Saturday , March 1 2025
alert

CISA WARNS
CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

infosecbulletin Friday , October 11 2024 Alert

CISA has issued a warning about a vulnerability in unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM) module. This issue poses a risk for organizations using F5 BIG-IP, as it can be exploited by cybercriminals.

CISA warns that cybercriminals are using unencrypted persistent cookies to discover details about non-internet- facing devices on networks. This information can help them find and exploit vulnerabilities in other systems, increasing risks for organizations as attackers can gain broader access across the network.

Microsoft Uncovers Hackers Selling Illegal Azure AI Access

By infosecbulletin / Saturday , March 1 2025
Microsoft has filed an amended complaint in recent civil litigation, naming the main developers of malicious tools that bypass the...
Read More
Microsoft Uncovers Hackers Selling Illegal Azure AI Access

By 2025, India’s First Semiconductor Chip to be ready

By infosecbulletin / Friday , February 28 2025
At the Global Investors Summit 2025, Union Minister Ashwini Vaishnaw announced that India’s first indigenous semiconductor chip will be ready...
Read More
By 2025, India’s First Semiconductor Chip to be ready

CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

By infosecbulletin / Thursday , February 27 2025
Cisco has warned of a critical vulnerability, CVE-2025-20111, in several Nexus switch models. This flaw could let attackers remotely crash...
Read More
CVE-2025-20111 Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

CVE-2025-0475 & CVE-2025-0555
GitLab’s High-Risk Flaw, Patch Now Urgently!

By infosecbulletin / Thursday , February 27 2025
GitLab has released a security advisory, urging all self-managed installations to upgrade to versions 17.9.1, 17.8.4, or 17.7.6 due to...
Read More
CVE-2025-0475 & CVE-2025-0555 GitLab’s High-Risk Flaw, Patch Now Urgently!

Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

By infosecbulletin / Thursday , February 27 2025
A China-linked botnet is targeting Microsoft 365 accounts with widespread password spraying attacks, according to a report by SecurityScorecard. A...
Read More
Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

By infosecbulletin / Wednesday , February 26 2025
A breach notification site has added millions of new passwords and email addresses obtained from infostealer malware. Troy Hunt, founder of...
Read More
HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers

Hackers Exploits RCE flaw in Cisco Small Business Router

By infosecbulletin / Wednesday , February 26 2025
Cybersecurity researchers have discovered a campaign exploiting a remote command execution vulnerability, CVE-2023-20118, in Cisco Small Business Routers. This vulnerability...
Read More
Hackers Exploits RCE flaw in Cisco Small Business Router

CISA Alerts For Active Exploited Zimbra and Microsoft flaw

By infosecbulletin / Wednesday , February 26 2025
CISA has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog, urging organizations to quickly patch their systems to...
Read More
CISA Alerts For Active Exploited Zimbra and Microsoft flaw

200 Fake GitHub Repos Attacking Developers to Deliver Malware

By infosecbulletin / Tuesday , February 25 2025
A new cyber campaign called GitVenom poses a serious risk to developers. Security researchers found over 200 fake GitHub repositories...
Read More
200 Fake GitHub Repos Attacking Developers to Deliver Malware

Renew Dubai visa within minutes with AI-powered Salama

By infosecbulletin / Tuesday , February 25 2025
Residents of Dubai can now easily renew their visas with the new AI-powered digital platform launched by the General Directorate...
Read More
Renew Dubai visa within minutes with AI-powered Salama

The F5 BIG-IP LTM module uses persistent cookies for session continuity but can be vulnerable if these cookies are unencrypted. Attackers can exploit this to gather network information. F5 states that enabling cookie encryption uses a 192-bit AES cipher followed by Base64 encoding, which is crucial for protecting cookies from unauthorized access.

Without encryption, these cookies allow attackers to access the internal network structure, revealing details about other devices and their setups. This information can help them exploit vulnerabilities in the network.

CISA recommends that organizations using F5 BIG-IP devices encrypt their persistent cookies to mitigate risks. They also advise reviewing F5’s guidelines for properly configuring the BIG-IP LTM system for encrypted HTTP cookies. Additionally, F5 offers iHealth, a tool that alerts users when cookie encryption is disabled.

F5 BIG-IP solutions are widely used in various industries, including finance and healthcare. The vulnerability of unencrypted cookies poses risks like session hijacking and allows attackers to explore the network. Encrypting these persistent cookies can help organizations lessen their attack surface and safeguard their internal network from cyber threats.

Check Also

Nexus

Hackers Exploits RCE flaw in Cisco Small Business Router

Cybersecurity researchers have discovered a campaign exploiting a remote command execution vulnerability, CVE-2023-20118, in Cisco …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin