AWS plans to open infrastructure region in the UEA

Amazon Web Services announced that it plans to open an infrastructure region in the United Arab Emirates (UAE) in the first half of 2022. The new AWS Middle East (UAE) Region will consist of three Availability Zones and become AWS’s second region in th… Continue reading AWS plans to open infrastructure region in the UEA

Is it OK to publish PoC exploits for vulnerabilities and patches?

In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof of concepts for vulnerabilities and associated patches. Hafnium hackers were … Continue reading Is it OK to publish PoC exploits for vulnerabilities and patches?

F5 enhances its application security portfolio to help protect customers against fraud and evolving threats

F5 announced enhancements to its application security portfolio. The new solutions highlight F5’s progressive approach to application security, enabling customers to deliver safe, frictionless, and modern digital experiences as consumers increasingly r… Continue reading F5 enhances its application security portfolio to help protect customers against fraud and evolving threats

F5 appoints two senior executives to boost business transformation and cybersecurity

F5 announced the appointment of two senior executives as the company bolsters its focus on customer success, business transformation, and cybersecurity. Yvette Smith joins the company today as Senior Vice President of Customer Success and Business Tran… Continue reading F5 appoints two senior executives to boost business transformation and cybersecurity

Hackers are exploiting new F5 bug in the wild

That didn’t take long. Just days after enterprise IT provider F5 Networks disclosed critical vulnerabilities in its software, researchers say hackers have exploited one of the bugs in attempted intrusions. “Starting this week and especially in the last 24 hours … we have observed multiple exploitation attempts against our honeypot infrastructure,” researchers from security firm wrote in a blog post Thursday. The situation escalated over the weekend, with proof-of-concept exploits posted to Twitter that make it easier to take advantage of the bug. Government agencies and big corporations alike use the F5 software, known as BIG-IP, to manage data on their networks. The vulnerability documented by NCC Group could allow an attacker to execute code remotely on a system and delete data. It is one of a slew of BIG-IP flaws that F5 revealed on March 10. Security fixes are available. It was unclear whether the exploitation NCC Group observed went […]

The post Hackers are exploiting new F5 bug in the wild appeared first on CyberScoop.

Continue reading Hackers are exploiting new F5 bug in the wild

Entrust and SYNNEX offer Entrust nShield HSMs and cybersececurity solutions across the US and Canada

Entrust announced a master distributor agreement with SYNNEX to offer its comprehensive range of Entrust nShield hardware security modules (HSMs) and cybersecurity solutions to customers across the United States and Canada. This North America distribut… Continue reading Entrust and SYNNEX offer Entrust nShield HSMs and cybersececurity solutions across the US and Canada

F5 releases patches for nearly two dozen vulnerabilities, some critical

F5 Networks, a leading provider of enterprise networking equipment, disclosed four critical vulnerabilities and 17 others on Wednesday as the recent parade of major flaws needing patches marches ahead. Three of the vulnerabilities would allow hackers to remotely execute code on target networks. It’s the second time in in two years that F5 has disclosed such a flaw. In 2020, both Cyber Command and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued warnings about the earlier reported vulnerabilities. F5 joins Microsoft, SolarWinds and Accellion on the list of companies that have needed to release major patches in recent months. In the case of F5 so far, “We are not aware of any active exploits for these vulnerabilities,” spokesperson Rob Gruening said. The flaws affect both the F5 BIG-IP local traffic manager and BIG-IQ centralized management software. The company announced fixes for all of the vulnerabilities. Despite the […]

The post F5 releases patches for nearly two dozen vulnerabilities, some critical appeared first on CyberScoop.

Continue reading F5 releases patches for nearly two dozen vulnerabilities, some critical

Rapid digital transformation makes an application strategy a business imperative

Companies have significantly sped up their digital transformation efforts in the past year, a theme anticipated to persist beyond the pandemic, according to F5. With limited in-person interactions, applications have become synonymous with an organizati… Continue reading Rapid digital transformation makes an application strategy a business imperative

Credential spill incidents nearly doubled since 2016

The number of annual credential spill incidents nearly doubled from 2016 to 2020, according to F5 research. There was a 46% downturn in the number of spilled credentials during the same period. The average spill size also declined, falling from 63 mill… Continue reading Credential spill incidents nearly doubled since 2016