Wednesday , October 16 2024
alert

CISA WARNS
CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

infosecbulletin 4 days ago Alert

CISA has issued a warning about a vulnerability in unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM) module. This issue poses a risk for organizations using F5 BIG-IP, as it can be exploited by cybercriminals.

CISA warns that cybercriminals are using unencrypted persistent cookies to discover details about non-internet- facing devices on networks. This information can help them find and exploit vulnerabilities in other systems, increasing risks for organizations as attackers can gain broader access across the network.

Shadowserver's data
87000+ Fortinet devices still open to attack?

By infosecbulletin / Tuesday , October 15 2024
On Sunday, the Shadowserver Foundation revealed that over 87,000 internet-facing Fortinet devices may still be at risk due to (CVE-2024-23113)...
Read More
Shadowserver's data 87000+ Fortinet devices still open to attack?

Gmail Scam Alert
Billions of Gmail users at risk from sophisticated new AI hack

By infosecbulletin / Monday , October 14 2024
A new sophisticated scam is targeting Gmail users, using artificial intelligence to manipulate them into giving away account access. This...
Read More
Gmail Scam Alert Billions of Gmail users at risk from sophisticated new AI hack

RansomHub Targets Bangladeshi Confidence Group

By infosecbulletin / Monday , October 14 2024
RansomHub targets Bangladeshi Confidence group of companies limited. The rapidly growing RansomHub ransomware group set time to release the data....
Read More
RansomHub Targets Bangladeshi Confidence Group

Hackers using ChatGPT create malware, OpenAI confirm

By infosecbulletin / Sunday , October 13 2024
OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection,...
Read More
Hackers using ChatGPT create malware, OpenAI confirm

TrackMan exposes nearly 32 Million Records

By infosecbulletin / Saturday , October 12 2024
Nearly 32 million records and about 110 TB of data from Trackman users were left exposed online. This database included...
Read More
TrackMan exposes nearly 32 Million Records

CISA WARNS
CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

By infosecbulletin / Friday , October 11 2024
CISA has issued a warning about a vulnerability in unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM)...
Read More
CISA WARNS CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

CVE-2024-9164: GitLab Users Urged to Update Now

By infosecbulletin / Friday , October 11 2024
GitLab, a premier platform for DevOps and continuous integration/continuous delivery has rolled out essential security updates in versions 17.4.2, 17.3.5...
Read More
CVE-2024-9164: GitLab Users Urged to Update Now

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Patches

By infosecbulletin / Thursday , October 10 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its...
Read More
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Patches

Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

By infosecbulletin / Thursday , October 10 2024
Palo Alto Networks released a security advisory (PAN-SA-2024-0010) about several high-severity vulnerabilities in its Expedition migration tool, with CVSS scores...
Read More
Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

By infosecbulletin / Wednesday , October 9 2024
In its recent Patch Tuesday release, Microsoft fixed 118 vulnerabilities, including five zero-day flaws, two of which are currently being...
Read More
Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

The F5 BIG-IP LTM module uses persistent cookies for session continuity but can be vulnerable if these cookies are unencrypted. Attackers can exploit this to gather network information. F5 states that enabling cookie encryption uses a 192-bit AES cipher followed by Base64 encoding, which is crucial for protecting cookies from unauthorized access.

Without encryption, these cookies allow attackers to access the internal network structure, revealing details about other devices and their setups. This information can help them exploit vulnerabilities in the network.

CISA recommends that organizations using F5 BIG-IP devices encrypt their persistent cookies to mitigate risks. They also advise reviewing F5’s guidelines for properly configuring the BIG-IP LTM system for encrypted HTTP cookies. Additionally, F5 offers iHealth, a tool that alerts users when cookie encryption is disabled.

F5 BIG-IP solutions are widely used in various industries, including finance and healthcare. The vulnerability of unencrypted cookies poses risks like session hijacking and allows attackers to explore the network. Encrypting these persistent cookies can help organizations lessen their attack surface and safeguard their internal network from cyber threats.

Check Also

First Half Of 2024 Report
Bangladeshi 32.4% government websites face cyber attack: NAS report

National Attack Surface (NAS) report for the first half of 2024 reveals that 56.6% of …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin