#CookieEncryption

CISA: Hackers abuse F5 BIG-IP cookies to map network devices

October 11, 2024 by Xynik

October 11, 2024 at 12:30PM CISA warns that unencrypted F5 BIG-IP persistent cookies are being exploited by threat actors to map internal devices, potentially identifying vulnerabilities for cyberattacks. Administrators are advised to enable cookie encryption and consult F5’s guidelines to protect against these security risks, emphasizing the importance of proper configurations. **Meeting Takeaways:** 1. **CISA … Read more

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

October 11, 2024 by Xynik

October 11, 2024 at 05:27AM CISA warns of threat actors exploiting unencrypted persistent cookies in F5 BIG-IP Local Traffic Manager for network reconnaissance. Organizations are advised to encrypt these cookies and use the BIG-IP iHealth diagnostic tool. Meanwhile, joint U.S.-U.K. agencies highlight threats from APT29, a Russian military intelligence group targeting various sectors. **Meeting Takeaways … Read more