TWIS

145 Topics

Wiz, Heathrow, Vibe Coding and 23andMe

Kyle_Fox
Mar 31, 2025 Place Security Insights
244Views
4likes
1Comment
AppSec, Camels, Typhoons, and Backdoors
Welcome back to the F5 SIRT's weekly roundup of whatever news caught the editor's eye, and whatever else we feel like covering. It's our soapbox, and we're going to use it! This week MegaZone is once against at the keyboard, and we'll be covering news for the week of March 2-8, 2025.
MegaZone
Mar 21, 2025 Place Security Insights
168Views
2likes
1Comment
Phishing, Malware and Spyware Campaign, BRUTED Tool & CISA’s List Of Exploited Vulnerabilities

Dharminder
Mar 19, 2025 Place Security Insights
158Views
2likes
0Comments
A Very Chinese New Year
Happy New Year everyone! It's a new year, with new news, and the same old(er) MegaZone. This time we're looking at the news that I found worthy from the week of January 5-11, 2025. (Have you gotten used to typing 2025 yet?) I found it to be a fairly slow news week, and not much really grabbed my attention enough that I felt it was worth commenting on. That's not too unusual for the start of a new year, as there is often a bit of a post-holiday lull. Not that there was no news at all, it is never truly quiet in cybersecurity, just that most of it was run-of-the-mill stuff, IMHO. Oh, and as for the title of this 'issue', I know the Lunar New Year (aka Chinese New Year) isn't until January 29th, but I couldn't pass up the play on words given the topic below. And with that, let's dive in.
MegaZone
Mar 11, 2025 Place Security Insights
231Views
2likes
0Comments
AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more
Welcome to this week’s notable security news (Feb 24–Mar 2, 2025), brought to you by Jordan_Zebor from F5 SIRT. Although our main focus is usually on emerging threats and protective measures, I recently attended F5 AppWorld 2025 in person and found it invaluable for understanding what’s next in secure application delivery. For those who aren’t familiar, F5 AppWorld is an in-person conference packed with sessions, hands-on labs, and networking opportunities—an ideal forum for discussing real-world challenges in securing and optimizing applications. F5 AppWorld was especially exciting this year, with one major announcement immediately standing out: ADC 3.0—the industry’s first converged platform for application delivery and security in hybrid multicloud infrastructures. At its core, ADC 3.0 features the F5 AI Gateway, which mitigates threats like sensitive information disclosure and prompt injection, directly addressing the OWASP LLM Top 10 vulnerabilities. From our F5 SIRT perspective, this integrated traffic management and AI-specific threat protection is a big step forward in stopping sophisticated attacks before they reach critical assets. Another key development was the new AI assistant for F5 NGINX One. Powered by a large language model trained specifically for NGINX, it offers real-time, context-aware guidance for DevOps, SecOps, NetOps, and Platform Ops teams. By reducing manual troubleshooting and configuration time, it promises noticeable improvements in both performance and security operations. F5’s expanded VELOS hardware—including the CX1610 6-Tbps chassis and BX520 400-Gbps blade—also drew significant attention. With the ability to handle 224 million Layer 7 requests per second, VELOS provides robust defenses against large-scale DDoS attacks and other disruptive threats. In an era of escalating assaults, its high throughput and low latency are invaluable for maintaining availability. Outside of these technical highlights, astronaut Scott Kelly’s keynote was a memorable conference moment. He offered both humor and insight on resilience and learning from failure, showing how teams can excel under pressure. Overall, F5 AppWorld underscored the importance of having direct conversations about strong security practices and real-world application needs. Hearing customers’ challenges firsthand inspires us at F5 SIRT to continuously refine our countermeasures and strategies. For anyone looking to stay ahead of the evolving threat landscape, the innovations unveiled at AppWorld provide a glimpse into what’s possible. If you’d like to learn more, visit F5’s website or contact us directly to explore how these solutions might improve your security posture.
Jordan_Zebor
Mar 06, 2025 Place Security Insights
161Views
3likes
0Comments
U.S. Government cuts, Majorana 1 Chip, CVEs for Mongoose and OpenSSH
Notable news for the week of February 17th through February 24th. Your editor this week is Chris from the F5 Security Incident Response Team. For this edition, we discuss U.S. government cuts to cyber security and consumer protections; Microsoft’s advancement in the field of quantum computing, and new flaws found in both MongoDB as well as OpenSSH. Cuts to Cyber and Consumer Protections With the new administration in the US, there have been a large amount of job cuts throughout the federal government. This also includes at least 130 employees being fired from the Cybersecurity and Infrastructure Security Agency (CISA). These cuts are reported to include staff dedicated to election security, fighting misinformation, and foreign influence operations. Along with the cuts, the Department of Government Efficiency (DOGE) arrived at CISA and were given access to the agency’s email and files. DOGE has been gaining access to many sensitive federal agencies that contain a large amount of personal and financial information on Americans. These agencies include the Social Security Administration (SSA), the Department of Homeland Security, the Office of Personnel Management (OPM), and the Treasury Department. DOGE has also been trying to gain access to the systems of the Internal Revenue Service (IRS). From a security standpoint, this is extremely alarming because it appears to be bypassing many security safeguards and measures. This sentiment is reported by many security experts. Another aspect that does not inspire confidence is that the doge.gov website administrators had left their database wide open, allowing someone to publish messages making fun of the insecurity that the site has. On the aspect of consumer protection, the Consumer Financial Protection Bureau (CFPB) was ordered to stop most work. The CFPB was created in 2011 to protect consumers from financial institutions that violate consumer protection laws. The newly appointed CFPB director, Russell Vought, has publicly favored abolishing the agency which is alarming since it would remove some of the regulations that exist. https://krebsonsecurity.com/2025/02/trump-2-0-brings-cuts-to-cyber-consumer-protections/ Microsoft's Majorana 1 Chip Microsoft has announced the world's first quantum processor that uses topological qubits. They have named this the Majorana 1. They have designed this to scale to a million qubits on a single chip. Typical qubits are highly sensitive to noise in the environment. This can cause them to lose their quantum state introducing errors. This is known as decoherence. To counter this there needs to be many more qubits added for error correction which means a lot more room needed for just one qubit to work. Topological qubits work by encoding information in the topology of the physical system which in theory, makes each qubit more fault tolerant. Essentially, this means few are needed in the long run to produce a quantum computer. This is a huge achievement but along with it comes the security concerns. The main concern being the ability to do quantum decryption. This technology brings the reality of a fault tolerant protype to years instead of decades. Many believe this will be within 5 to 10 years. https://www.securityweek.com/what-microsofts-majorana-1-chip-means-for-quantum-decryption/ Critical MongoDB Library Flaws Two critical vulnerabilities in a third-party library that MongoDB relies on was found which can lead to stolen data or code to be ran. Mongoose is an Object Data Modeling (ODM) library used by MongoDB to enable database integrations in Node.js applications. Researchers at OPSWAT revealed two critical security flaws that threaten the integrity of data stored in MongoDB as well as opening it up to theft, manipulation, or destruction. This first CVE is CVE-2024-53900 which is given a CVSS score of 9.1. This is an SQL injection bug which allows a specially crafted query to bypass MongoDB's server-side JavaScript restrictions potentially leading to a remote code execution (RCE). This was reported in November and patched in version 8.8.3. The second CVE is CVE-2025-23061 with a CVSS score of 9.0. This was found by the same researcher and is actually a bypass in the patched version that still allowed for RCE. This was addressed in version 8.9.5. https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ New OpenSSH Flaws Two new security vulnerabilities have been found in the OpenSSH suite which could result in an active Machine-in-the-Middle (MitM) or a Denial-of-Service (DoS) attack under specific conditions. The first is CVE-2025-26465 with a CVSS score of 6.8. The OpenSSH client contains a logic error between versions 6.8p1 to 9.9p1 (inclusive) that makes it vulnerable to a MitM attack if the VerifyHostKeyDNS option is enabled. The second is CVE-2025-26466 with a CVSS score of 5.9. The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption. A successful exploitation of the first one could permit malicious actors to compromise and hijack SSH sessions and possibly gain access to sensitive data. The VerifyHostKeyDNS is disabled by default. Exploitation of the second CVE can result in availability issues as indicated by labeling as a DoS vulnerability. Both of these CVEs have been addressed in version 9.9p2 of OpenSSH which was released on February 18th. https://thehackernews.com/2025/02/new-openssh-flaws-enable-man-in-middle.html
Christopher_Pa1
Mar 04, 2025 Place Security Insights
412Views
2likes
1Comment
Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS
In this article, we discuss security news in Feb 9-15, the topics are: Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS
Koichi
Feb 19, 2025 Place Security Insights
139Views
1like
0Comments
Agentic AI with Social Engineering, JavaScript Stealer and the Silent Lynx
The cybersecurity landscape is evolving rapidly, with organizations facing increasingly sophisticated threats and vulnerabilities across various attack surfaces. Critical security flaws, like the recently patched Cisco ISE vulnerabilities, highlight the risks posed by privilege escalation and remote code execution exploits. Meanwhile, advanced threat actors such as Silent Lynx are employing multi-stage cyberattacks using PowerShell, Golang, and C++ loaders to infiltrate government entities and financial institutions, demonstrating a growing emphasis on espionage. At the same time, cybercriminals are leveraging AI to automate phishing, malware development, and large-scale fraud, putting additional pressure on Security Operations Center (SOC) analysts who are already overwhelmed by alert fatigue and manual processes. To counter these challenges, organizations are increasingly adopting AI-driven security solutions to enhance efficiency, automate threat detection, and strengthen their overall cyber resilience. The arms race between attackers and defenders continues, making proactive security strategies more critical than ever.
Lior_Rotkovitch
Feb 11, 2025 Place Security Insights
133Views
2likes
0Comments
Copilot’s Weakness, DeepSeek Data exposed, Backdoor in Contec CMS8000 & Apple's Zero-Day
Notable security news for the week of Jan 26th-1st Feb 2025, brought to you by the F5 Security Incident Response Team. This week your editor is Dharminder. In this edition, I have security news about weakness in GitHub’s Copilot - where a simple word “sure” can drastically change its response and much more, Wiz Research discovered DeepSeek’s database, accessible without authentication, contained over a million log entries, including chat history, API keys, backend details, and operational metadata, FDA’s warning on backdoor and some other vulnerabilities discovered in Contact CMS8000 patient monitor and Fix of Zero-Day vulnerability in Apple OS exploited in wild is released.
Dharminder
Feb 04, 2025 Place Security Insights
345Views
3likes
0Comments
Subaru, Mastercard, TikTok and Roundup

Kyle_Fox
Jan 28, 2025 Place Security Insights
261Views
3likes
0Comments

"}},"componentScriptGroups({\"componentId\":\"custom.widget.Beta_MetaNav\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"component({\"componentId\":\"custom.widget.Beta_Footer\"})":{"__typename":"Component","render({\"context\":{\"component\":{\"entities\":[],\"props\":{}},\"page\":{\"entities\":[],\"name\":\"TagPage\",\"props\":{},\"url\":\"https://community.f5.com/tag/TWIS\"}}})":{"__typename":"ComponentRenderResult","html":"

Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information

"}},"componentScriptGroups({\"componentId\":\"custom.widget.Beta_Footer\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"component({\"componentId\":\"custom.widget.Tag_Manager_Helper\"})":{"__typename":"Component","render({\"context\":{\"component\":{\"entities\":[],\"props\":{}},\"page\":{\"entities\":[],\"name\":\"TagPage\",\"props\":{},\"url\":\"https://community.f5.com/tag/TWIS\"}}})":{"__typename":"ComponentRenderResult","html":" "}},"componentScriptGroups({\"componentId\":\"custom.widget.Tag_Manager_Helper\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"component({\"componentId\":\"custom.widget.Consent_Blackbar\"})":{"__typename":"Component","render({\"context\":{\"component\":{\"entities\":[],\"props\":{}},\"page\":{\"entities\":[],\"name\":\"TagPage\",\"props\":{},\"url\":\"https://community.f5.com/tag/TWIS\"}}})":{"__typename":"ComponentRenderResult","html":"

"}},"componentScriptGroups({\"componentId\":\"custom.widget.Consent_Blackbar\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/community/NavbarDropdownToggle\"]})":[{"__ref":"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/OverflowNav\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageView/MessageViewInline\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/Pager/PagerLoadMore\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/customComponent/CustomComponent\"]})":[{"__ref":"CachedAsset:text:en_US-components/customComponent/CustomComponent-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/users/UserLink\"]})":[{"__ref":"CachedAsset:text:en_US-components/users/UserLink-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSubject\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSubject-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageTime\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageTime-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/nodes/NodeIcon\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageUnreadCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageViewCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageViewCount-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/kudos/KudosCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/kudos/KudosCount-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageRepliesCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageBody\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageBody-1743097587932"}],"cachedText({\"lastModified\":\"1743097587932\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserAvatar\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1743097587932"}]},"CachedAsset:pages-1742464138537":{"__typename":"CachedAsset","id":"pages-1742464138537","value":[{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetInvolved.MvpProgram","type":"COMMUNITY","urlPath":"/c/how-do-i/get-involved/mvp-program","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogViewAllPostsPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId/all-posts/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CasePortalPage","type":"CASE_PORTAL","urlPath":"/caseportal","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CreateGroupHubPage","type":"GROUP_HUB","urlPath":"/groups/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CaseViewPage","type":"CASE_DETAILS","urlPath":"/case/:caseId/:caseNumber","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"InboxPage","type":"COMMUNITY","urlPath":"/inbox","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetInvolved.AdvocacyProgram","type":"COMMUNITY","urlPath":"/c/how-do-i/get-involved/advocacy-program","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp.NonCustomer","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help/non-customer","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HelpFAQPage","type":"COMMUNITY","urlPath":"/help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp.F5Customer","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help/f5-customer","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaMessagePage","type":"IDEA_POST","urlPath":"/idea/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaViewAllIdeasPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/all-ideas/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"LoginPage","type":"USER","urlPath":"/signin","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogPostPage","type":"BLOG","urlPath":"/category/:categoryId/blogs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetInvolved","type":"COMMUNITY","urlPath":"/c/how-do-i/get-involved","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.Learn","type":"COMMUNITY","urlPath":"/c/how-do-i/learn","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1739501996000,"localOverride":null,"page":{"id":"Test","type":"CUSTOM","urlPath":"/custom-test-2","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ThemeEditorPage","type":"COMMUNITY","urlPath":"/designer/themes","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbViewAllArticlesPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId/all-articles/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"OccasionEditPage","type":"EVENT","urlPath":"/event/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"OAuthAuthorizationAllowPage","type":"USER","urlPath":"/auth/authorize/allow","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"PageEditorPage","type":"COMMUNITY","urlPath":"/designer/pages","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"PostPage","type":"COMMUNITY","urlPath":"/category/:categoryId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumBoardPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbBoardPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"EventPostPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"UserBadgesPage","type":"COMMUNITY","urlPath":"/users/:login/:userId/badges","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"GroupHubMembershipAction","type":"GROUP_HUB","urlPath":"/membership/join/:nodeId/:membershipType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"MaintenancePage","type":"COMMUNITY","urlPath":"/maintenance","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaReplyPage","type":"IDEA_REPLY","urlPath":"/idea/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"UserSettingsPage","type":"USER","urlPath":"/mysettings/:userSettingsTab","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"GroupHubsPage","type":"GROUP_HUB","urlPath":"/groups","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumPostPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"OccasionRsvpActionPage","type":"OCCASION","urlPath":"/event/:boardId/:messageSubject/:messageId/rsvp/:responseType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"VerifyUserEmailPage","type":"USER","urlPath":"/verifyemail/:userId/:verifyEmailToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"AllOccasionsPage","type":"OCCASION","urlPath":"/category/:categoryId/events/:boardId/all-events/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"EventBoardPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbReplyPage","type":"TKB_REPLY","urlPath":"/kb/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaBoardPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CommunityGuideLinesPage","type":"COMMUNITY","urlPath":"/communityguidelines","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CaseCreatePage","type":"SALESFORCE_CASE_CREATION","urlPath":"/caseportal/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbEditPage","type":"TKB","urlPath":"/kb/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForgotPasswordPage","type":"USER","urlPath":"/forgotpassword","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaEditPage","type":"IDEA","urlPath":"/idea/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TagPage","type":"COMMUNITY","urlPath":"/tag/:tagName","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogBoardPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"OccasionMessagePage","type":"OCCASION_TOPIC","urlPath":"/event/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ManageContentPage","type":"COMMUNITY","urlPath":"/managecontent","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ClosedMembershipNodeNonMembersPage","type":"GROUP_HUB","urlPath":"/closedgroup/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp.Community","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help/community","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CommunityPage","type":"COMMUNITY","urlPath":"/","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetInvolved.ContributeCode","type":"COMMUNITY","urlPath":"/c/how-do-i/get-involved/contribute-code","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumMessagePage","type":"FORUM_TOPIC","urlPath":"/discussions/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"IdeaPostPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogMessagePage","type":"BLOG_ARTICLE","urlPath":"/blog/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"RegistrationPage","type":"USER","urlPath":"/register","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"EditGroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumEditPage","type":"FORUM","urlPath":"/discussions/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ResetPasswordPage","type":"USER","urlPath":"/resetpassword/:userId/:resetPasswordToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbMessagePage","type":"TKB_ARTICLE","urlPath":"/kb/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.Learn.AboutIrules","type":"COMMUNITY","urlPath":"/c/how-do-i/learn/about-irules","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogEditPage","type":"BLOG","urlPath":"/blog/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp.F5Support","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help/f5-support","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ManageUsersPage","type":"USER","urlPath":"/users/manage/:tab?/:manageUsersTab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumReplyPage","type":"FORUM_REPLY","urlPath":"/discussions/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"PrivacyPolicyPage","type":"COMMUNITY","urlPath":"/privacypolicy","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"NotificationPage","type":"COMMUNITY","urlPath":"/notifications","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"UserPage","type":"USER","urlPath":"/users/:login/:userId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HealthCheckPage","type":"COMMUNITY","urlPath":"/health","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"OccasionReplyPage","type":"OCCASION_REPLY","urlPath":"/event/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ManageMembersPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/manage/:tab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"SearchResultsPage","type":"COMMUNITY","urlPath":"/search","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"BlogReplyPage","type":"BLOG_REPLY","urlPath":"/blog/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"GroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TermsOfServicePage","type":"COMMUNITY","urlPath":"/termsofservice","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI.GetHelp.SecurityIncident","type":"COMMUNITY","urlPath":"/c/how-do-i/get-help/security-incident","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"CategoryPage","type":"CATEGORY","urlPath":"/category/:categoryId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"ForumViewAllTopicsPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/all-topics/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"TkbPostPage","type":"TKB","urlPath":"/category/:categoryId/kbs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"GroupHubPostPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1742464138537,"localOverride":null,"page":{"id":"HowDoI","type":"COMMUNITY","urlPath":"/c/how-do-i","__typename":"PageDescriptor"},"__typename":"PageResource"}],"localOverride":false},"CachedAsset:text:en_US-components/context/AppContext/AppContextProvider-0":{"__typename":"CachedAsset","id":"text:en_US-components/context/AppContext/AppContextProvider-0","value":{"noCommunity":"Cannot find community","noUser":"Cannot find current user","noNode":"Cannot find node with id {nodeId}","noMessage":"Cannot find message with id {messageId}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-0":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-0","value":{"title":"Loading..."},"localOverride":false},"User:user:-1":{"__typename":"User","id":"user:-1","uid":-1,"login":"Former Member","email":"","avatar":null,"rank":null,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":"ANONYMOUS","registrationTime":null,"confirmEmailStatus":false,"registrationAccessLevel":"VIEW","ssoRegistrationFields":[]},"ssoId":null,"profileSettings":{"__typename":"ProfileSettings","dateDisplayStyle":{"__typename":"InheritableStringSettingWithPossibleValues","key":"layout.friendly_dates_enabled","value":"false","localValue":"true","possibleValues":["true","false"]},"dateDisplayFormat":{"__typename":"InheritableStringSetting","key":"layout.format_pattern_date","value":"dd-MMM-yyyy","localValue":"MM-dd-yyyy"},"language":{"__typename":"InheritableStringSettingWithPossibleValues","key":"profile.language","value":"en-US","localValue":null,"possibleValues":["en-US"]}},"deleted":false},"Theme:customTheme1":{"__typename":"Theme","id":"customTheme1"},"CachedAsset:theme:customTheme1-1742464138143":{"__typename":"CachedAsset","id":"theme:customTheme1-1742464138143","value":{"id":"customTheme1","animation":{"fast":"150ms","normal":"250ms","slow":"500ms","slowest":"750ms","function":"cubic-bezier(0.07, 0.91, 0.51, 1)","__typename":"AnimationThemeSettings"},"avatar":{"borderRadius":"50%","collections":["custom"],"__typename":"AvatarThemeSettings"},"basics":{"browserIcon":{"imageAssetName":"JimmyPackets-512-1702592938213.png","imageLastModified":"1702592945815","__typename":"ThemeAsset"},"customerLogo":{"imageAssetName":"f5_logo_fix-1704824537976.svg","imageLastModified":"1704824540697","__typename":"ThemeAsset"},"maximumWidthOfPageContent":"1600px","oneColumnNarrowWidth":"800px","gridGutterWidthMd":"30px","gridGutterWidthXs":"10px","pageWidthStyle":"WIDTH_OF_PAGE_CONTENT","__typename":"BasicsThemeSettings"},"buttons":{"borderRadiusSm":"5px","borderRadius":"5px","borderRadiusLg":"5px","paddingY":"5px","paddingYLg":"7px","paddingYHero":"var(--lia-bs-btn-padding-y-lg)","paddingX":"12px","paddingXLg":"14px","paddingXHero":"42px","fontStyle":"NORMAL","fontWeight":"400","textTransform":"NONE","disabledOpacity":0.5,"primaryTextColor":"var(--lia-bs-white)","primaryTextHoverColor":"var(--lia-bs-white)","primaryTextActiveColor":"var(--lia-bs-white)","primaryBgColor":"var(--lia-bs-primary)","primaryBgHoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.85))","primaryBgActiveColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.7))","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","primaryBorderActive":"1px solid transparent","primaryBorderFocus":"1px solid var(--lia-bs-white)","primaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","secondaryTextColor":"var(--lia-bs-gray-900)","secondaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","secondaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","secondaryBgColor":"var(--lia-bs-gray-400)","secondaryBgHoverColor":"hsl(var(--lia-bs-gray-400-h), var(--lia-bs-gray-400-s), calc(var(--lia-bs-gray-400-l) * 0.96))","secondaryBgActiveColor":"hsl(var(--lia-bs-gray-400-h), var(--lia-bs-gray-400-s), calc(var(--lia-bs-gray-400-l) * 0.92))","secondaryBorder":"1px solid transparent","secondaryBorderHover":"1px solid transparent","secondaryBorderActive":"1px solid transparent","secondaryBorderFocus":"1px solid transparent","secondaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","tertiaryTextColor":"var(--lia-bs-gray-900)","tertiaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","tertiaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","tertiaryBgColor":"transparent","tertiaryBgHoverColor":"transparent","tertiaryBgActiveColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.04)","tertiaryBorder":"1px solid transparent","tertiaryBorderHover":"1px solid hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","tertiaryBorderActive":"1px solid transparent","tertiaryBorderFocus":"1px solid transparent","tertiaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","destructiveTextColor":"var(--lia-bs-danger)","destructiveTextHoverColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.95))","destructiveTextActiveColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.9))","destructiveBgColor":"var(--lia-bs-gray-300)","destructiveBgHoverColor":"hsl(var(--lia-bs-gray-300-h), var(--lia-bs-gray-300-s), calc(var(--lia-bs-gray-300-l) * 0.96))","destructiveBgActiveColor":"hsl(var(--lia-bs-gray-300-h), var(--lia-bs-gray-300-s), calc(var(--lia-bs-gray-300-l) * 0.92))","destructiveBorder":"1px solid transparent","destructiveBorderHover":"1px solid transparent","destructiveBorderActive":"1px solid transparent","destructiveBorderFocus":"1px solid transparent","destructiveBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","__typename":"ButtonsThemeSettings"},"border":{"color":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","mainContent":"NONE","sideContent":"NONE","radiusSm":"3px","radius":"5px","radiusLg":"9px","radius50":"100vw","__typename":"BorderThemeSettings"},"boxShadow":{"xs":"0 0 0 1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08), 0 3px 0 -1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08)","sm":"0 2px 4px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.06)","md":"0 5px 15px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","lg":"0 10px 30px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.15)","__typename":"BoxShadowThemeSettings"},"cards":{"bgColor":"var(--lia-panel-bg-color)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":"var(--lia-box-shadow-xs)","__typename":"CardsThemeSettings"},"chip":{"maxWidth":"300px","height":"30px","__typename":"ChipThemeSettings"},"coreTypes":{"defaultMessageLinkColor":"var(--lia-bs-primary)","defaultMessageLinkDecoration":"none","defaultMessageLinkFontStyle":"NORMAL","defaultMessageLinkFontWeight":"400","defaultMessageFontStyle":"NORMAL","defaultMessageFontWeight":"400","forumColor":"#0C5C8D","forumFontFamily":"var(--lia-bs-font-family-base)","forumFontWeight":"var(--lia-default-message-font-weight)","forumLineHeight":"var(--lia-bs-line-height-base)","forumFontStyle":"var(--lia-default-message-font-style)","forumMessageLinkColor":"var(--lia-default-message-link-color)","forumMessageLinkDecoration":"var(--lia-default-message-link-decoration)","forumMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","forumMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","forumSolvedColor":"#62C026","blogColor":"#730015","blogFontFamily":"var(--lia-bs-font-family-base)","blogFontWeight":"var(--lia-default-message-font-weight)","blogLineHeight":"1.75","blogFontStyle":"var(--lia-default-message-font-style)","blogMessageLinkColor":"var(--lia-default-message-link-color)","blogMessageLinkDecoration":"var(--lia-default-message-link-decoration)","blogMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","blogMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","tkbColor":"#C20025","tkbFontFamily":"var(--lia-bs-font-family-base)","tkbFontWeight":"var(--lia-default-message-font-weight)","tkbLineHeight":"1.75","tkbFontStyle":"var(--lia-default-message-font-style)","tkbMessageLinkColor":"var(--lia-default-message-link-color)","tkbMessageLinkDecoration":"var(--lia-default-message-link-decoration)","tkbMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","tkbMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaColor":"#4099E2","qandaFontFamily":"var(--lia-bs-font-family-base)","qandaFontWeight":"var(--lia-default-message-font-weight)","qandaLineHeight":"var(--lia-bs-line-height-base)","qandaFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkColor":"var(--lia-default-message-link-color)","qandaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","qandaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaSolvedColor":"#3FA023","ideaColor":"#F3704B","ideaFontFamily":"var(--lia-bs-font-family-base)","ideaFontWeight":"var(--lia-default-message-font-weight)","ideaLineHeight":"var(--lia-bs-line-height-base)","ideaFontStyle":"var(--lia-default-message-font-style)","ideaMessageLinkColor":"var(--lia-default-message-link-color)","ideaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","ideaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","ideaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","contestColor":"#FCC845","contestFontFamily":"var(--lia-bs-font-family-base)","contestFontWeight":"var(--lia-default-message-font-weight)","contestLineHeight":"var(--lia-bs-line-height-base)","contestFontStyle":"var(--lia-default-message-link-font-style)","contestMessageLinkColor":"var(--lia-default-message-link-color)","contestMessageLinkDecoration":"var(--lia-default-message-link-decoration)","contestMessageLinkFontStyle":"ITALIC","contestMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","occasionColor":"#EE4B5B","occasionFontFamily":"var(--lia-bs-font-family-base)","occasionFontWeight":"var(--lia-default-message-font-weight)","occasionLineHeight":"var(--lia-bs-line-height-base)","occasionFontStyle":"var(--lia-default-message-font-style)","occasionMessageLinkColor":"var(--lia-default-message-link-color)","occasionMessageLinkDecoration":"var(--lia-default-message-link-decoration)","occasionMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","occasionMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","grouphubColor":"#491B62","categoryColor":"#949494","communityColor":"#FFFFFF","productColor":"#949494","__typename":"CoreTypesThemeSettings"},"colors":{"black":"#000000","white":"#FFFFFF","gray100":"#F7F7F7","gray200":"#F7F7F7","gray300":"#E8E8E8","gray400":"#D9D9D9","gray500":"#CCCCCC","gray600":"#949494","gray700":"#707070","gray800":"#545454","gray900":"#333333","dark":"#545454","light":"#F7F7F7","primary":"#0C5C8D","secondary":"#333333","bodyText":"#222222","bodyBg":"#F5F5F5","info":"#1D9CD3","success":"#62C026","warning":"#FFD651","danger":"#C20025","alertSystem":"#FF6600","textMuted":"#707070","highlight":"#FFFCAD","outline":"var(--lia-bs-primary)","custom":["#C20025","#081B85","#009639","#B3C6D7","#7CC0EB","#F29A36"],"__typename":"ColorsThemeSettings"},"divider":{"size":"3px","marginLeft":"4px","marginRight":"4px","borderRadius":"50%","bgColor":"var(--lia-bs-gray-600)","bgColorActive":"var(--lia-bs-gray-600)","__typename":"DividerThemeSettings"},"dropdown":{"fontSize":"var(--lia-bs-font-size-sm)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius-sm)","dividerBg":"var(--lia-bs-gray-300)","itemPaddingY":"5px","itemPaddingX":"20px","headerColor":"var(--lia-bs-gray-700)","__typename":"DropdownThemeSettings"},"email":{"link":{"color":"#0069D4","hoverColor":"#0061c2","decoration":"none","hoverDecoration":"underline","__typename":"EmailLinkSettings"},"border":{"color":"#e4e4e4","__typename":"EmailBorderSettings"},"buttons":{"borderRadiusLg":"5px","paddingXLg":"16px","paddingYLg":"7px","fontWeight":"700","primaryTextColor":"#ffffff","primaryTextHoverColor":"#ffffff","primaryBgColor":"#0069D4","primaryBgHoverColor":"#005cb8","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","__typename":"EmailButtonsSettings"},"panel":{"borderRadius":"5px","borderColor":"#e4e4e4","__typename":"EmailPanelSettings"},"__typename":"EmailThemeSettings"},"emoji":{"skinToneDefault":"#ffcd43","skinToneLight":"#fae3c5","skinToneMediumLight":"#e2cfa5","skinToneMedium":"#daa478","skinToneMediumDark":"#a78058","skinToneDark":"#5e4d43","__typename":"EmojiThemeSettings"},"heading":{"color":"var(--lia-bs-body-color)","fontFamily":"Inter","fontStyle":"NORMAL","fontWeight":"600","h1FontSize":"30px","h2FontSize":"25px","h3FontSize":"20px","h4FontSize":"18px","h5FontSize":"16px","h6FontSize":"16px","lineHeight":"1.2","subHeaderFontSize":"11px","subHeaderFontWeight":"500","h1LetterSpacing":"normal","h2LetterSpacing":"normal","h3LetterSpacing":"normal","h4LetterSpacing":"normal","h5LetterSpacing":"normal","h6LetterSpacing":"normal","subHeaderLetterSpacing":"2px","h1FontWeight":"var(--lia-bs-headings-font-weight)","h2FontWeight":"var(--lia-bs-headings-font-weight)","h3FontWeight":"var(--lia-bs-headings-font-weight)","h4FontWeight":"var(--lia-bs-headings-font-weight)","h5FontWeight":"var(--lia-bs-headings-font-weight)","h6FontWeight":"var(--lia-bs-headings-font-weight)","__typename":"HeadingThemeSettings"},"icons":{"size10":"10px","size12":"12px","size14":"14px","size16":"16px","size20":"20px","size24":"24px","size30":"30px","size40":"40px","size50":"50px","size60":"60px","size80":"80px","size120":"120px","size160":"160px","__typename":"IconsThemeSettings"},"imagePreview":{"bgColor":"var(--lia-bs-gray-900)","titleColor":"var(--lia-bs-white)","controlColor":"var(--lia-bs-white)","controlBgColor":"var(--lia-bs-gray-800)","__typename":"ImagePreviewThemeSettings"},"input":{"borderColor":"var(--lia-bs-gray-600)","disabledColor":"var(--lia-bs-gray-600)","focusBorderColor":"var(--lia-bs-primary)","labelMarginBottom":"10px","btnFontSize":"var(--lia-bs-font-size-sm)","focusBoxShadow":"0 0 0 3px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","checkLabelMarginBottom":"2px","checkboxBorderRadius":"3px","borderRadiusSm":"var(--lia-bs-border-radius-sm)","borderRadius":"var(--lia-bs-border-radius)","borderRadiusLg":"var(--lia-bs-border-radius-lg)","formTextMarginTop":"4px","textAreaBorderRadius":"var(--lia-bs-border-radius)","activeFillColor":"var(--lia-bs-primary)","__typename":"InputThemeSettings"},"loading":{"dotDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.2)","dotLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.5)","barDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.06)","barLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.4)","__typename":"LoadingThemeSettings"},"link":{"color":"var(--lia-bs-primary)","hoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) - 10%))","decoration":"none","hoverDecoration":"underline","__typename":"LinkThemeSettings"},"listGroup":{"itemPaddingY":"15px","itemPaddingX":"15px","borderColor":"var(--lia-bs-gray-300)","__typename":"ListGroupThemeSettings"},"modal":{"contentTextColor":"var(--lia-bs-body-color)","contentBg":"var(--lia-bs-white)","backgroundBg":"var(--lia-bs-black)","smSize":"440px","mdSize":"760px","lgSize":"1080px","backdropOpacity":0.3,"contentBoxShadowXs":"var(--lia-bs-box-shadow-sm)","contentBoxShadow":"var(--lia-bs-box-shadow)","headerFontWeight":"700","__typename":"ModalThemeSettings"},"navbar":{"position":"FIXED","background":{"attachment":null,"clip":null,"color":"var(--lia-bs-white)","imageAssetName":null,"imageLastModified":"0","origin":null,"position":"CENTER_CENTER","repeat":"NO_REPEAT","size":"COVER","__typename":"BackgroundProps"},"backgroundOpacity":0.8,"paddingTop":"15px","paddingBottom":"15px","borderBottom":"1px solid var(--lia-bs-border-color)","boxShadow":"var(--lia-bs-box-shadow-sm)","brandMarginRight":"30px","brandMarginRightSm":"10px","brandLogoHeight":"30px","linkGap":"10px","linkJustifyContent":"flex-start","linkPaddingY":"5px","linkPaddingX":"10px","linkDropdownPaddingY":"9px","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkColor":"var(--lia-bs-body-color)","linkHoverColor":"var(--lia-bs-primary)","linkFontSize":"var(--lia-bs-font-size-sm)","linkFontStyle":"NORMAL","linkFontWeight":"400","linkTextTransform":"NONE","linkLetterSpacing":"normal","linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkBgColor":"transparent","linkBgHoverColor":"transparent","linkBorder":"none","linkBorderHover":"none","linkBoxShadow":"none","linkBoxShadowHover":"none","linkTextBorderBottom":"none","linkTextBorderBottomHover":"none","dropdownPaddingTop":"10px","dropdownPaddingBottom":"15px","dropdownPaddingX":"10px","dropdownMenuOffset":"2px","dropdownDividerMarginTop":"10px","dropdownDividerMarginBottom":"10px","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","controllerIconColor":"var(--lia-bs-body-color)","controllerIconHoverColor":"var(--lia-bs-body-color)","controllerTextColor":"var(--lia-nav-controller-icon-color)","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","controllerHighlightColor":"hsla(30, 100%, 50%)","controllerHighlightTextColor":"var(--lia-yiq-light)","controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerColor":"var(--lia-nav-controller-icon-color)","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","hamburgerBgColor":"transparent","hamburgerBgHoverColor":"transparent","hamburgerBorder":"none","hamburgerBorderHover":"none","collapseMenuMarginLeft":"20px","collapseMenuDividerBg":"var(--lia-nav-link-color)","collapseMenuDividerOpacity":0.16,"__typename":"NavbarThemeSettings"},"pager":{"textColor":"var(--lia-bs-link-color)","textFontWeight":"var(--lia-font-weight-md)","textFontSize":"var(--lia-bs-font-size-sm)","__typename":"PagerThemeSettings"},"panel":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-bs-border-radius)","borderColor":"var(--lia-bs-border-color)","boxShadow":"none","__typename":"PanelThemeSettings"},"popover":{"arrowHeight":"8px","arrowWidth":"16px","maxWidth":"300px","minWidth":"100px","headerBg":"var(--lia-bs-white)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius)","boxShadow":"0 0.5rem 1rem hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.15)","__typename":"PopoverThemeSettings"},"prism":{"color":"#000000","bgColor":"#f5f2f0","fontFamily":"var(--font-family-monospace)","fontSize":"var(--lia-bs-font-size-base)","fontWeightBold":"var(--lia-bs-font-weight-bold)","fontStyleItalic":"italic","tabSize":2,"highlightColor":"#b3d4fc","commentColor":"#62707e","punctuationColor":"#6f6f6f","namespaceOpacity":"0.7","propColor":"#990055","selectorColor":"#517a00","operatorColor":"#906736","operatorBgColor":"hsla(0, 0%, 100%, 0.5)","keywordColor":"#0076a9","functionColor":"#d3284b","variableColor":"#c14700","__typename":"PrismThemeSettings"},"rte":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":" var(--lia-panel-box-shadow)","customColor1":"#bfedd2","customColor2":"#fbeeb8","customColor3":"#f8cac6","customColor4":"#eccafa","customColor5":"#c2e0f4","customColor6":"#2dc26b","customColor7":"#f1c40f","customColor8":"#e03e2d","customColor9":"#b96ad9","customColor10":"#3598db","customColor11":"#169179","customColor12":"#e67e23","customColor13":"#ba372a","customColor14":"#843fa1","customColor15":"#236fa1","customColor16":"#ecf0f1","customColor17":"#ced4d9","customColor18":"#95a5a6","customColor19":"#7e8c8d","customColor20":"#34495e","customColor21":"#000000","customColor22":"#ffffff","defaultMessageHeaderMarginTop":"14px","defaultMessageHeaderMarginBottom":"10px","defaultMessageItemMarginTop":"0","defaultMessageItemMarginBottom":"10px","diffAddedColor":"hsla(170, 53%, 51%, 0.4)","diffChangedColor":"hsla(43, 97%, 63%, 0.4)","diffNoneColor":"hsla(0, 0%, 80%, 0.4)","diffRemovedColor":"hsla(9, 74%, 47%, 0.4)","specialMessageHeaderMarginTop":"14px","specialMessageHeaderMarginBottom":"10px","specialMessageItemMarginTop":"0","specialMessageItemMarginBottom":"10px","__typename":"RteThemeSettings"},"tags":{"bgColor":"var(--lia-bs-gray-200)","bgHoverColor":"var(--lia-bs-gray-400)","borderRadius":"var(--lia-bs-border-radius-sm)","color":"var(--lia-bs-body-color)","hoverColor":"var(--lia-bs-body-color)","fontWeight":"var(--lia-font-weight-md)","fontSize":"var(--lia-font-size-xxs)","textTransform":"UPPERCASE","letterSpacing":"0.5px","__typename":"TagsThemeSettings"},"toasts":{"borderRadius":"var(--lia-bs-border-radius)","paddingX":"12px","__typename":"ToastsThemeSettings"},"typography":{"fontFamilyBase":"Atkinson Hyperlegible","fontStyleBase":"NORMAL","fontWeightBase":"400","fontWeightLight":"300","fontWeightNormal":"400","fontWeightMd":"500","fontWeightBold":"700","letterSpacingSm":"normal","letterSpacingXs":"normal","lineHeightBase":"1.3","fontSizeBase":"15px","fontSizeXxs":"11px","fontSizeXs":"12px","fontSizeSm":"13px","fontSizeLg":"20px","fontSizeXl":"24px","smallFontSize":"14px","customFonts":[],"__typename":"TypographyThemeSettings"},"unstyledListItem":{"marginBottomSm":"5px","marginBottomMd":"10px","marginBottomLg":"15px","marginBottomXl":"20px","marginBottomXxl":"25px","__typename":"UnstyledListItemThemeSettings"},"yiq":{"light":"#ffffff","dark":"#000000","__typename":"YiqThemeSettings"},"colorLightness":{"primaryDark":0.36,"primaryLight":0.74,"primaryLighter":0.89,"primaryLightest":0.95,"infoDark":0.39,"infoLight":0.72,"infoLighter":0.85,"infoLightest":0.93,"successDark":0.24,"successLight":0.62,"successLighter":0.8,"successLightest":0.91,"warningDark":0.39,"warningLight":0.68,"warningLighter":0.84,"warningLightest":0.93,"dangerDark":0.41,"dangerLight":0.72,"dangerLighter":0.89,"dangerLightest":0.95,"__typename":"ColorLightnessThemeSettings"},"localOverride":false,"__typename":"Theme"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-1743097587932","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:text:en_US-components/common/EmailVerification-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/common/EmailVerification-1743097587932","value":{"email.verification.title":"Email Verification Required","email.verification.message.update.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. To change your email, visit My Settings.","email.verification.message.resend.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. Resend email."},"localOverride":false},"CachedAsset:text:en_US-pages/tags/TagPage-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-pages/tags/TagPage-1743097587932","value":{"tagPageTitle":"Tag:\"{tagName}\" | {communityTitle}","tagPageForNodeTitle":"Tag:\"{tagName}\" in \"{title}\" | {communityTitle}","name":"Tags Page","tag":"Tag: {tagName}"},"localOverride":false},"CachedAsset:quilt:f5.prod:pages/tags/TagPage:community:zihoc95639-1743097589610":{"__typename":"CachedAsset","id":"quilt:f5.prod:pages/tags/TagPage:community:zihoc95639-1743097589610","value":{"id":"TagPage","container":{"id":"Common","headerProps":{"removeComponents":["community.widget.bannerWidget"],"__typename":"QuiltContainerSectionProps"},"items":[{"id":"tag-header-widget","layout":"ONE_COLUMN","bgColor":"var(--lia-bs-white)","showBorder":"BOTTOM","sectionEditLevel":"LOCKED","columnMap":{"main":[{"id":"tags.widget.TagsHeaderWidget","__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"},{"id":"messages-list-for-tag-widget","layout":"ONE_COLUMN","columnMap":{"main":[{"id":"messages.widget.messageListForNodeByRecentActivityWidget","props":{"viewVariant":{"type":"inline","props":{"useUnreadCount":true,"useViewCount":true,"useAuthorLogin":true,"clampBodyLines":3,"useAvatar":true,"useBoardIcon":false,"useKudosCount":true,"usePreviewMedia":true,"useTags":false,"useNode":true,"useNodeLink":true,"useTextBody":true,"truncateBodyLength":-1,"useBody":true,"useRepliesCount":true,"useSolvedBadge":true,"timeStampType":"conversation.lastPostingActivityTime","useMessageTimeLink":true,"clampSubjectLines":2}},"panelType":"divider","useTitle":false,"hideIfEmpty":false,"pagerVariant":{"type":"loadMore"},"style":"list","showTabs":true,"tabItemMap":{"default":{"mostRecent":true,"mostRecentUserContent":false,"newest":false},"additional":{"mostKudoed":true,"mostViewed":true,"mostReplies":false,"noReplies":false,"noSolutions":false,"solutions":false}}},"__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"}],"__typename":"QuiltContainer"},"__typename":"Quilt"},"localOverride":false},"CachedAsset:quiltWrapper:f5.prod:Common:1742464053905":{"__typename":"CachedAsset","id":"quiltWrapper:f5.prod:Common:1742464053905","value":{"id":"Common","header":{"backgroundImageProps":{"assetName":"header.jpg","backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"LEFT_CENTER","lastModified":"1702932449000","__typename":"BackgroundImageProps"},"backgroundColor":"transparent","items":[{"id":"custom.widget.Beta_MetaNav","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"useBackground":false,"title":"","lazyLoad":false},"__typename":"QuiltComponent"},{"id":"community.widget.navbarWidget","props":{"showUserName":false,"showRegisterLink":true,"style":{"boxShadow":"var(--lia-bs-box-shadow-sm)","linkFontWeight":"700","controllerHighlightColor":"hsla(30, 100%, 50%)","dropdownDividerMarginBottom":"10px","hamburgerBorderHover":"none","linkFontSize":"15px","linkBoxShadowHover":"none","backgroundOpacity":0.4,"controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerBgColor":"transparent","linkTextBorderBottom":"none","hamburgerColor":"var(--lia-nav-controller-icon-color)","brandLogoHeight":"48px","linkLetterSpacing":"normal","linkBgHoverColor":"transparent","collapseMenuDividerOpacity":0.16,"paddingBottom":"10px","dropdownPaddingBottom":"15px","dropdownMenuOffset":"2px","hamburgerBgHoverColor":"transparent","borderBottom":"0","hamburgerBorder":"none","dropdownPaddingX":"10px","brandMarginRightSm":"10px","linkBoxShadow":"none","linkJustifyContent":"center","linkColor":"var(--lia-bs-primary)","collapseMenuDividerBg":"var(--lia-nav-link-color)","dropdownPaddingTop":"10px","controllerHighlightTextColor":"var(--lia-yiq-dark)","background":{"imageAssetName":"","color":"var(--lia-bs-white)","size":"COVER","repeat":"NO_REPEAT","position":"CENTER_CENTER","imageLastModified":""},"linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkHoverColor":"var(--lia-bs-primary)","position":"FIXED","linkBorder":"none","linkTextBorderBottomHover":"2px solid #0C5C8D","brandMarginRight":"30px","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","linkBorderHover":"none","collapseMenuMarginLeft":"20px","linkFontStyle":"NORMAL","linkPaddingX":"10px","paddingTop":"10px","linkPaddingY":"5px","linkTextTransform":"NONE","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkBgColor":"transparent","linkDropdownPaddingY":"9px","controllerIconColor":"#0C5C8D","dropdownDividerMarginTop":"10px","linkGap":"10px","controllerIconHoverColor":"#0C5C8D"},"links":{"sideLinks":[],"mainLinks":[{"children":[{"linkType":"INTERNAL","id":"migrated-link-1","params":{"boardId":"TechnicalForum","categoryId":"Forums"},"routeName":"ForumBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-2","params":{"boardId":"WaterCooler","categoryId":"Forums"},"routeName":"ForumBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-0","params":{"categoryId":"Forums"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-4","params":{"boardId":"codeshare","categoryId":"CrowdSRC"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-5","params":{"boardId":"communityarticles","categoryId":"CrowdSRC"},"routeName":"TkbBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-3","params":{"categoryId":"CrowdSRC"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-7","params":{"boardId":"TechnicalArticles","categoryId":"Articles"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"article-series","params":{"boardId":"article-series","categoryId":"Articles"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"security-insights","params":{"boardId":"security-insights","categoryId":"Articles"},"routeName":"TkbBoardPage"},{"linkType":"INTERNAL","id":"migrated-link-8","params":{"boardId":"DevCentralNews","categoryId":"Articles"},"routeName":"TkbBoardPage"}],"linkType":"INTERNAL","id":"migrated-link-6","params":{"categoryId":"Articles"},"routeName":"CategoryPage"},{"children":[{"linkType":"INTERNAL","id":"migrated-link-10","params":{"categoryId":"CommunityGroups"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"migrated-link-11","params":{"categoryId":"F5-Groups"},"routeName":"CategoryPage"}],"linkType":"INTERNAL","id":"migrated-link-9","params":{"categoryId":"GroupsCategory"},"routeName":"CategoryPage"},{"children":[],"linkType":"INTERNAL","id":"migrated-link-12","params":{"boardId":"Events","categoryId":"top"},"routeName":"EventBoardPage"},{"children":[],"linkType":"INTERNAL","id":"migrated-link-13","params":{"boardId":"Suggestions","categoryId":"top"},"routeName":"IdeaBoardPage"},{"children":[],"linkType":"EXTERNAL","id":"Common-external-link","url":"https://community.f5.com/c/how-do-i","target":"SELF"}]},"className":"QuiltComponent_lia-component-edit-mode__lQ9Z6","showSearchIcon":false},"__typename":"QuiltComponent"},{"id":"community.widget.bannerWidget","props":{"backgroundColor":"transparent","visualEffects":{"showBottomBorder":false},"backgroundImageProps":{"backgroundSize":"COVER","backgroundPosition":"CENTER_CENTER","backgroundRepeat":"NO_REPEAT"},"fontColor":"#222222"},"__typename":"QuiltComponent"},{"id":"community.widget.breadcrumbWidget","props":{"backgroundColor":"var(--lia-bs-primary)","linkHighlightColor":"#FFFFFF","visualEffects":{"showBottomBorder":false},"backgroundOpacity":60,"linkTextColor":"#FFFFFF"},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"footer":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"var(--lia-bs-body-color)","items":[{"id":"custom.widget.Beta_Footer","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"useBackground":false,"title":"","lazyLoad":false},"__typename":"QuiltComponent"},{"id":"custom.widget.Tag_Manager_Helper","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"useBackground":false,"title":"","lazyLoad":false},"__typename":"QuiltComponent"},{"id":"custom.widget.Consent_Blackbar","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"useBackground":false,"title":"","lazyLoad":false},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"__typename":"QuiltWrapper","localOverride":false},"localOverride":false},"CachedAsset:text:en_US-components/common/ActionFeedback-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/common/ActionFeedback-1743097587932","value":{"joinedGroupHub.title":"Welcome","joinedGroupHub.message":"You are now a member of this group and are subscribed to updates.","groupHubInviteNotFound.title":"Invitation Not Found","groupHubInviteNotFound.message":"Sorry, we could not find your invitation to the group. The owner may have canceled the invite.","groupHubNotFound.title":"Group Not Found","groupHubNotFound.message":"The grouphub you tried to join does not exist. It may have been deleted.","existingGroupHubMember.title":"Already Joined","existingGroupHubMember.message":"You are already a member of this group.","accountLocked.title":"Account Locked","accountLocked.message":"Your account has been locked due to multiple failed attempts. Try again in {lockoutTime} minutes.","editedGroupHub.title":"Changes Saved","editedGroupHub.message":"Your group has been updated.","leftGroupHub.title":"Goodbye","leftGroupHub.message":"You are no longer a member of this group and will not receive future updates.","deletedGroupHub.title":"Deleted","deletedGroupHub.message":"The group has been deleted.","groupHubCreated.title":"Group Created","groupHubCreated.message":"{groupHubName} is ready to use","accountClosed.title":"Account Closed","accountClosed.message":"The account has been closed and you will now be redirected to the homepage","resetTokenExpired.title":"Reset Password Link has Expired","resetTokenExpired.message":"Try resetting your password again","invalidUrl.title":"Invalid URL","invalidUrl.message":"The URL you're using is not recognized. Verify your URL and try again.","accountClosedForUser.title":"Account Closed","accountClosedForUser.message":"{userName}'s account is closed","inviteTokenInvalid.title":"Invitation Invalid","inviteTokenInvalid.message":"Your invitation to the community has been canceled or expired.","inviteTokenError.title":"Invitation Verification Failed","inviteTokenError.message":"The url you are utilizing is not recognized. Verify your URL and try again","pageNotFound.title":"Access Denied","pageNotFound.message":"You do not have access to this area of the community or it doesn't exist","eventAttending.title":"Responded as Attending","eventAttending.message":"You'll be notified when there's new activity and reminded as the event approaches","eventInterested.title":"Responded as Interested","eventInterested.message":"You'll be notified when there's new activity and reminded as the event approaches","eventNotFound.title":"Event Not Found","eventNotFound.message":"The event you tried to respond to does not exist.","redirectToRelatedPage.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.message":"The content you are trying to access is archived","redirectToRelatedPage.message":"The content you are trying to access is archived","relatedUrl.archivalLink.flyoutMessage":"The content you are trying to access is archived View Archived Content"},"localOverride":false},"CachedAsset:component:custom.widget.Beta_MetaNav-en-1742464155653":{"__typename":"CachedAsset","id":"component:custom.widget.Beta_MetaNav-en-1742464155653","value":{"component":{"id":"custom.widget.Beta_MetaNav","template":{"id":"Beta_MetaNav","markupLanguage":"HANDLEBARS","style":null,"texts":null,"defaults":{"config":{"applicablePages":[],"description":"MetaNav menu at the top of every page.","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Beta_MetaNav","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"MetaNav menu at the top of every page.","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:component:custom.widget.Beta_Footer-en-1742464155653":{"__typename":"CachedAsset","id":"component:custom.widget.Beta_Footer-en-1742464155653","value":{"component":{"id":"custom.widget.Beta_Footer","template":{"id":"Beta_Footer","markupLanguage":"HANDLEBARS","style":null,"texts":null,"defaults":{"config":{"applicablePages":[],"description":"DevCentral´s custom footer.","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Beta_Footer","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"DevCentral´s custom footer.","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:component:custom.widget.Tag_Manager_Helper-en-1742464155653":{"__typename":"CachedAsset","id":"component:custom.widget.Tag_Manager_Helper-en-1742464155653","value":{"component":{"id":"custom.widget.Tag_Manager_Helper","template":{"id":"Tag_Manager_Helper","markupLanguage":"HANDLEBARS","style":null,"texts":null,"defaults":{"config":{"applicablePages":[],"description":"Helper widget to inject Tag Manager scripts into head element","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Tag_Manager_Helper","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"Helper widget to inject Tag Manager scripts into head element","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:component:custom.widget.Consent_Blackbar-en-1742464155653":{"__typename":"CachedAsset","id":"component:custom.widget.Consent_Blackbar-en-1742464155653","value":{"component":{"id":"custom.widget.Consent_Blackbar","template":{"id":"Consent_Blackbar","markupLanguage":"HTML","style":null,"texts":null,"defaults":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.Consent_Blackbar","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"TEXTHTML","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":null,"form":null},"localOverride":false},"CachedAsset:text:en_US-components/community/Breadcrumb-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/Breadcrumb-1743097587932","value":{"navLabel":"Breadcrumbs","dropdown":"Additional parent page navigation"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagsHeaderWidget-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagsHeaderWidget-1743097587932","value":{"tag":"{tagName}","topicsCount":"{count} {count, plural, one {Topic} other {Topics}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1743097587932","value":{"title@userScope:other":"Recent Content","title@userScope:self":"Contributions","title@board:FORUM@userScope:other":"Recent Discussions","title@board:BLOG@userScope:other":"Recent Blogs","emptyDescription":"No content to show","MessageListForNodeByRecentActivityWidgetEditor.nodeScope.label":"Scope","title@instance:1706288370055":"Content Feed","title@instance:1743095186784":"Most Recent Updates","title@instance:1704317906837":"Content Feed","title@instance:1743095018194":"Most Recent Updates","title@instance:1702668293472":"Community Feed","title@instance:1743095117047":"Most Recent Updates","title@instance:1704319314827":"Blog Feed","title@instance:1743095235555":"Most Recent Updates","title@instance:1704320290851":"My Contributions","title@instance:1703720491809":"Forum Feed","title@instance:1743095311723":"Most Recent Updates","title@instance:1703028709746":"Group Content Feed","title@instance:VTsglH":"Content Feed"},"localOverride":false},"Category:category:Forums":{"__typename":"Category","id":"category:Forums","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:TechnicalForum":{"__typename":"Forum","id":"board:TechnicalForum","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Forum:board:WaterCooler":{"__typename":"Forum","id":"board:WaterCooler","forumPolicies":{"__typename":"ForumPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Articles":{"__typename":"Category","id":"category:Articles","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"displayId":"Articles"},"Tkb:board:TechnicalArticles":{"__typename":"Tkb","id":"board:TechnicalArticles","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:DevCentralNews":{"__typename":"Tkb","id":"board:DevCentralNews","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:GroupsCategory":{"__typename":"Category","id":"category:GroupsCategory","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:F5-Groups":{"__typename":"Category","id":"category:F5-Groups","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:CommunityGroups":{"__typename":"Category","id":"category:CommunityGroups","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Occasion:board:Events":{"__typename":"Occasion","id":"board:Events","boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"occasionPolicies":{"__typename":"OccasionPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Idea:board:Suggestions":{"__typename":"Idea","id":"board:Suggestions","boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"ideaPolicies":{"__typename":"IdeaPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:CrowdSRC":{"__typename":"Category","id":"category:CrowdSRC","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:codeshare":{"__typename":"Tkb","id":"board:codeshare","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:communityarticles":{"__typename":"Tkb","id":"board:communityarticles","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Tkb:board:security-insights":{"__typename":"Tkb","id":"board:security-insights","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"displayId":"security-insights","nodeType":"board","conversationStyle":"TKB","title":"Security Insights","shortTitle":"Security Insights","parent":{"__ref":"Category:category:Articles"}},"Tkb:board:article-series":{"__typename":"Tkb","id":"board:article-series","tkbPolicies":{"__typename":"TkbPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Conversation:conversation:340482":{"__typename":"Conversation","id":"conversation:340482","topic":{"__typename":"TkbTopicMessage","uid":340482},"lastPostingActivityTime":"2025-03-31T08:38:34.153-07:00","solved":false},"User:user:129412":{"__typename":"User","uid":129412,"login":"Kyle_Fox","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/m_assets/avatars/custom/Frankenstack_11-1706132273780.svg?time=1706132301000"},"id":"user:129412"},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDA0ODItUkQxZzQ3?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDA0ODItUkQxZzQ3?revision=3","title":"SIRT_DevCentral.jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:340482":{"__typename":"TkbTopicMessage","subject":"Wiz, Heathrow, Vibe Coding and 23andMe","conversation":{"__ref":"Conversation:conversation:340482"},"id":"message:340482","revisionNum":3,"uid":340482,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:129412"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":244},"postTime":"2025-03-26T10:38:15.451-07:00","lastPublishTime":"2025-03-26T10:38:15.451-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Introduction \n Your editor this week is Kyle Fox. This week we bring tales of a major acquisition in the security industry; a fire near one of the largest airports in the world exposing flaws in infrastructure, weird new trends in software development and LLMs, and the usual roundup. \n \n Google to buy Wiz for $32 billion \n After a failed bid to buy Wiz last year for $23 billion, Google and Wiz have agreed on a price of $32 billion for Google's acquisition of the cybersecurity firm. Wiz is an Israeli-American cloud security firm headquartered in New York City with a primary engineering office in Tel Aviv. Wiz's software specializes in scanning cloud infrastructure for vulnerabilities so that they can be documented and remediated. \n Edit: At press time for this article, Wiz disclosed a number of vulnerabilities in the Kubernetes package Ingress-NGINX, we have published an advisory for those here: K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514 \n \n Heathrow closed for a day due to an electrical substation fire \n Heathrow Airport, the 5th most busy passenger airport in the world, and a hub for UK and European flights, suffered a catastrophic power failure due to an electrical substation fire. This fire also disabled Heathrow's backup power systems, leaving the airport with only minimal power needed for emergency lighting, elevators and other emergency systems. Because of the single point of failure, the UK Energy Secretary has called for a full investigation and fixes to prevent this type of incident from reoccurring. \n In cybersecurity, we often get buried in the technicalities of the information systems we are looking to protect, forgetting about all of the non-data infrastructure needed to run these systems. It is important to keep all of this supporting infrastructure in mind, because having an application or service go down because of a power outage, large scale weather event or a critical datacenter burning to the ground is just as impactful as having a cyberattack disrupt connectivity or take the systems hostage. So with proper planning, construction of backup systems, testing, and maintenance, you could be like Union Park and still be online while Heathrow is plunged into darkness. \n \n LLMs give birth to the concept of Vibe Coding, wait what? \n We sort of expected that programmers would use specialized LLMs to assist in writing code, but a new type of writing code with LLMs is being called Vibe Coding. This new type of coding embraces using the LLM for all code changes and just instructing the LLM to do things with the code without really touching it yourself. But because the datasets these LLMs are trained on and the limitations of how the LLMs work, a number of issues can and will be encountered with this new type of coding. \n I have always maintained that the job of a programmer is to be an engineer, and this is often reflected in titles alike the infamous \"Software Engineer.\" Engineers apply science to create things in the world, and most importantly, engineers check their designs against flaws that may cause catastrophic failure. When I write a non-trivial piece of software I usually start with some sort of specification document, and then might create some flowcharts in Visio before a single line of code is written. For one personal project (which is annoyingly still not done) I started by spending months (which could have been like a week if I was working on it full time) creating that database schema. \n So, with this new Vibe Coding, as with a lot of the LLM-assisted coding, I am expecting to see \"very dumb\" vulnerabilities and other related disasters. May we live in interesting times, indeed. \n \n 23andMe has filed for bankruptcy, How to delete your data \n Direct-to-consumer DNA testing company 23andMe has filed for bankruptcy. As with any bankruptcy involving companies with large datasets, the dataset is now an asset that can be auctioned off to satisfy the companies debts. The California Attorney General has provided instructions on how to delete your data from the dataset so that its not sold. \n \n Roundup: \n \n The YouTube recommendation this time is Chris Boden, an electrician, comedian, science educator and former federal inmate. \n An Italian court has ordered Google to poison DNS results, a pretty common thing for governments to do these days. \n Dodgequest site doxxes Tesla owners across the US. Reports from friends say the information behind the site may be old or incomplete. \n A new way to phish passkeys has been discovered. Yet another malicious QR code. \n ChatGPT has been sued over defamatory hallucinations. \n iPhone theft rings were powered by insider threats and automated scraping of FedEx delivery data. \n The population of the planet may have been grossly underestimated. \n ACARS is the most exclusive text messaging network, now you can get in on watching the drama. \n The Raspberry Pi people are now selling a new chip, but it still has a potentially fatal flaw. \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"5089","kudosSumWeight":4,"repliesCount":1,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDA0ODItUkQxZzQ3?revision=3\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:340217":{"__typename":"Conversation","id":"conversation:340217","topic":{"__typename":"TkbTopicMessage","uid":340217},"lastPostingActivityTime":"2025-03-20T17:29:47.333-07:00","solved":false},"User:user:241262":{"__typename":"User","uid":241262,"login":"MegaZone","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS0yNDEyNjItMTg4ODFpN0U1OEE0RTAwMDg0NDJGMQ"},"id":"user:241262"},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAyMTctUVJrc0tX?revision=5\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAyMTctUVJrc0tX?revision=5","title":"SIRT_DevCentral.jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:340217":{"__typename":"TkbTopicMessage","subject":"AppSec, Camels, Typhoons, and Backdoors","conversation":{"__ref":"Conversation:conversation:340217"},"id":"message:340217","revisionNum":5,"uid":340217,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:241262"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" \n Welcome back to the F5 SIRT's weekly roundup of whatever news caught the editor's eye, and whatever else we feel like covering. It's our soapbox, and we're going to use it! This week MegaZone is once against at the keyboard, and we'll be covering news for the week of March 2-8, 2025. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":168},"postTime":"2025-03-12T06:00:00.050-07:00","lastPublishTime":"2025-03-12T06:00:00.050-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Welcome back to the F5 SIRT's weekly roundup of whatever news caught the editor's eye, and whatever else we feel like covering. It’s our soapbox, and we’re going to use it! This week MegaZone is once again at the keyboard, and we'll be covering news for the week of March 2-8, 2025. \n One thing that wasn't cybersecurity news, per se, which I've been watching in professional horror is how the DOGE team seems to be intent on systematically violating every fundamental tenet of cybersecurity. Connecting unvetted devices to secure networks. Transferring sensitive information to untrusted devices. Publishing sensitive information to the public. Running roughshod over every kind of access control and security check that protect these networks and information. It doesn't matter what your politics are, it is objectively a cybersecurity horror show. \n This is a team that couldn't even secure their own website. They've contaminated secure networks which would now have to be scrubbed top to bottom, at great expense, before they could be considered properly secured again. They're doing the kind of things that would get most of us fired if we did them on our corporate networks. \n Things like this make me question why we fight the good fight in trying to make things more secure, if it is all going to be thrown out the window in the name of convenience. 'Move fast and break things' isn't a great approach when the systems involved are mission-critical and contain sensitive, even classified, data. Some things can't be fixed - once sensitive data is compromised, that's forever. \n But if I continue on this topic I will get into politics, so I'll move on. \n \n AppSec, Hot and Fresh \n Some of you may be familiar with the ongoing 'AppSec Monthly' podcast, which is a collaboration of the F5 SIRT and F5 Labs, with occasional guests from within and without F5. I’ve been a regular since I took over as the F5 SIRT's participant last fall. Well, I have some news - AppSec Monthly will no longer be produced. However, it isn't bad news, and it has ceased only to make way for a new podcast, 'AppSec Now'. The goal is to produce shorter, more timely episodes. We're going to try to record each Monday, and sometimes Tuesday when necessary. \n The first episode of AppSec Now, entitled Exploring CISA Layoffs, Microsoft's Quantum Chip, MongoDB Vulnerabilities & More, released last week. Ideally we'll have a weekly schedule, and the new cadence will allow us to touch on more stories before they become stale. That was always an issue when planning the content for the monthly release. Sometimes good stories were just old news by the time we recorded. We may have some teething issues as we figure out the new routine, bear with us. \n You can keep up with new episodes via the AppSec Now Playlist, and you should check out the DevCentral YouTube Channel for a lot of great content, including some other ongoing podcast series. Most recently, you'll find a lot of AppWorld 2025 coverage. \n \n Exploring CISA Layoffs, Microsoft's Quantum Chip, MongoDB Vulnerabilities & More \n AppSec Now Playlist \n DevCentral YouTube Channel \n \n \n Apache Camel Kerfuffle \n As last week drew to a close, there was a growing clamor in the infosec community about a reported 'Critical' issue in Apache Camel. Nothing had been released officially, and the rumor mill was in full force. With little to no details available, there wasn't much anyone could do. Security teams were being stood up - but could only wait for something tangible to work on. It was a classic example of why sharing unsubstantiated reports without any actionable details is a major waste of community resources, and why coordinated vulnerability disclosure is the right way to handle things. I won't go too far down this road, as in the process of preparing this entry I came across an article posted earlier today (as I write this bit on Sunday), but Kevin Beaumont on Medium: \"No, there isn't a world ending Apache Camel vulnerability\". He said pretty much what I would. In short, sharing information in this way is being Chicken Little. \n So, anyway, we started seeing customer interest in this 'sky is falling' issue toward the end of last week, but information was limited and spotty. So, like everyone else, there was little we could offer in response. That is, until CVE-2025-27636 was published in Sunday. It wasn't given a CVSS score, but it is generally considered to be of Medium severity, and not a Critical issue. The scope of the issue is much more limited than the rumor mill had been claiming. The Apache Software Foundation published a statement about the issue, sent out an email covering the issue, and there is also an associated Jira issue. \n With more details now available, F5 also published a Security Advisory for the issue on Sunday and my F5 SIRT colleague, Dharminder, published an article here on DevCentral. The short version is that there is an Attack Signature Update available for BIG-IP Next WAF, BIG-IP Advanced WAF & ASM, and NGINX App Protect WAF, to protect any systems that are 'behind' one of those products. For others, there is also an iRule available for HTTP virtual servers to protect backend systems. Other vendors have also begun to release responses to this issue. \n The irresponsible, premature sharing of incomplete information cost an untold amount across many organizations as many people scrambled to get details on this supposed world-ending zero-day RCE, which turned out to be a medium-severity issue with a very limited scope of impact. We need better discipline within these threat-sharing groups, as this is not the first time someone has started a panic over nothing. Spreading unsubstantiated rumors does more harm than good. It panics management, who then demand that 'something be done', but the cybersecurity teams responsible can do little without actionable intelligence. So they reach out to vendors, who then must spin up their own teams, but are just as stuck. And, if there is a real, exploitable issue, it also gives those with nefarious goals a heads-up that they should start looking, while defenders are at a loss. \n In the future, I hope we collectively can avoid going off half-cocked, and wait for coordinated disclosure to provide the details. But, given history as an example, I’m not going to hold my breath. \n \n https://doublepulsar.com/no-there-isnt-a-world-ending-apache-camel-vulnerability-edd055f40d39 \n https://www.cve.org/CVERecord?id=CVE-2025-27636 \n https://camel.apache.org/security/CVE-2025-27636.html \n https://lists.apache.org/thread/l3zcg3vts88bmc7w8172wkgw610y693z \n https://issues.apache.org/jira/browse/CAMEL-21828 \n https://my.f5.com/manage/s/article/K000150304 \n \n \n Deja Vu All Over Again \n Very often, when working on TWIS, I feel like I end up covering the same thing I have previously. Last time in the hot seat one of the topics I covered was Chinese threat actors, including Silk Typhoon, aka APT27. Once again, they were one of the leading stories of the week. This time the issue is that Silk Typhoon has expanded their operations to include attacks on IT supply chains, to gain initial access to networks. This is according to a new report published by Microsoft Threat Intelligence. This was followed by a report published the next day by GreyNoise which detailed active exploitation attributed to Silk Typhoon. \n It's the standard arms race - as defenders address the vulnerabilities they formerly leveraged, they find new ways to crack networks open to expose their succulent centers for exploitation. Their latest move is to focus on remote management tools and cloud applications to obtain keys and credentials they can then use to penetrate deeper into the victim's network. A chain is only as strong as its weakest link - and a network is only as secure as its most vulnerable component. Silk Typhoon appears very adept at using a myriad of different approaches, and rapidly pivoting to adjust their approach as target behavior changes. There's a lot of good information in the Microsoft and GreyNoise reports and I encourage checking them out. \n In related news, the day after Microsoft published their report, US government agencies filed criminal charges against alleged members of Silk Typhoon. Internet domains attributed to the group's campaigns were also seized. Now, the indictments don't actually amount to much as those indicted reside in China, and there is little to no chance China will turn any of the individuals over to the US. They'd only be actionable if those indicted traveled to a nation friendly to the US, willing to act on them. \n \n https://www.microsoft.com/en-us/security/blog/2025/03/05/silk-typhoon-targeting-it-supply-chain/ \n https://www.greynoise.io/blog/active-exploitation-silk-typhoon-linked-cves \n https://thehackernews.com/2025/03/china-linked-silk-typhoon-expands-cyber.html \n https://www.scworld.com/news/microsoft-reveals-silk-typhoons-recent-supply-chain-targeting \n https://www.theregister.com/2025/03/05/china_silk_typhoon_update/ \n https://www.darkreading.com/remote-workforce/china-silk-typhoon-it-supply-chain-attacks \n https://www.theregister.com/2025/03/06/fbi_china_pays_75k_per/ \n \n \n Governments Insist on Breaking Security \n The Register had a nice opinion piece on governments insisting on backdoors into encrypted services, effectively killing end-to-end encryption (E2EE) and therefore making their citizens less secure. Everyone and anyone with the faintest knowledge of security knows that you can't put backdoors into encryption without weakening the system and making them more susceptible to attack. Yet governments continue to insist that their ability to snoop outweighs the need for users to be secure, despite decades of evidence of how increasingly important security and encryption are. (Often this takes the form of the classic 'Think of the children!' emotional argument.) \n Recent examples include the UK's insistence causing Apple to pull iCloud E2EE for UK users rather than comply and weaken the service. Now those users are left to fend for themselves, and only those technically savvy enough to install and use independent encryption products to locally encrypt data before uploading will be protected. Which, of course, defeats the entire purpose of the government insisting on backdoors in the first place. So sophisticated criminals and technically savvy users would always be able to avoid this form of government snooping. The whole thing is a lose-lose for the average user - whether a service caves and introduces a backdoor, or refuses and pulls all E2EE, the average user is demonstrably less secure. \n Not learning anything from the UK's reckless (and frankly stupid) actions. Sweden is also looking at demanding E2EE backdoors - which has Signal threatening to pull out of that country. (And I expect Apple and others would do the same, just like in the UK.) It has been reported that Apple has filed a complaint over the backdoor demands with the UK's Investigatory Powers Tribunal (IPT), so we'll see how this plays out. \n Maybe someday politicians and spooks will realize these attempts to weaken security are a fool's errand as there are readily available standalone systems for those who really want to avoid scrutiny, and weakening protections for the vast majority of innocent users is not a worthwhile tradeoff. You just make life harder for the majority of users. \n \n https://www.theregister.com/2025/03/03/opinion_e2ee/ \n https://www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/ \n \n \n VulnCon Schedule Live \n Before I sign off for the week, a plug. As I've mentioned previously, I'm one of the organizers behind VulnCon. VulnCon 2025 is coming up, April 7-10 in Raleigh, North Carolina, USA. This is our second year, and last year was a smashing success, exceeding our best projections. This year is bigger and better with an extra day and an additional programing tracks, so there is even more content to choose from. I know some people were waiting to see exactly what that content would be before registering, and the good news is that the schedule is now live. \n Registration for in-person attendance is US$300 through March 15th (that's this Saturday), and US$375 after the 15th, until we sell out. We have an in-person attendance cap of around 400, and we're well along with registrations, so don't delay. While I strongly encourage attending in person if possible, this is a hybrid event and you can also attend remotely for US$100. Remote attendance will utilize Zoom and Discord, and we've taken feedback from last year seriously and have made some changes. While it worked well enough last year, we're hoping it is even better this year, with dedicated channels and Discord monitors for each session, rather than 'track' channels and ad hoc monitors. Having a dedicated channel for each session will allow conversations to continue after the session, and will make it easier to keep discussions for each session separated, compared to the 'track' channels where one discussion often ran over into the next session. \n If you are going to attend in person, see my Pro Tip on VulnCon Hotels from my last time in the editor's seat. It might save you a bit. \n I am also proud to say that F5 is also one of the event sponsors this year. \n \n https://www.first.org/conference/vulncon2025/ \n https://www.first.org/conference/vulncon2025/program \n https://www.first.org/conference/vulncon2025/#Registration-Information \n https://www.first.org/conference/vulncon2025/sponsors \n \n \n That Was the Week That Was \n Thank you for your time and attention this week. I hope you found something of value in my ramblings. \n As always, if this is your first TWIS, you can always read past editions. I also encourage you to check out all of the content from the F5 SIRT. \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"14534","kudosSumWeight":2,"repliesCount":1,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAyMTctUVJrc0tX?revision=5\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:340319":{"__typename":"Conversation","id":"conversation:340319","topic":{"__typename":"TkbTopicMessage","uid":340319},"lastPostingActivityTime":"2025-03-19T06:00:00.043-07:00","solved":false},"User:user:73921":{"__typename":"User","uid":73921,"login":"Dharminder","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS03MzkyMS14cFZvSDI?image-coordinates=35%2C195%2C924%2C1084"},"id":"user:73921"},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAzMTktNUp5aE80?revision=5\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAzMTktNUp5aE80?revision=5","title":"SIRT_DevCentral (1).jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:340319":{"__typename":"TkbTopicMessage","subject":"Phishing, Malware and Spyware Campaign, BRUTED Tool & CISA’s List Of Exploited Vulnerabilities","conversation":{"__ref":"Conversation:conversation:340319"},"id":"message:340319","revisionNum":5,"uid":340319,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:73921"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":158},"postTime":"2025-03-19T06:00:00.043-07:00","lastPublishTime":"2025-03-19T06:00:00.043-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Notable security news for the week of March 9th-15th March 2025, brought to you by the F5 Security Incident Response Team. This week, your editor is Dharminder. In this edition, I have security news about phishing campaign against Coinbase users, a new tool developed by ‘Black Basta’ ransomware group to breach edge networking devices like VPNs and Firewalls, OBSCURE#BAT Malware and KoSpy spyware campaigns and CISA’s updated list of Known Exploited Vulnerabilities (KEV) \n \n We at F5 SIRT invest a lot of time to understand the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency please contact F5 SIRT. \n Ok, let’s get started and see the details of the security news. \n \n \n Coinbase Phishing Scam, Exploits Wallet Migration Fears \n A large-scale Coinbase phishing campaign is tricking users into setting up new wallets with pre-generated recovery phrases controlled by attackers. The phishing emails, with the subject \"Migrate to Coinbase Wallet,\" claim that users must transition to self-custodial wallets due to a court mandate following a class action lawsuit. The email provides instructions on how to download the legitimate Coinbase Wallet but includes a recovery phrase, falsely presented as the user's unique Coinbase Identity, to be used during the wallet setup. Unlike typical crypto phishing scams that aim to steal recovery phrases, this campaign provides a recovery phrase already controlled by the attacker. When users set up a wallet using this phrase and transfer funds, the attacker can access and steal the assets. The emails appear legitimate, passing various security checks, as they are sent through SendGrid, seemingly via an Akamai account. The reply address is noreply@akamai.com. Since the reply email address if of Akamai, Akamai is investigating it and urges users to exercise caution with unsolicited emails. Coinbase has issued a warning on X (formerly Twitter), stating they will never send recovery phrases and advising users never to enter a recovery phrase provided by someone else. Users who have fallen for the scam are advised to quickly transfer their funds out of the new wallet to regain control before the attackers steal them. \n \n https://www.bleepingcomputer.com/news/security/coinbase-phishing-email-tricks-users-with-fake-wallet-migration/ \n https://cryptodnes.bg/en/crypto-users-targeted-in-new-sophisticated-wallet-scam/ \n \n Black Basta Develops BRUTED Tool to Breach VPNs and Firewalls \n The Black Basta ransomware group developed an automated brute-forcing framework called \"BRUTED\" to target edge networking devices, including VPNs and firewalls. Active since 2023, BRUTED enables large-scale credential-stuffing and brute-force attacks, streamlining initial network access for ransomware deployment. \n BRUTED targets widely used products such as SonicWall NetExtender, Palo Alto GlobalProtect, Cisco AnyConnect, Fortinet SSL VPN, Citrix NetScaler, Microsoft RDWeb, and WatchGuard SSL VPN. It scans for publicly accessible devices by enumerating subdomains, resolving IP addresses, and appending prefixes like \".vpn\" or \"remote.\" The framework retrieves password candidates from remote servers, combines them with locally generated guesses, and executes authentication attempts using multiple CPU processes. It further extracts SSL certificate data to generate additional password guesses based on domain naming conventions. \n To evade detection, BRUTED uses SOCKS5 proxies to obscure its infrastructure, which comprises servers registered in Russia. The tool's sophistication and automation expand Black Basta's victim pool and accelerate ransomware operations, Hence Organizations are urged to: \n \n Enforce strong, unique passwords for all edge devices. \n Implement multi-factor authentication (MFA) to block unauthorized access. \n Monitor for unusual login attempts and high-volume failures. \n Apply rate-limiting and account lockout policies. \n Regularly update device firmware and software to mitigate vulnerabilities. \n Block list of malicious IPs and domains linked to BRUTED provided by EclecticIQ researchers. \n \n \n https://blog.eclecticiq.com/inside-bruted-black-basta-raas-members-used-automated-brute-forcing-framework-to-target-edge-network-devices \n https://www.forbes.com/sites/daveywinder/2025/03/15/now-ransomware-attackers-can-brute-force-your-vpns-and-firewalls/ \n https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/ \n \n OBSCURE#BAT: Advanced Malware Campaign Leveraging Fake CAPTCHAs and Rootkits \n OBSCURE#BAT, a newly identified malware campaign, leverages social engineering to install the open-source rootkit r77. The malware primarily targets English-speaking users in the U.S., Canada, Germany, and the U.K. It uses fake Cloudflare CAPTCHA pages and masquerades as legitimate software, such as the Tor Browser and VoIP applications, to trick users into downloading malicious batch scripts. \n Once executed, the scripts run PowerShell commands that drop additional payloads, modify Windows Registry keys, and set up scheduled tasks to ensure persistence. The malware conceals itself by obfuscating scripts in the Windows Registry and registering a fake driver (ACPIx86.sys). The final stage of the attack installs r77, a user-mode rootkit that hides files, processes, and registry keys. \n OBSCURE#BAT also monitors clipboard activity and command history, likely for data exfiltration. To evade detection, it employs advanced obfuscation, string encryption, and API hooking techniques. The campaign highlights the increasing sophistication of modern malware, making detection and mitigation more challenging. Users are advised to avoid suspicious downloads, enable security protections, and scan their systems for unauthorized processes. \n https://thehackernews.com/2025/03/obscurebat-malware-uses-fake-captcha.html \n https://hackread.com/new-obscurebat-malware-targets-users-fake-captchas/ \n \n KoSpy: North Korean Android Spyware Campaign Against Android Users \n KoSpy, a sophisticated Android spyware linked to North Korean threat group APT37 (ScarCruft), infiltrated Google Play and APKPure through five malicious apps, including Phone Manager, File Manager, Smart Manager, Kakao Security, and Software Update Utility. Active since March 2022, the spyware targets Korean and English-speaking users by masquerading as utility tools. \n Once installed, KoSpy retrieves encrypted configurations from Firebase Firestore, connects to command-and-control (C2) servers, and evades detection by ensuring it is not running in an emulator. It dynamically loads plugins to collect sensitive data such as SMS messages, call logs, GPS location, files, audio recordings, photos, videos, screenshots, and keystrokes via Android Accessibility Services. Data is encrypted using a hardcoded AES key before exfiltration. \n The campaign was attributed to APT37 based on shared infrastructure with APT43 and ties to domains used in previous North Korean malware operations. While Google has removed these apps and deactivated related Firebase projects, users must manually uninstall them or perform factory resets for complete removal. Enabling Google Play Protect offers additional defense against known malware variants. \n https://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/ \n https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37 \n https://www.securityweek.com/north-korean-hackers-distributed-android-spyware-via-google-play/ \n \n Recent Additions To CISA's Known Exploited Vulnerabilities Catalog \n The Cybersecurity and Infrastructure Security Agency (CISA) maintains list of known exploited vulnerabilities, which benefits the cybersecurity community, network defenders and organizations. \n CISA has updated its Known Exploited Vulnerabilities (KEV) Catalog with several new vulnerabilities known to be actively exploited in the wild. Below mentioned are the vulnerabilities added since March 11. Since the vulnerabilities are exploited in wild, organisations should take note of that and mitigate the vulnerabilities as soon as possible. \n \n \n CVE \n \n Product \n \n Vulnerability Info/ CWE \n \n Mitigation \n \n CVE-2025-24201 \n \n Apple iOS, iPadOS, macOS, visionOS, Safari \n \n Out-of-bounds write in WebKit \n \n Update to visionOS 2.3.2, iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, or Safari 18.3.1. \n \n CVE-2025-21590 \n \n Juniper Networks Junos OS \n \n Improper isolation or compartmentalization \n \n Apply the security patches provided by Juniper Networks. \n \n CVE-2025-26633 \n \n Microsoft Windows Management Console (MMC) \n \n Improper neutralization \n \n Apply the security updates provided by Microsoft. \n \n CVE-2025-24983 \n \n Microsoft Windows Win32 Kernel Subsystem \n \n Use-after-free \n \n Install the security updates provided by Microsoft. \n \n CVE-2025-24984 \n \n Microsoft Windows NTFS \n \n Information disclosure \n \n Apply the latest security patches from Microsoft. \n \n CVE-2025-24985 \n \n Microsoft Windows Fast FAT File System Driver \n \n Integer overflow and heap-based buffer overflow \n \n Install the security updates provided by Microsoft. \n \n CVE-2025-24991 \n \n Microsoft Windows NTFS \n \n Out-of-bounds read \n \n Apply the latest security updates from Microsoft. \n \n CVE-2025-24993 \n \n Microsoft Windows NTFS \n \n Heap-based buffer overflow \n \n Install the security updates provided by Microsoft. \n \n CVE-2025-25181 \n \n Advantive VeraCore \n \n SQL Injection \n \n Apply the updates provided by Advantive. \n \n CVE-2024-57968 \n \n Advantive VeraCore \n \n Unrestricted File Upload \n \n Update to VeraCore version 2024.4.2.1 or later. \n \n CVE-2024-13159 \n \n Ivanti Endpoint Manager (EPM) \n \n Absolute Path Traversal \n \n Apply the security update for Ivanti (EPM). \n \n CVE-2024-13160 \n \n Ivanti Endpoint Manager (EPM) \n \n Absolute Path Traversal \n \n Apply the security update for Ivanti EPM. \n \n CVE-2024-13161 \n \n Ivanti Endpoint Manager (EPM) \n \n Absolute Path Traversal \n \n Apply the security update for Ivanti EPM \n \n \n For CISA's complete list of exploited vulnerabilities please check the following link \n https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=&field_date_added_wrapper=all&field_cve=&sort_by=field_date_added&items_per_page=20&url= ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"10891","kudosSumWeight":2,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zNDAzMTktNUp5aE80?revision=5\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339137":{"__typename":"Conversation","id":"conversation:339137","topic":{"__typename":"TkbTopicMessage","uid":339137},"lastPostingActivityTime":"2025-03-11T09:46:22.551-07:00","solved":false},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkxMzctZ2lyTnhz?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkxMzctZ2lyTnhz?revision=3","title":"SIRT_DevCentral.jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:339137":{"__typename":"TkbTopicMessage","subject":"A Very Chinese New Year","conversation":{"__ref":"Conversation:conversation:339137"},"id":"message:339137","revisionNum":3,"uid":339137,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:241262"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Happy New Year everyone! It's a new year, with new news, and the same old(er) MegaZone. This time we're looking at the news that I found worthy from the week of January 5-11, 2025. (Have you gotten used to typing 2025 yet?) I found it to be a fairly slow news week, and not much really grabbed my attention enough that I felt it was worth commenting on. That's not too unusual for the start of a new year, as there is often a bit of a post-holiday lull. Not that there was no news at all, it is never truly quiet in cybersecurity, just that most of it was run-of-the-mill stuff, IMHO. \n Oh, and as for the title of this 'issue', I know the Lunar New Year (aka Chinese New Year) isn't until January 29th, but I couldn't pass up the play on words given the topic below. And with that, let's dive in. \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":231},"postTime":"2025-01-16T11:31:29.108-08:00","lastPublishTime":"2025-03-11T09:46:22.551-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Happy New Year everyone! It's a new year, with new news, and the same old(er) MegaZone. This time we're looking at news that I found worthy from the week of January 5–11, 2025. (Have you gotten used to typing 2025 yet?) I found it to be a fairly slow news week, and not much really grabbed my attention enough that I felt it was worth commenting on. That's not too unusual for the start of a new year, as there is often a bit of a post-holiday lull. Not that there was no news at all. It is never truly quiet in cybersecurity, just that most of it was run-of-the-mill stuff, IMHO. \n Before I dive into this week's news, I'm going to abuse my editorial power to plug a couple of things. F5 Labs published their 2025 Cybersecurity Predictions, which is also a look back at the 2024 predictions, and how they panned out. Let's see how the new predictions play out this year. \n Speaking of the 2025 Cybersecurity Predictions, that was one of the two subjects we covered in the December episode of AppSec Monthly. The other topic was a look at the a topic from my last issue of TWIS, the Hack The Box study on mental health of security professionals. It's a subject I care about quite a bit, and something I've seen many of my peers struggle with, and have struggled with myself. We work in an intense, stressful field, and there is a general attitude of 'toughing it out', which just defers the impacts. \n This was my third episode of AppSec Monthly, starting in October. I am the new 'permanent' F5 SIRT host, so you should see me each month. Hopefully I'll get better at it with practice and you can follow along with the playlist, as well as checking out past episodes. I have some big shoes to fill with Aaron's departure, hopefully I can uphold the high standard he set. AppSec Monthly is also available as a podcast on Spotify, iTunes, and probably other platforms I'm forgetting about. \n Oh, and as for the title of this 'issue', I know the Lunar New Year (aka Chinese New Year) isn't until January 29, but I couldn't pass up the play on words given the topic below. And with that, let's dive in. \n Year of the Snake \n Last week Chris wrote about a Chinese APT targeting the US Treasury and my main topic this week is a continuation and expansion of that. Cybersecurity news in recent weeks has been full of stores relating to Chinese threat actors. That's a major, evolving story, which reaches beyond cybersecurity into global geopolitics. Without getting too deep into US politics, with the new presidential administration's prior attitudes toward and comments on China, I expect these events to have some significance. \n I'm going to rewind a bit to the previous week, which still saw stories about Chinese APT Salt Typhoon compromising multiple US telco providers, giving them the ability to geolocate millions of devices and record any communications. The actual extent of the intrusion is reportedly much more limited, with actions targeted at specific, high-value individuals, but the access was there. At the same time there was also coverage on the US Treasury Department being compromised due to a vulnerability in BeyondTrust. Within days this coverage was updated to highlight that the Office of Foreign Assets Control (OFAC), the Treasury department that administers economic and trade sanctions, was specifically targeted. \n As we entered this week, it was reported that OFAC was sanctioning Beijing-based Integrity Technology Group, Inc., a cybersecurity group that has been linked to state-sponsored APT Flax Typhoon (not to be confused with Salt Typhoon). Flax Typhoon was involved with malicious actions against US critical infrastructure providers in 2022 and 2023, utilizing Integrity's infrastructure to conduct their operations. The US State Department claims Flax Typhoon has targeted governmental organizations, telecommunications providers, media companies, and others, both within the US and in a number of other countries, most prominently Taiwan. You can see why OFAC would be of particular interest to a state-sponsored Chinese APT, providing insight toward potential upcoming sanctions. \n Coverage of these issues continued throughout the week. CISA stated that the BeyondTrust Treasury Department hack did not affect other federal agencies, which was a bit of good news. The primary BeyondTrust vulnerability was a critical command injection, assigned CVE-2024-12356, and this was added to CISA's Known Exploited Vulnerabilities (KEV) list in mid-December. There was also a medium-severity vulnerability involved, CVE-2024-12686. This second vulnerability was itself just added to the KEV this week. Another piece of good news came when both AT&T and Verizon, two of the nine telecom providers compromised by Salt Typhoon, reported that they'd purged the intrusion from their networks. Both vendors claim that they've notified all individuals who were targeted by Salt Typhoon, so if you haven't heard otherwise I guess you can assume you're safe. \n Early in the week, speaking at a Foundation for Defense of Democracies event, National Cyber Director Harry Coker Jr. called for the US to do more to deter China as a cybersecurity threat. Exactly what needs to be done to deter China seems to be less clear. What's been done so far appears to be completely ineffective, so more of the same doesn't seem like it would cut it. Then late in the week, it was reported that the Treasury breach also targeted the Committee on Foreign Investment in the US (CFIUS). This office with the Treasury, as the the name implies, oversees foreign investment, such as from China, in the US. One of their recent actions had been to step of review real estate sales near US military bases, in particular sales to Chinese entities. \n China has, of course, largely denied their involvement in any or all of this. \n Of course, mixed into all of this is the looming, absolutely idiotic, TikTok ban on January 19. The ban is nothing but ineffective political posturing, IMHO, if my opinion wasn't clear. It's disrupting the lives, and livelihoods, of millions of users and creators because politicians got their knickers in a twist over a popular social media platform, gasp, not being US-owned! Of course, the same people flip out when other nations take a similar view toward US-owned platforms operating in their countries. \n The irony is that the ban - due to TikTok being owned by China's ByteDance, and pearl-clutching and hand-wringing over China being able to influence content (as if foreign entities don't rabidly influence content on X, Facebook, Instagram, or any non-Chinese owned social media platform) - seems to be driving many people to move to a similar app, RedNote aka Xiaohongshu . RedNote is also Chinese-owned, and even more closely aligned with China as their primary user base is Chinese, unlike TikTok. That's just a beautiful example of the law of unintended consequences. Ifthe US government wanted an efficient way to make a generation resent them, they seem to have found it. \n The ban is just another factor in the tense geopolitical situation. I'msure we're far from seeing the end of these issues, and I'm just as sure there will be more to come. WhatI'm not at all sure about is how this will all play out. \n \n https://www.theregister.com/2024/12/30/att_verizon_confirm_salt_typhoon_breach/ \n https://www.theregister.com/2024/12/31/us_treasury_department_hacked/ \n https://www.theregister.com/2025/01/02/chinese_spies_targeted_sanctions_intel/ \n https://www.cybersecuritydive.com/news/treasury-sanctions-flax-typhoon/736538/ \n https://www.scworld.com/news/us-sanctions-chinese-service-provider-for-supporting-threat-group \n https://www.cybersecuritydive.com/news/cisa-hack-treasury-federal-agencies/736654/ \n https://www.cybersecuritydive.com/news/att-verizon-salt-typhoon/736680/ \n https://www.cybersecuritydive.com/news/national-cyber-director-coker-china-deterrence/736920/ \n https://www.scworld.com/news/chinese-hackers-breach-office-that-reviews-foreign-investments-in-us \n https://www.theregister.com/2025/01/10/china_treasury_foreign_investment/ \n https://www.cybersecuritydive.com/news/cisa-second-beyondtrust-cve-exploited/737288/ \n https://www.cisa.gov/news-events/alerts/2024/12/19/cisa-adds-one-known-exploited-vulnerability-catalog \n https://www.cisa.gov/news-events/alerts/2025/01/13/cisa-adds-two-known-exploited-vulnerabilities-catalog \n \n Digital Urbex \n The exploration of abandoned infrastructure in the physical world, often called Urban Exploration, or Urbex, can be fun and interesting. Also perhaps marginally legal. And dangerous. But fun. I'll just say Union Station in Worcester, MA had a very interesting interior, very Planet of the Apes, before it was restored and reopened. Anyway, it looks like a bit of digital urbex can be similarly fun and interesting, and entails less physical danger. Though still perhaps marginally legal. \n It turns out that if you're of a criminal bent and decide to save some labor by purchasing existing web shell backdoors on your target's devices from like minded individuals, those web shells may contain backdoors giving their creators access to all of your work. (Insert 'Inception' joke here.) These backdoors in backdoors call out to domain names for command and control. \n Sometimes their creators let those domain names lapse, as covered by watchTowr Labs in their new report. You may recall watchTowr from last September when they accidentally took over the ,mobi TLD. That one is also a very interesting read, and if I'd been on TWIS duty that week I'm sure I would've included it as it's a good tale. They share a similarity in exploiting abandoned or expired infrastructure to gain access to systems. Do check that one out too, but now back to the current news. \n By disassembling web shell malware to uncover the encoded domain names, they were able to register the unclaimed domains to start monitoring any incoming requests. And boy did they get some requests. They've uncovered more than 4,000 unique and live backdoors, and counting. All from commandeering the backdoors' backdoors' C&C domains. The compromised systems include governmental systems and Bangladesh, China, and Nigeria, universities or higher education systems in Thailand, China, South Korea, and much more. \n Of course, this left watchTowr with responsibility for this backdoor infrastructure. If they allowed the domains to once again lapse, someone with ill-intent would be able to exploit them. But that won't happen, as The Shadowserver Foundation has taken ownership of the domains and will sinkhole them to prevent their use. \n I wonder if watchTowr will be exploring any more abandoned digital infrastructure. I hope they do, the results have been interesting. \n \n https://www.theregister.com/2025/01/08/backdoored_backdoors/ \n https://cyberscoop.com/malicious-hackers-have-their-own-shadow-it-problem/ \n https://labs.watchtowr.com/more-governments-backdoors-in-your-backdoors/ \n \n VulnCon 2025 Approaches \n The 2025 Vulnerability Management Ecosystem Collaboration, Ideation, and Action Conference, aka VulnCon 2025 (let's all agree to never use that full name, OK?), is returning to Raleigh, NC Monday, April 7th through Thursday, April 10th. We'll be back at the North Carolina State University McKimmon Center, the same location as last year. This year it is four days, up from three, and we have more space in the facility, which all translates to more content. I'm saying 'we' because I am, again, one of the organizers, as a co-chair of the CVE.org Vulnerability Conference and Events Working Group (VCEWG). VulnCon is Co-Hosted by FIRST and the CVE Program. \n Last year we sold out the in-person admission and this year, even with the additional capacity, we expect to do so again. So, if you are thinking of attending in person, don't wait too long to register. Standard registration is US $300.00 through March 9th, and late registration is US $375.00 after March 9th - until sold out. Registration includes 'coffee breaks' and buffet lunches, and an on-site Welcome Reception on Monday, April 7. \n VulnCon is a hybrid event, and all panels will be streamed. Virtual admission is only US $100.00. Virtual is better than nothing, but if you can be there in person I encourage it; the Hallway Con is strong. There's also a ticketed Offsite Social on Tuesday, April 8 19:00-21:00 in downtown Raleigh—tickets are $30. \n The CFP is still open (see the next item below), so the 2025 program has yet to be finalized, but you can get an idea of what to expect from last year's program. \n \n https://www.first.org/conference/vulncon2025/ \n \n VulnCon 2025 CFP Extended \n The VulnCon Call For Papers deadline was Wednesday, January 15 - the day I'm wrapping up this edition of TWIS. But on the 14th, having heard from a few procrastinators, we extended the deadline to a hard stop of Friday, January 31, 2025. We will not be extending it again as we need time for the review committee to finalize selections, while leaving enough time for those selected to prepare their materials. \n If you've been procrastinating and thought you missed the deadline, or if this is the first your hearing of this and have something you'd like to present, you have a couple of weeks to get those proposals in. Don't wait until the 31st. If you'd like an idea of the type of content VulnCon is looking for, check out last year's program. \n \n https://www.first.org/conference/vulncon2025/cfp \n \n Pro Tip on VulnCon Hotels \n As mentioned above, VulnCon is in Raleigh, NC April 7–10. The Dreamville (Music) Festival is in Raleigh, NC April 5-6 - the weekend just before VulnCon. This has caused a bit of a squeeze on hotel rooms that weekend. Some hotels are booked for the weekend, and most of them appear to have increased their room rates for those nights due to the increased demand. Unsurprisingly, the lower-priced hotels have the least availability, and if you try to book a room for the week, with a weekend arrival, you may only find more expensive options. Of course, you could always attend the festival and then come to VulnCon and twofer your trip. \n Availability increases, and room rates decrease, beginning Monday. One option would be to arrive Monday morning and avoid the higher weekend rates entirely. Another option is to book whatever is available for the weekend and then make a separate reservation starting on Monday at a more affordable hotel, to reduce your overall travel spend. I need to be there before Monday, so that's what I'm doing—and it saved around $800 for the week. \n In either case, you will be able to check bags at the McKimmon Center for the day. So you could come straight there Monday, or checkout of your first hotel and bring your bag(s) for the day, and then check in to your hotel for the rest of the week that evening. There is a list of suggested hotels on the VulnCon site. Most of them are in and around downtown, but the TownePlace Suites and Holiday Inn Express & Suites are perhaps the closest to the facility, on the other side of campus from downtown, and a very short ride—literally at the end of the road the McKimmon is on. They're both fairly new, built in 2020 I believe, and are decent. I stayed at TownePlace last year and had a great experience, so I will be doing so again. \n Maybe this will save you a little frustration, and a few bucks. \n \n https://www.first.org/conference/vulncon2025/hotel \n \n That Was the Week That Was \n Thank you for your time and attention this week. I hope you found something of value in my ramblings. \n As always, if this is your first TWIS, you can always read past editions. I also encourage you to check out all of the content from the F5 SIRT. \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"16116","kudosSumWeight":2,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkxMzctZ2lyTnhz?revision=3\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:340118":{"__typename":"Conversation","id":"conversation:340118","topic":{"__typename":"TkbTopicMessage","uid":340118},"lastPostingActivityTime":"2025-03-06T09:05:12.587-08:00","solved":false},"User:user:56757":{"__typename":"User","uid":56757,"login":"Jordan_Zebor","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS01Njc1Ny0yMjQwNGkxRjU4NUFCNzdBRjYzQTMz"},"id":"user:56757"},"TkbTopicMessage:message:340118":{"__typename":"TkbTopicMessage","subject":"AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more","conversation":{"__ref":"Conversation:conversation:340118"},"id":"message:340118","revisionNum":5,"uid":340118,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:56757"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"","metrics":{"__typename":"MessageMetrics","views":161},"postTime":"2025-03-06T09:05:05.872-08:00","lastPublishTime":"2025-03-06T09:05:12.587-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Welcome to this week’s notable security news (Feb 24–Mar 2, 2025), brought to you by Jordan_Zebor from F5 SIRT. Although our main focus is usually on emerging threats and protective measures, I recently attended F5 AppWorld 2025 in person and found it invaluable for understanding what’s next in secure application delivery. \n For those who aren’t familiar, F5 AppWorld is an in-person conference packed with sessions, hands-on labs, and networking opportunities—an ideal forum for discussing real-world challenges in securing and optimizing applications. \n F5 AppWorld was especially exciting this year, with one major announcement immediately standing out: ADC 3.0—the industry’s first converged platform for application delivery and security in hybrid multicloud infrastructures. At its core, ADC 3.0 features the F5 AI Gateway, which mitigates threats like sensitive information disclosure and prompt injection, directly addressing the OWASP LLM Top 10 vulnerabilities. From our F5 SIRT perspective, this integrated traffic management and AI-specific threat protection is a big step forward in stopping sophisticated attacks before they reach critical assets. \n Another key development was the new AI assistant for F5 NGINX One. Powered by a large language model trained specifically for NGINX, it offers real-time, context-aware guidance for DevOps, SecOps, NetOps, and Platform Ops teams. By reducing manual troubleshooting and configuration time, it promises noticeable improvements in both performance and security operations. \n F5’s expanded VELOS hardware—including the CX1610 6-Tbps chassis and BX520 400-Gbps blade—also drew significant attention. With the ability to handle 224 million Layer 7 requests per second, VELOS provides robust defenses against large-scale DDoS attacks and other disruptive threats. In an era of escalating assaults, its high throughput and low latency are invaluable for maintaining availability. \n Outside of these technical highlights, astronaut Scott Kelly’s keynote was a memorable conference moment. He offered both humor and insight on resilience and learning from failure, showing how teams can excel under pressure. \n Overall, F5 AppWorld underscored the importance of having direct conversations about strong security practices and real-world application needs. Hearing customers’ challenges firsthand inspires us at F5 SIRT to continuously refine our countermeasures and strategies. For anyone looking to stay ahead of the evolving threat landscape, the innovations unveiled at AppWorld provide a glimpse into what’s possible. If you’d like to learn more, visit F5’s website or contact us directly to explore how these solutions might improve your security posture. \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"2752","kudosSumWeight":3,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339995":{"__typename":"Conversation","id":"conversation:339995","topic":{"__typename":"TkbTopicMessage","uid":339995},"lastPostingActivityTime":"2025-03-04T10:29:42.654-08:00","solved":false},"User:user:217342":{"__typename":"User","uid":217342,"login":"Christopher_Pa1","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS0yMTczNDItSUNpMG9j?image-coordinates=0%2C0%2C160%2C160"},"id":"user:217342"},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk5OTUtcVlHUXNy?revision=4\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk5OTUtcVlHUXNy?revision=4","title":"F5SIRT.jpeg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:339995":{"__typename":"TkbTopicMessage","subject":"U.S. Government cuts, Majorana 1 Chip, CVEs for Mongoose and OpenSSH","conversation":{"__ref":"Conversation:conversation:339995"},"id":"message:339995","revisionNum":4,"uid":339995,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:217342"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" ","introduction":"","metrics":{"__typename":"MessageMetrics","views":412},"postTime":"2025-02-26T11:26:21.781-08:00","lastPublishTime":"2025-03-04T10:29:42.654-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Notable news for the week of February 17th through February 24th. Your editor this week is Chris from the F5 Security Incident Response Team. For this edition, we discuss U.S. government cuts to cyber security and consumer protections; Microsoft’s advancement in the field of quantum computing, and new flaws found in both MongoDB as well as OpenSSH. \n Cuts to Cyber and Consumer Protections \n With the new administration in the US, there have been a large amount of job cuts throughout the federal government. This also includes at least 130 employees being fired from the Cybersecurity and Infrastructure Security Agency (CISA). These cuts are reported to include staff dedicated to election security, fighting misinformation, and foreign influence operations. Along with the cuts, the Department of Government Efficiency (DOGE) arrived at CISA and were given access to the agency’s email and files. DOGE has been gaining access to many sensitive federal agencies that contain a large amount of personal and financial information on Americans. These agencies include the Social Security Administration (SSA), the Department of Homeland Security, the Office of Personnel Management (OPM), and the Treasury Department. DOGE has also been trying to gain access to the systems of the Internal Revenue Service (IRS). From a security standpoint, this is extremely alarming because it appears to be bypassing many security safeguards and measures. This sentiment is reported by many security experts. Another aspect that does not inspire confidence is that the doge.gov website administrators had left their database wide open, allowing someone to publish messages making fun of the insecurity that the site has. \n On the aspect of consumer protection, the Consumer Financial Protection Bureau (CFPB) was ordered to stop most work. The CFPB was created in 2011 to protect consumers from financial institutions that violate consumer protection laws. The newly appointed CFPB director, Russell Vought, has publicly favored abolishing the agency which is alarming since it would remove some of the regulations that exist. \n https://krebsonsecurity.com/2025/02/trump-2-0-brings-cuts-to-cyber-consumer-protections/ \n Microsoft's Majorana 1 Chip \n Microsoft has announced the world's first quantum processor that uses topological qubits. They have named this the Majorana 1. They have designed this to scale to a million qubits on a single chip. Typical qubits are highly sensitive to noise in the environment. This can cause them to lose their quantum state introducing errors. This is known as decoherence. To counter this there needs to be many more qubits added for error correction which means a lot more room needed for just one qubit to work. Topological qubits work by encoding information in the topology of the physical system which in theory, makes each qubit more fault tolerant. Essentially, this means few are needed in the long run to produce a quantum computer. This is a huge achievement but along with it comes the security concerns. The main concern being the ability to do quantum decryption. This technology brings the reality of a fault tolerant protype to years instead of decades. Many believe this will be within 5 to 10 years. \n https://www.securityweek.com/what-microsofts-majorana-1-chip-means-for-quantum-decryption/ \n Critical MongoDB Library Flaws \n Two critical vulnerabilities in a third-party library that MongoDB relies on was found which can lead to stolen data or code to be ran. Mongoose is an Object Data Modeling (ODM) library used by MongoDB to enable database integrations in Node.js applications. Researchers at OPSWAT revealed two critical security flaws that threaten the integrity of data stored in MongoDB as well as opening it up to theft, manipulation, or destruction. \n This first CVE is CVE-2024-53900 which is given a CVSS score of 9.1. This is an SQL injection bug which allows a specially crafted query to bypass MongoDB's server-side JavaScript restrictions potentially leading to a remote code execution (RCE). This was reported in November and patched in version 8.8.3. \n The second CVE is CVE-2025-23061 with a CVSS score of 9.0. This was found by the same researcher and is actually a bypass in the patched version that still allowed for RCE. This was addressed in version 8.9.5. \n https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ \n New OpenSSH Flaws \n Two new security vulnerabilities have been found in the OpenSSH suite which could result in an active Machine-in-the-Middle (MitM) or a Denial-of-Service (DoS) attack under specific conditions. \n The first is CVE-2025-26465 with a CVSS score of 6.8. The OpenSSH client contains a logic error between versions 6.8p1 to 9.9p1 (inclusive) that makes it vulnerable to a MitM attack if the VerifyHostKeyDNS option is enabled. \n The second is CVE-2025-26466 with a CVSS score of 5.9. The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption. \n A successful exploitation of the first one could permit malicious actors to compromise and hijack SSH sessions and possibly gain access to sensitive data. The VerifyHostKeyDNS is disabled by default. \n Exploitation of the second CVE can result in availability issues as indicated by labeling as a DoS vulnerability. \n Both of these CVEs have been addressed in version 9.9p2 of OpenSSH which was released on February 18th. \n https://thehackernews.com/2025/02/new-openssh-flaws-enable-man-in-middle.html ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"5810","kudosSumWeight":2,"repliesCount":1,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk5OTUtcVlHUXNy?revision=4\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339854":{"__typename":"Conversation","id":"conversation:339854","topic":{"__typename":"TkbTopicMessage","uid":339854},"lastPostingActivityTime":"2025-02-19T12:07:55.359-08:00","solved":false},"User:user:419633":{"__typename":"User","uid":419633,"login":"Koichi","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS00MTk2MzMtMjUxMTJpODRENkE1RkUxRjBDNkI2QQ"},"id":"user:419633"},"TkbTopicMessage:message:339854":{"__typename":"TkbTopicMessage","subject":"Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS","conversation":{"__ref":"Conversation:conversation:339854"},"id":"message:339854","revisionNum":3,"uid":339854,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:419633"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" In this article, we discuss security news in Feb 9-15, the topics are: Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS ","introduction":"","metrics":{"__typename":"MessageMetrics","views":139},"postTime":"2025-02-19T12:07:55.359-08:00","lastPublishTime":"2025-02-19T12:07:55.359-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Notable news for the week of Feb 9-15, 2025. This week, your editor is Koichi from F5 Security Incident Response Team. In this edition, I have security news about Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack on GPS. \n We at F5 SIRT invest a lot of time to understand the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency, please contact F5 SIRT. \n \n New Targeted Attack: Exploit PowerShell \n Microsoft Threat Intelligence team has posted series of posts on the X.com that they have observed a new method targeted attack carried out by Kimsuky, a threat actor thought to be North Korea-linked, since January 2025. \n The malicious attacker who uses this method first impersonates a South Korean government official and builds trust over time with the target person (who should be in South Korea). And they send a spear-phishing e-mail to the target with a PDF attachment. The target person will be persuaded to click a URL containing a list of steps to register their Windows system. \n Once URL is clicked, it prompts to launch PowerShell as an administrator and copy/paste the displayed code snippet into the terminal, and it downloads a browser-based remote desktop tool that runs in the browser, and installs it with a certificate file with a hard-coded PIN from a remote server. This code allows the malicious attacker to take control of the target PC and exfiltrate sensitive information on it. \n This targeted attack methodology uses the ClickFix method. And this method is observed in other threat campaigns. In December 2024, people connected to the Contagious Interview campaign are tricking users into copying and using a bad command on their Apple macOS systems through the Terminal app. Then, the bad attacker can access the camera and microphone through the web browser. \n Source: North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack \n \n Detailed Report of the Ransomware Attack \n On May 19, 2024, a ransomware group broke into the information system of Okayama Psychiatric Medical Center in Okayama prefecture. This caused the electronic medical record (EMR) to be completely shut down. The Okayama Psychiatric Medical Center’s system vendor looked into the incident on the same day. The investigation showed that many servers and clients were attacked and ransomware locked storage. They attempted to recover the system, however, they could not due to loss of all mission-critical data. \n Furthermore, it was later discovered that up to 40,000 people’s personal information had been leaked. This ransomware attack was the reported 15th ransomware attack against a hospital in Japan. It took 90 days to recover the information system, including the EMR. Subsequently, an incident investigation was conducted by an external committee, and the report of the investigation, the \"Ransomware Incident Investigation Report\" was published on February 13, 2025. The report is 62 pages long, and readers can learn about the incident and subsequent response, and lessons from them. \n The report says that VPN devices were probably the first targets of the attack. It is possible that weak passwords or the same passwords as other devices were used. Additionally, system hardening measures such as software updates and/or detail logging setting may not have been taken. The day after the attack was found, the internet was shut off to stop it. The whole system was scanned by many Anti-Virus programs. In addition, password policies were tightened and remote desktop connections were locked out. \n The Okayama Psychiatric Medical Center has made this report public so that other hospitals or organizations can take preventive measures against ransomware attacks. And many cyber-security professionals will draw lessons from this report. \n Source: Ransomware Incident Investigation Report (Japanese) \n \n \"Active Cyber Defense\" Part 3 \n In a former TWIS articles, I wrote about the “Active Cyber Defense” that the Japanese government is trying to introduce, and there was progress. \n The Japanese government worried that no one could do counter-cyber attacks in the event of a cyber attack under the current legal regime, so they have been preparing an “Active Cyber Defense” bill which aims at strengthening national cyber security capabilities. \n The bill was supposed to be sent by the end of 2024. However, it was delayed and approved by the country’s main Liberal Democratic Party (LDP) in January. The cabinet finally approved the bill on February 7, and it was sent to the Diet. After deliberations in the House of Representatives and the House of Councilors, the bill is expected to be enacted. The bill aims to take more proactive measures against cyber attacks before they cause widespread damage. \n The Japanese government’s urgency to pass this bill can be attributed to the recent surge in DOS attacks and the fact that 70% of email attacks are in Japanese. This is also supported by a warning in January from Japan's national police that Chinese state-backed threat actor MirrorFace has been committing wide-scale cyber espionage since 2019 to steal Japan's national security secrets. \n However, even if the active cyber defense is enacted, there are still problems: while it is named as “Active”, it cannot actually be preempted and can only be activated after suffering an attack, and they do not have enough personnel to do it nation-wide. Source: Japan Goes on Offense With New 'Active Cyber Defense' Bill \n \n Another attack methodology to GPS \n Modern vehicles, ships, and aircraft use Global Navigation Satellite System (GNSS) positioning. This lets anyone know their position at any time. GPS is the most used GNSS, and people call GNSS positioning GPS. Since GPS is also used for weapons, it is interfered with on the battlefield. Its effects go beyond the battlefield. GPS jamming and spoofing attacks have been observed around the Black Sea. \n The most well-known GPS jamming attacks are jamming and spoofing attacks. However, on February 12, a paper was published on a new vulnerability in GPS systems. It is called the Trip Data to Trajectory-User Linking attack. \n Privacy related to location data is often not addressed due to the priority placed on practicality. However, some can remove personal identifiers from GPS data to protect privacy. \n However, this paper argues that simply removing personal identifiers from GPS data does not preserve privacy. The Trip Data to Trajectory-User Linking attack is an attack that can get the user’s personal identifiers from the trip data. This attack removes personal identifiers. So only removing personal identifiers no longer safe. \n The paper also argues that users who frequent places visited by only a few others tend to be more vulnerable to re-identification. \n Source: Investigating Vulnerabilities of GPS Trip Data to Trajectory-User Linking Attacks ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"7292","kudosSumWeight":1,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339691":{"__typename":"Conversation","id":"conversation:339691","topic":{"__typename":"TkbTopicMessage","uid":339691},"lastPostingActivityTime":"2025-02-11T13:18:14.052-08:00","solved":false},"User:user:172154":{"__typename":"User","uid":172154,"login":"Lior_Rotkovitch","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://community.f5.com/t5/s/zihoc95639/images/dS0xNzIxNTQtMjAxMzJpNEEwNDMzMEE3QzhGNzhDRA"},"id":"user:172154"},"TkbTopicMessage:message:339691":{"__typename":"TkbTopicMessage","subject":"Agentic AI with Social Engineering, JavaScript Stealer and the Silent Lynx","conversation":{"__ref":"Conversation:conversation:339691"},"id":"message:339691","revisionNum":2,"uid":339691,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:172154"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" The cybersecurity landscape is evolving rapidly, with organizations facing increasingly sophisticated threats and vulnerabilities across various attack surfaces. Critical security flaws, like the recently patched Cisco ISE vulnerabilities, highlight the risks posed by privilege escalation and remote code execution exploits. Meanwhile, advanced threat actors such as Silent Lynx are employing multi-stage cyberattacks using PowerShell, Golang, and C++ loaders to infiltrate government entities and financial institutions, demonstrating a growing emphasis on espionage. At the same time, cybercriminals are leveraging AI to automate phishing, malware development, and large-scale fraud, putting additional pressure on Security Operations Center (SOC) analysts who are already overwhelmed by alert fatigue and manual processes. To counter these challenges, organizations are increasingly adopting AI-driven security solutions to enhance efficiency, automate threat detection, and strengthen their overall cyber resilience. The arms race between attackers and defenders continues, making proactive security strategies more critical than ever. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":133},"postTime":"2025-02-11T13:18:14.052-08:00","lastPublishTime":"2025-02-11T13:18:14.052-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Notable security news for the week of Feb 2nd – Feb 8th, 2025. This week’s editor is Lior from F5 SIRT. The cybersecurity world is changing quickly. Organizations are facing more advanced threats and vulnerabilities on different attack surfaces. Critical security flaws, like the recently patched Cisco ISE vulnerabilities, highlight the risks posed by privilege escalation and remote code execution exploits. Meanwhile, advanced threat actors like Silent Lynx are using multiple cyberattacks using PowerShell, GoLang, and C++ loaders to get into government and financial institutions. This shows that they are more and more focused on spying. Cybercriminals are using AI to automate phishing, malware creation, and large-scale fraud. This is making it harder for Security Operations Center (SOC) analysts to keep up with the number of alerts and manual processes. To counter these challenges, organizations are increasingly adopting AI-driven security solutions to improve efficiency, automate threat detection, and strengthen their overall cyber resilience. The arms race between attackers and defenders continues, making proactive security strategies more critical than ever. \n \n Application SecurityHow Agentic AI will be Weaponized for Social Engineering Attacks \n \"How Agentic AI will be Weaponized for Social Engineering Attacks\" discusses the escalating threat of social engineering attacks enhanced by advancements in artificial intelligence (AI), particularly agentic AI. Agentic AI refers to AI systems capable of autonomous actions and decision-making, enabling them to execute complex tasks without human intervention. \n Key Points: \n \n Personalized Phishing: AI algorithms can analyze data from social media and open-source intelligence (OSINT) to craft highly personalized and convincing spear-phishing attacks. By understanding an individual's background, interests, employment, and connections, AI can generate tailored messages that increase the likelihood of deceiving the target. \n Contextual Content Creation: Tools like ChatGPT and Copilot assist in drafting phishing emails that are grammatically correct, contextually appropriate, and translatable into any local language. AI can mimic specific writing styles or tones, making fraudulent communications appear legitimate and trustworthy. \n Realistic Deepfakes: Threat actors utilize deepfake technology to create convincing virtual personas and audio clones of senior executives or trusted business partners. These deepfakes can deceive employees into sharing sensitive information, transferring funds, or granting access to organizational networks. \n Multi-Stage Campaigns: Agentic AI can orchestrate complex, multi-stage social engineering attacks. For instance, an initial phishing attempt might gather minor information from a target, which the AI then uses to inform subsequent actions, creating a dynamic and evolving attack strategy. \n \n The article emphasizes that as AI continues to evolve, particularly with the rise of agentic AI capable of autonomous decision-making, the sophistication and effectiveness of social engineering attacks are likely to increase. Organizations must remain vigilant and adopt advanced security measures to counter these evolving threats. \n https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/ \n \n Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign \n The article \"Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign\" highlights a sophisticated phishing operation by the North-Korea-linked Lazarus Group, targeting professionals in the cryptocurrency and travel sectors. \n Attack Overview: \n \n Initial Contact: The attackers initiate contact through professional networks like LinkedIn, offering enticing job opportunities with promises of remote work, flexible hours, and attractive compensation. \n Data Collection: Once the target shows interest, the attackers request personal information such as resumes or GitHub repository links, under the pretense of the recruitment process. \n Malicious Code Deployment: The attackers then share a link to a GitHub or Bitbucket repository containing a supposed decentralized exchange (DEX) project. Within this code lies an obfuscated script designed to download a JavaScript-based information stealer from a remote server. \n \n Malware Capabilities: \n \n Data Harvesting: The JavaScript stealer is engineered to extract information from various cryptocurrency wallet extensions installed in the victim's browser. \n Secondary Payload Delivery: Beyond data theft, the stealer functions as a loader, deploying a Python-based backdoor that monitors clipboard activity, maintains persistent remote access, and facilitates the installation of additional malware. \n \n Technical Insights: \n Bitdefender's analysis shows that this campaign shares similarities with a known attack cluster dubbed \"Contagious Interview,\" which employs a JavaScript stealer named BeaverTail and a Python implant called InvisibleFerret. The evolving tactics and malware variants suggest that the threat actors are continuously refining their methods to enhance effectiveness. \n Conclusion: \n This campaign underscores the increasing sophistication of social engineering attacks, particularly those targeting individuals in the cryptocurrency sector. Professionals are advised to exercise caution when approached with unsolicited job offers and to scrutinize any shared code repositories for malicious content. \n https://thehackernews.com/2025/02/cross-platform-javascript-stealer.html \n \n Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc \n Cisco has released updates to address two critical vulnerabilities in its Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on affected devices. \n Vulnerabilities: \n \n CVE-2025-20124 (CVSS score: 9.9): An insecure Java deserialization vulnerability in a Cisco ISE API could permit an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. \n CVE-2025-20125 (CVSS score: 9.1): An authorization bypass vulnerability in a Cisco ISE API could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. \n \n Use these flaws by sending a crafted Java object or an HTTP request to an unknown API endpoint. This will cause privileges to be increased and code to be executed. \n https://thehackernews.com/2025/02/cisco-patches-critical-ise.html \n \n Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks \n The article \"Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks\" discusses a previously undocumented threat actor, dubbed Silent Lynx, targeting entities in Kyrgyzstan and Turkmenistan. \n Key Points: \n \n Targeted Entities: Silent Lynx has been linked to attacks on embassies, lawyers, government-backed banks, and think tanks in Eastern Europe and Central Asia, particularly those involved in economic decision-making and the banking sector. \n Attack Vectors: The group employs spear-phishing emails containing RAR archive attachments to deliver malicious payloads. \n \n Campaign 1: Detected on December 27, 2024, this campaign uses a RAR archive that launches an ISO file containing a malicious C++ binary and a decoy PDF. The executable runs a PowerShell script that utilizes Telegram bots for command execution and data exfiltration. \n Campaign 2: This approach involves a malicious RAR archive with a decoy PDF and a GoLang executable, which establishes a reverse shell to an attacker-controlled server. \n \n Tactics and Tools: Silent Lynx demonstrates a sophisticated multi-stage attack strategy using ISO files, C++ loaders, PowerShell scripts, and GoLang implants. They rely on Telegram bots for command and control and employ decoy documents to facilitate their operations. \n Regional Focus: The group's activities highlight a focus on espionage in Central Asia and SPECA (Special Programme for the Economies of Central Asia) nations. \n \n Seqrite Labs has observed some tactical overlaps between Silent Lynx and YoroTrooper (aka SturgeonPhisher), another threat actor targeting Commonwealth of Independent States (CIS) countries using PowerShell and Golang tools. \n This analysis underscores the evolving tactics of threat actors in the region and the importance of robust cybersecurity measures to counter such sophisticated multi-stage attacks. \n https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html \n \n SOC Analysts - Reimagining Their Role Using AI \n Security Operations Center (SOC) analysts are facing increasing challenges, from overwhelming alert volumes to advanced AI-driven cyber threats. Many analysts experience burnout due to repetitive tasks and alert fatigue, leading to high turnover rates. Meanwhile, attackers are using AI for phishing, malware development, and automated vulnerability exploitation. To combat these threats, modern SOCs are integrating AI-powered solutions to automate triage, streamline workflows, and enhance overall cybersecurity resilience. \n https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html \n \n Cyber Insights 2025: OT Security \n The article \"Cyber Insights 2025: OT Security\" from SecurityWeek delves into the evolving landscape of Operational Technology (OT) cybersecurity, emphasizing the heightened risks and unique challenges associated with OT systems. \n Key Highlights: \n \n Distinct Nature of OT Systems: OT encompasses hardware and software that manage physical devices in industrial settings, including ICS, SCADA systems, IoT devices, programmable logic controllers, and Human-Machine Interfaces (HMIs). These systems are integral to critical infrastructure sectors, making their security paramount. \n Elevated Risks Compared to IT: The article underscores that OT risks surpass those in traditional IT environments. Potential consequences of OT security breaches include social disruption, physical harm to individuals, economic damage, and threats to national security. \n Anticipated Trends for 2025: \n \n Advancements in Defender Strategies: As legacy equipment is phased out and replaced with modern systems, default security measures are expected to improve, reducing vulnerabilities like easily compromised credentials. \n Evolution of Attacker Tools: Concurrently, cyber adversaries are anticipated to enhance their tools and techniques. A successful breach could lead to sophisticated network implants, posing significant challenges for OT security teams. \n \n \n In summary, the article highlights the dynamic and escalating challenges in OT cybersecurity, emphasizing the need for continuous adaptation and vigilance to safeguard critical infrastructure. \n https://www.securityweek.com/cyber-insights-2025-ot-security/ \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"11075","kudosSumWeight":2,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339518":{"__typename":"Conversation","id":"conversation:339518","topic":{"__typename":"TkbTopicMessage","uid":339518},"lastPostingActivityTime":"2025-02-04T15:38:12.837-08:00","solved":false},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk1MTgtamZja3Yy?revision=7\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk1MTgtamZja3Yy?revision=7","title":"SIRT_DevCentral.jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:339518":{"__typename":"TkbTopicMessage","subject":"Copilot’s Weakness, DeepSeek Data exposed, Backdoor in Contec CMS8000 & Apple's Zero-Day","conversation":{"__ref":"Conversation:conversation:339518"},"id":"message:339518","revisionNum":7,"uid":339518,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:73921"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" \n Notable security news for the week of Jan 26th-1st Feb 2025, brought to you by the F5 Security Incident Response Team. This week your editor is Dharminder. In this edition, I have security news about weakness in GitHub’s Copilot - where a simple word “sure” can drastically change its response and much more, Wiz Research discovered DeepSeek’s database, accessible without authentication, contained over a million log entries, including chat history, API keys, backend details, and operational metadata, FDA’s warning on backdoor and some other vulnerabilities discovered in Contact CMS8000 patient monitor and Fix of Zero-Day vulnerability in Apple OS exploited in wild is released. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":345},"postTime":"2025-02-04T15:38:12.837-08:00","lastPublishTime":"2025-02-04T15:38:12.837-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Notable security news for the week of Jan 26th-1st Feb 2025, brought to you by the F5 Security Incident Response Team. This week, your editor is Dharminder. In this edition, I have security news about weaknesses in GitHub’s Copilot — where a simple word “sure” can drastically change its response; and much more. Wiz Research found that DeepSeek’s database, which could be accessed without a password, had over a million log entries. These entries include chat history, API keys, backend details, and operational metadata. The FDA warned about a backdoor, and some other weaknesses were found in the Contact CMS8000 patient monitor. Fix of Zero-Day vulnerability in Apple OS exploited in wild is released. \n We at F5 SIRT invest a lot of time to understand the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency please contact F5 SIRT. \n Ok, let’s get started and see the details of the security news. \n \n GitHub Copilot weakness - \"Sure\" \n Apex Security identified two critical vulnerabilities in GitHub Copilot, exposing weaknesses in AI security. The first, an “affirmation jailbreak,” allows attackers to bypass ethical safeguards by starting prompts with \"Sure.\" This minute control enables Copilot to generate instructions for unethical tasks like SQL injection and fake Wi-Fi setups. Normally, Copilot rejects such requests, but the added word alters its response behavior, highlighting AI’s susceptibility to contextual influence. The second exploit involves modifying Copilot’s proxy settings to intercept authentication tokens. By rerouting traffic through a custom proxy, researchers gained unrestricted access to OpenAI models, bypassing security controls and subscription fees. This loophole allows unauthorized API requests, raising concerns over financial, security, and ethical implications. Free access to enterprise-grade AI resources could lead to financial losses, while unregulated model usage increases the risk of generating harmful content. GitHub dismissed the findings as “informative,” arguing that an active Copilot license is required to exploit them. However, Apex urged stronger safeguards, including stricter proxy validation and improved ethical filters. As AI-driven coding tools become mainstream, robust security measures are crucial to preventing exploitation. These vulnerabilities highlight the ongoing challenge of balancing AI innovation with responsible implementation. \n https://www.apexhq.ai/blog/blog/2025-github-copilot-vulnerabilities-technical-overview/?utm_source=tldrinfosec \n https://gbhackers.com/github-copilot-vulnerability-exploited/#:~:text=A%20Single%20Word%20Unlocks%20Copilot's,to%20bypass%20its%20ethical%20filters \n https://www.darkreading.com/vulnerabilities-threats/new-jailbreaks-manipulate-github-copilot \n \n DeepSeek - Sensitive Data exposed \n Wiz Research discovered an exposed ClickHouse database belonging to DeepSeek, a Chinese AI startup known for its DeepSeek-R1 model. The database, accessible without authentication, contained over a million log entries, including chat history, API keys, backend details, and operational metadata. Researchers found the exposure while scanning DeepSeek’s public domains and detected open ports (8123 and 9000) leading to unrestricted database access. Using ClickHouse’s SQL interface, they confirmed the presence of sensitive data, highlighting a critical security flaw. This exposure posed risks of unauthorized access, data exfiltration, and privilege escalation. While DeepSeek quickly secured the database after disclosure, the incident underscores the broader risks of AI infrastructure security. As AI adoption accelerates, companies must prioritize protecting sensitive data, implementing strict access controls, and working closely with security teams to prevent misconfigurations. The fast growth of AI tools without security frameworks makes systems vulnerable. Strong security measures are needed to protect AI-driven operations. \n https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak?utm_source=tldrinfosec \n https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/ \n \n Flaws in Contec CMS8000 (Patient Monitors) Pose Risks to Healthcare Devices and Data. \n The FDA warns that cybersecurity vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors could put patients at risk when connected to the internet. Three key threats include unauthorized remote control, compromised software with a backdoor, and patient data exfiltration. These vulnerabilities can allow attackers to disable, manipulate, or control the devices, affecting all connected monitors on the same network. The FDA notes that these devices were only authorized for wired connectivity, yet some versions include unauthorized wireless capabilities. The Cybersecurity and Infrastructure Security Agency (CISA) discovered that once online, the monitors collect and transmit patient data, including personally identifiable and health information, to an external source. No known incidents, injuries, or deaths have been reported, but the FDA advises caution. Patients should confirm whether their devices use remote monitoring and, if so, disconnect and seek alternatives. If remote monitoring is unnecessary, all network connections should be disabled. Healthcare providers and facility staff should inspect devices for anomalies, follow CISA recommendations, and report any issues to the FDA. There is currently no software patch available. The FDA and CISA are working with Contec to address the vulnerabilities and will provide updates as needed. Devices can be identified through their unique device identifier (UDI). The FDA continues to monitor the situation to protect patient safety. \n https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication \n https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/ \n https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html \n \n Apple Zero-Day - CVE-2025-24085 \n Apple has released updates to address multiple security vulnerabilities, including a zero-day flaw (CVE-2025-24085) that has been exploited in the wild. This problem in the Core Media part could let a bad app gain more power on devices that have iOS, iPadOS, and macOS versions before iOS 17.2. The issue has been resolved with improved memory management in several Apple devices, including iPhones, iPads, Macs, Apple TV, and Apple Watch. Additionally, five AirPlay security flaws were patched, which could have caused system crashes, a denial-of-service (DoS), or arbitrary code execution. Google’s Threat Analysis Group reported three vulnerabilities in CoreAudio, which could lead to unexpected app terminations. Apple has not provided details on the exploitation methods or the attackers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-24085 to its list of known exploited vulnerabilities. The agency is asking federal agencies to fix the problem by February 19, 2025. \n \n https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html \n https://www.techtarget.com/searchsecurity/news/366618572/Apple-zero-day-vulnerability-under-attack-on-iOS-devices ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"7723","kudosSumWeight":3,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzk1MTgtamZja3Yy?revision=7\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"Conversation:conversation:339393":{"__typename":"Conversation","id":"conversation:339393","topic":{"__typename":"TkbTopicMessage","uid":339393},"lastPostingActivityTime":"2025-01-28T11:06:02.654-08:00","solved":false},"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkzOTMtRmpBaHhT?revision=3\"}":{"__typename":"AssociatedImage","url":"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkzOTMtRmpBaHhT?revision=3","title":"SIRT_DevCentral.jpg","associationType":"TEASER","width":680,"height":383,"altText":""},"TkbTopicMessage:message:339393":{"__typename":"TkbTopicMessage","subject":"Subaru, Mastercard, TikTok and Roundup","conversation":{"__ref":"Conversation:conversation:339393"},"id":"message:339393","revisionNum":3,"uid":339393,"depth":0,"board":{"__ref":"Tkb:board:security-insights"},"author":{"__ref":"User:user:129412"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":261},"postTime":"2025-01-28T11:06:02.654-08:00","lastPublishTime":"2025-01-28T11:06:02.654-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Introduction \n Kyle Fox back again with three stories and a roundup from this last week. First we see a repeat of the Kia telematics story with Subaru, then an underreported issue with Mastercard, and finally the bookend to Arvin's writeup on the TikTok ban, the TikTok Unban. This week also includes a roundup which has some major stories in it, so be sure to check that out. \n \n Subaru Starlink Discoveries \n This week, Sam Curry and team discovered much the same vulnerabilities in Subaru Starlink as they had in KIA's backend this previous September. As legacy automotive companies push to support connected services in their vehicles they are increasingly turning to contractors or standing up new software teams internally. Without the institutional knowledge of a traditional software company and the management knowledge to prioritize security in these new initiatives, they are creating software and system that are vulnerable, not just in a literal vulnerabilities in the website sense but on a architectural sense. Dealers probably should not be able to administer any vehicle in the Subaru global fleet without any restrictions. \n \n Mastercard DNS Problem Hints at Past Exploitation \n Security researcher Phillippe Caturegli discovered a typo in the DNS server list for az.mastercard.com instead of the Akamai DNS server address of a22-65.akam.net it pointed towards a22-65.akam.ne, an address at the then-non-existant domain akam.ne, which would need to be registered in the West African country of Niger. Phillippe proceeded to register this domain, which took a while and $300, what he observed through DNS traffic sent to it was that not only MasterCard traffic but traffic from other domains that presumably had similar typos in their DNS configuration. \n Where this gets interesting is that after notifying MasterCard, the company said that the misconfiguration did not pose any security risk, so Phillippe posted a summary on his Link-In blog. After posting this, he was notified by BugCrowd that MasterCard had made a complaint about his post through the platform and that it violated the responsible disclosure guidelines. Phillippe acknowledges having a BugCrowd account, but had never participated in MasterCard's bug bounty program nor was any communication about this issue done through the platform. \n Finally, Phillippe noted that the domain akam.ne had been previously registered by a user with a Russian email address, much like DNS typo-squatting observed in a 2017 report (PDF Warning) that one of the authors linked to in a comment on Phillippe's post. \n \n TikTok Unbanned? \n After shutting down in the US, TikTok has secured a promise from the incoming administration that it will not enforce the ban. The service returned to the United States late on Sunday, but there are still issues with availability in app stores. It is not clear what will happen with the platform. A large number of potential suiters have been named in the media, including but not limited to Microsoft, Oracle, Perplexly, Elon Musk, Frank McCourt, and even MrBeast. \n \n Roundup \n \n Turns out that the Tesla Roadster SpaceX launched into space in 2018 was mistaken for an asteroid. \n CURL author Daniel Stenberg is upset with CVSS. \n Trump Administration terminated the DHS cybersecurity advisory boards. \n Exit interview with former CISA head Jen Easterly. \n Lenticular QR codes? Why not? \n UnitedHealth's ransomware breach at Change Healthcare affected 190 million people. \n New York considers background checks for 3D printers. \n ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"3569","kudosSumWeight":3,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuMnwyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://community.f5.com/t5/s/zihoc95639/images/bS0zMzkzOTMtRmpBaHhT?revision=3\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}}},"CachedAsset:text:en_US-components/community/Navbar-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/Navbar-1743097587932","value":{"community":"Community Home","inbox":"Inbox","manageContent":"Manage Content","tos":"Terms of Service","forgotPassword":"Forgot Password","themeEditor":"Theme Editor","edit":"Edit Navigation Bar","skipContent":"Skip to content","migrated-link-9":"Groups","migrated-link-7":"Technical Articles","migrated-link-8":"DevCentral News","migrated-link-1":"Technical Forum","migrated-link-10":"Community Groups","migrated-link-2":"Water Cooler","migrated-link-11":"F5 Groups","Common-external-link":"How Do I...?","migrated-link-0":"Forums","article-series":"Article Series","migrated-link-5":"Community Articles","migrated-link-6":"Articles","security-insights":"Security Insights","migrated-link-3":"CrowdSRC","migrated-link-4":"CodeShare","migrated-link-12":"Events","migrated-link-13":"Suggestions"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarHamburgerDropdown-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarHamburgerDropdown-1743097587932","value":{"hamburgerLabel":"Side Menu"},"localOverride":false},"CachedAsset:text:en_US-components/community/BrandLogo-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/BrandLogo-1743097587932","value":{"logoAlt":"Khoros","themeLogoAlt":"Brand Logo"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarTextLinks-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarTextLinks-1743097587932","value":{"more":"More"},"localOverride":false},"CachedAsset:text:en_US-components/authentication/AuthenticationLink-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/authentication/AuthenticationLink-1743097587932","value":{"title.login":"Sign In","title.registration":"Register","title.forgotPassword":"Forgot Password","title.multiAuthLogin":"Sign In"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeLink-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeLink-1743097587932","value":{"place":"Place {name}"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagSubscriptionAction-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagSubscriptionAction-1743097587932","value":{"success.follow.title":"Following Tag","success.unfollow.title":"Unfollowed Tag","success.follow.message.followAcrossCommunity":"You will be notified when this tag is used anywhere across the community","success.unfollowtag.message":"You will no longer be notified when this tag is used anywhere in this place","success.unfollowtagAcrossCommunity.message":"You will no longer be notified when this tag is used anywhere across the community","unexpected.error.title":"Error - Action Failed","unexpected.error.message":"An unidentified problem occurred during the action you took. Please try again later.","buttonTitle":"{isSubscribed, select, true {Unfollow} false {Follow} other{}}","unfollow":"Unfollow"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListTabs-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListTabs-1743097587932","value":{"mostKudoed":"{value, select, IDEA {Most Votes} other {Most Likes}}","mostReplies":"Most Replies","mostViewed":"Most Viewed","newest":"{value, select, IDEA {Newest Ideas} OCCASION {Newest Events} other {Newest Topics}}","newestOccasions":"Newest Events","mostRecent":"Most Recent","noReplies":"No Replies Yet","noSolutions":"No Solutions Yet","solutions":"Solutions","mostRecentUserContent":"Most Recent","trending":"Trending","draft":"Drafts","spam":"Spam","abuse":"Abuse","moderation":"Moderation","tags":"Tags","PAST":"Past","UPCOMING":"Upcoming","sortBymostRecent":"Sort By Most Recent","sortBymostRecentUserContent":"Sort By Most Recent","sortBymostKudoed":"Sort By Most Likes","sortBymostReplies":"Sort By Most Replies","sortBymostViewed":"Sort By Most Viewed","sortBynewest":"Sort By Newest Topics","sortBynewestOccasions":"Sort By Newest Events","otherTabs":" Messages list in the {tab} for {conversationStyle}","guides":"Guides","archives":"Archives"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/QueryHandler-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/QueryHandler-1743097587932","value":{"title":"Query Handler"},"localOverride":false},"Category:category:top":{"__typename":"Category","id":"category:top","nodeType":"category"},"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarDropdownToggle-1743097587932","value":{"ariaLabelClosed":"Press the down arrow to open the menu"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/OverflowNav-1743097587932","value":{"toggleText":"More"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewInline-1743097587932","value":{"bylineAuthor":"{bylineAuthor}","bylineBoard":"{bylineBoard}","anonymous":"Anonymous","place":"Place {bylineBoard}","gotoParent":"Go to parent {name}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Pager/PagerLoadMore-1743097587932","value":{"loadMore":"Show More"},"localOverride":false},"CachedAsset:text:en_US-components/customComponent/CustomComponent-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/customComponent/CustomComponent-1743097587932","value":{"errorMessage":"Error rendering component id: {customComponentId}","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-components/users/UserLink-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/users/UserLink-1743097587932","value":{"authorName":"View Profile: {author}","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSubject-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSubject-1743097587932","value":{"noSubject":"(no subject)"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageTime-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageTime-1743097587932","value":{"postTime":"Published: {time}","lastPublishTime":"Last Update: {time}","conversation.lastPostingActivityTime":"Last posting activity time: {time}","conversation.lastPostTime":"Last post time: {time}","moderationData.rejectTime":"Rejected time: {time}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/nodes/NodeIcon-1743097587932","value":{"contentType":"Content Type {style, select, FORUM {Forum} BLOG {Blog} TKB {Knowledge Base} IDEA {Ideas} OCCASION {Events} other {}} icon"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageUnreadCount-1743097587932","value":{"unread":"{count} unread","comments":"{count, plural, one { unread comment} other{ unread comments}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageViewCount-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageViewCount-1743097587932","value":{"textTitle":"{count, plural,one {View} other{Views}}","views":"{count, plural, one{View} other{Views}}"},"localOverride":false},"CachedAsset:text:en_US-components/kudos/KudosCount-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/kudos/KudosCount-1743097587932","value":{"textTitle":"{count, plural,one {{messageType, select, IDEA{Vote} other{Like}}} other{{messageType, select, IDEA{Votes} other{Likes}}}}","likes":"{count, plural, one{like} other{likes}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageRepliesCount-1743097587932","value":{"textTitle":"{count, plural,one {{conversationStyle, select, IDEA{Comment} OCCASION{Comment} other{Reply}}} other{{conversationStyle, select, IDEA{Comments} OCCASION{Comments} other{Replies}}}}","comments":"{count, plural, one{Comment} other{Comments}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBody-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBody-1743097587932","value":{"showMessageBody":"Show More","mentionsErrorTitle":"{mentionsType, select, board {Board} user {User} message {Message} other {}} No Longer Available","mentionsErrorMessage":"The {mentionsType} you are trying to view has been removed from the community.","videoProcessing":"Video is being processed. Please try again in a few minutes.","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1743097587932":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserAvatar-1743097587932","value":{"altText":"{login}'s avatar","altTextGeneric":"User's avatar"},"localOverride":false}}}},"page":"/tags/TagPage/TagPage","query":{"tagName":"TWIS"},"buildId":"q_bLpq2mflH0BeZigxpj6","runtimeConfig":{"buildInformationVisible":false,"logLevelApp":"info","logLevelMetrics":"info","openTelemetryClientEnabled":false,"openTelemetryConfigName":"f5","openTelemetryServiceVersion":"25.2.0","openTelemetryUniverse":"prod","openTelemetryCollector":"http://localhost:4318","openTelemetryRouteChangeAllowedTime":"5000","apolloDevToolsEnabled":false,"inboxMuteWipFeatureEnabled":false},"isFallback":false,"isExperimentalCompile":false,"dynamicIds":["./components/customComponent/CustomComponent/CustomComponent.tsx","./components/community/Navbar/NavbarWidget.tsx","./components/community/Breadcrumb/BreadcrumbWidget.tsx","./components/tags/TagsHeaderWidget/TagsHeaderWidget.tsx","./components/messages/MessageListForNodeByRecentActivityWidget/MessageListForNodeByRecentActivityWidget.tsx","./components/tags/TagSubscriptionAction/TagSubscriptionAction.tsx","./components/customComponent/CustomComponentContent/TemplateContent.tsx","../shared/client/components/common/List/ListGroup/ListGroup.tsx","./components/messages/MessageView/MessageView.tsx","./components/messages/MessageView/MessageViewInline/MessageViewInline.tsx","../shared/client/components/common/Pager/PagerLoadMore/PagerLoadMore.tsx","./components/customComponent/CustomComponentContent/HtmlContent.tsx","./components/customComponent/CustomComponentContent/CustomComponentScripts.tsx"],"appGip":true,"scriptLoader":[]}