For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Apple, VMware, supply chain and breaches - F5 SIRT This Week in Security - Aug 7th-13th 2022

   This Week in Security August 7th to August 13th 2022   Editor's Introduction Aaron here as your editor this week, standing in for Lior while he is out on training. Keeping...
Updated Sep 08, 2022
Version 4.0
security
twis
AaronJB's avatar
Ret. Employee
20+ years in IT as a software developer, network engineer, *nix admin, security engineer and scruffy-looking nerf herder. Current holder of SANS GCIH, GWAPT and GPEN certifications as well as F5-CS and CTS-ASM certifications.
View Profile
AaronJB's avatar
AaronJB
Ret. Employee
Aug 22, 2022

Just to add a couple of things post writing this:

F5 released signatures for the VMware ONE authentication bypass CVE (CVE-2022-31656) - ensure your ASM, Advanced WAF, NGINX App Protect policies have signature 200013050 enabled if you are protecting such a resource.

Secondly, it seems to be confirmed that Clop breached South Staffordshire Water and not Thames Water as was originally reported: https://www.techerati.com/news-hub/ransomware-gang-successfully-hacks-uk-water-supplier/