in its software, researchers say hackers have exploited one of the bugs in attempted intrusions.
“Starting this week and especially in the last 24 hours … we have observed multiple exploitation attempts against our honeypot infrastructure,” researchers from security firm wrote in a blog post Thursday. The situation escalated over the weekend, with proof-of-concept exploits posted to Twitter that make it easier to take advantage of the bug.
Government agencies and big corporations alike use the F5 software, known as BIG-IP, to manage data on their networks. The vulnerability documented by NCC Group could allow an attacker to execute code remotely on a system and delete data. It is one of a slew of BIG-IP flaws that F5 revealed on March 10. Security fixes are available.
It was unclear whether the exploitation NCC Group observed went beyond the simulated “honeypot” networks erected by the firm to include intrusion attempts at other organizations. Nor was it clear who was exploiting the flaw (NCC did not immediately respond to a request for comment). But the F5 vulnerabilities amount to another crucial security issue for organizations already dealing with the widespread exploitation of bugs in Microsoft Exchange Server.
“We are aware of attacks targeting recent vulnerabilities published by F5,” Rob Gruening, a spokesman for F5, said in an email Monday. “As with all critical vulnerabilities, we advise customers update their systems as soon as possible.”
This is not the first time that F5’s BIG-IP software has been at the center of high-profile hacking attempts. The Department of Homeland Security’s cybersecurity agency said last July that it had responded to two hacking incidents at U.S. government and private-sector organizations that exploited a flaw in the software.
– Read More – CyberScoop