Network Security, Vulnerability Management

Over 600K F5 devices at risk of compromise

(Adobe Stock)

Attacks could be launched against over 600,000 internet-exposed F5 BIG-IP network security appliances following the nation-state compromise of the U.S. cybersecurity firm's networks and source code last week, Cybersecurity Dive reports.

Almost 50% of the online F5 devices were in the U.S., according to an analysis from Palo Alto Networks Unit 42 researchers.

"The potential impact of this compromise is unique due to the theft of confidential information regarding previously undisclosed vulnerabilities that F5 was actively in the process of patching," said researchers, who noted accelerated exploit creation due to the lack of fixes for likely abused vulnerabilities.

F5 had noted the successful ejection of threat actors from its network while refuting source code and software production process hacking claims. Such nation-state targeting of edge devices has not come as a surprise for Trellix Vice President of Threat Intelligence Strategy John Fokker.

"Incidents like these remind us that strengthening collective resilience requires not only hardened technology but also open collaboration and intelligence sharing across the security community," said Fokker.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds