SlideShare ist ein Scribd-Unternehmen logo

Software management, the seasonal return of DDoS - This Week in Security.pdf

Lior Rotkovitch
Lior Rotkovitch

dc

Wissenschaft
1 von 7
Downloaden Sie, um offline zu lesen
 Help   Technical Articles F5 SMEs share good practice. Turn on suggestions Topics with No Replies | Recent Solutions | Contact DevCentral Search all content  BIG-IP 13.1.x reaches EoSD on December 31, 2022. Upgrade to 14.1.x or later to ensure access to software patches beyond this date. See K5903 DevCentral  Technical Articles  Software management, the seasonal return of DDoS -... Options  Software management, the seasonal return of DDoS - F5 SIRT- This Week in Security: 10/9 - 10/15 Lior_Rotkovitch F5 SIRT on ‎ 20-Oct-2022 01:14  This Week in Security October 9th to October 15th, 2022 "Software security management, the seasonal return of DDoS and cyber-attacks will get you to real prison" Editor's introduction
This week editor is Lior Rotkovitch. October is Cybersecurity Awareness Month and F5 promotes this event both externally and internally with discussions and knowledge being transfered. This makes you see over and over the huge impact of security on our day-to-day life in general, and on hardware and software products and service in specific. Reading security news lately feels like we have more major challenges to overcome. Yet another CVE exploitation, more security for software end of life, and what can we do when a 0day will be in our cars? DDoS is always a for sure way to hit the headlines; and cyber crime will get you to real jail. My recommendation for this week: One of the high profile topics is the software supply chain problem that is described nicely at Ryan Naraine's Security Conversations--mentioning that not long ago we all said that open source was considered a more secure software since more eyes were watching it. They also talk about the SBOM concept as a good starting point for solving this topic. Until next time, keep it up. Lior. Twitter: @rotkovitch PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin Automotive Security Threats Are More Critical Than Ever Over 45,000 VMware ESXi servers just reached end-of-life Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack Russian DDoS attack project pays contributors for more firepower US airports' sites taken down in DDoS attacks by pro-Russian hackers International crackdown on West-African financial crime rings How Wi-Fi spy drones snooped on financial firm Security M&A PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin Remember the critical Fortinet CVE that Dharminder mention last week ? This is one of those cases that a POC and then a operational exploit is being released. This is then fed into the botnets scanning web and the race to patch that I described begins. So I'm sending my support to the Fortinet security team. “On Monday, the company made public an advisory and confirmed that the zero-day flaw had been exploited in at least one attack. This suggested that the attack observed by Fortinet was likely the work of a sophisticated — likely state- sponsored — threat actor. However, as more details are coming to light, it’s increasingly likely that CVE- 2022-40684 will be widely exploited.
Penetration testing company Horizon3.ai has made public a PoC exploit that allows an attacker to add an SSH key to the admin user, enabling the attacker to access the targeted system with administrator privileges. The firm has also released technical details, and others have created templates for vulnerability scanners. There have been several reports over the past day indicating that scanning for systems affected by CVE- 2022-40684 is underway. Threat intelligence firm GreyNoise has seen exploitation attempts coming from more than 40 unique IPs in the past 24 hours. WordPress security company Defiant has also seen exploitation attempts, coming from nearly two dozen IPs." “Most of the requests we have observed are GET requests presumably trying to determine whether a Fortinet appliance is in place,” the Wordfence team at Defiant explained. “However, we also found that a number of these IPs are also sending out PUT requests matching the recently released proof of concept, [...] which attempts to update the public SSH key of the admin user.” https://www.securityweek.com/poc-published-fortinet-vulnerability-mass-exploitation-attempts-begin https://www.darkreading.com/attacks-breaches/concerns-fortinet-flaw-poc-increased-exploit-activity https://www.bleepingcomputer.com/news/security/exploit-available-for-critical-fortinet-auth-bypass- b... Automotive Security Threats Are More Critical Than Ever Cars have more and more software in them, not just the connectivity WiFi, Bluetooth, LTE but also the software itself. Like any software, automotive software needs to be sustained with updates. “...supply chain from OEM factories and legacy systems to component suppliers including those supplying sensors, ECUs, connections and other communication technology to maintain cohesion across applications.” Now think about a critical vulnerability on one of the OEM softwares that needs to be patched with exposure to a million cars?!?! https://www.securityweek.com/automotive-security-threats-are-more-critical-ever Over 45,000 VMware ESXi servers just reached end-of-life Not just supply chain software challenges, what happens when widely used software are in end of life and in end of support? “Will only receive technical support but no security updates, putting the software at risk of vulnerabilities.”
https://www.bleepingcomputer.com/news/security/over-45-000-vmware-esxi-servers-just-reached- end-of-l... Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. Characterizing it as a "multi-vector attack consisting of UDP and TCP floods," researcher Omer Yoachimik said the DDoS attack targeted the Minecraft server Wynncraft in Q3 2022. "The entire 2.5 Tbps attack lasted about 2 minutes, and the peak of the 26 million rps attack [was] only 15 seconds," https://thehackernews.com/2022/10/mirai-botnet-hits-wynncraft-minecraft.html https://www.securityweek.com/mirai-botnet-launched-25-tbps-ddos-attack-against-minecraft-server Russian DDoS attack project pays contributors for more firepower “A pro-Russian group created a crowdsourced project called 'DDOSIA' that pays volunteers launching distributed denial-of-service (DDOS) attacks against western entities.” “Volunteers for DDOSIA need to register through Telegram to receive a ZIP archive with the malware (“dosia.exe”), which contains a unique ID for each user. Members can link this ID to a cryptocurrency wallet and receive money for participating in DDoS attacks, payment being proportional to the firepower they provide.” Top contributors in each attack wave receive 80,000 rubles ($1,250), second-place attackers receive 50,000 rubles ($800), and third-place contributors are compensated with 20,000 rubles ($300). In the attacks against the U.S. airports, DDOSIA announced that they would distribute payouts to the top ten contributors, increasing the rewards for the contributors. “ https://www.bleepingcomputer.com/news/security/russian-ddos-attack-project-pays-contributors-for- mor...
US airports' sites taken down in DDoS attacks by pro-Russian hackers “The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service (DDoS) attacks against websites of several major airports in the U.S., making them unaccessible. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.” “KillNet listed the domains yesterday on its Telegram channel, where members and volunteers of the hacktivist group gather to acquire new targets.” https://www.bleepingcomputer.com/news/security/us-airports-sites-taken-down-in-ddos-attacks-by- pro-r... General – security bits International crackdown on West-African financial crime rings https://www.interpol.int/en/News-and-Events/News/2022/International-crackdown-on-West-African-financ... INTERPOL arrests ‘Black Axe’ cybercrime syndicate members https://www.bleepingcomputer.com/news/security/interpol-arrests-black-axe-cybercrime-syndicate- membe... How Wi-Fi spy drones snooped on financial firm https://www.theregister.com/2022/10/12/drone-roof-attack/ Wi-Fi drones were used by hackers to penetrate a financial firm's network remotely https://www.techspot.com/news/96321-drones-helped-hackers-penetrate-financial-firm-network-remotely.... Security M&A "If you're wondering why Google blew $5b on Mandiant, this may shed some light” https://www.theregister.com/2022/10/11/google_mandiant_brain/ Security
 F5 SIRT series-F5SIRT-this-week-in-security TWIS Add tags 1 Kudo  Edit Comment Comment PREVIEW Paragraph                            Hint: @ links to members, content Email me when someone replies Post Your Comment Cancel Version history Last update: ‎ 20-Oct-2022 01:13 Updated by: Lior_Rotkovitch
View Article History Contributors Lior_Rotkovitch ABOUT DEVCENTRAL Devcentral News Technical Forum Technical Articles CrowdSRC Community Guidelines DevCentral EULA Get a Developer Lab License Become a DevCentral MVP F5 RESOURCES Product Documentation White Papers Glossary Customer Stories Webinars Free Online Courses F5 Certification LearnF5 Training F5 SUPPORT Manage Subscriptions Support Portal Professional Services Create a Service Request Software Downloads F5 PARTNERS Find a Reseller Partner Technology Alliances Become an F5 Partner Login to Partner Central CONNECT WITH DEVCENTRAL ©2022 F5, Inc. All rights reserved. Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information Cookie Preferences    

Empfohlen

Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011Ashwin Patil, GCIH, GCIA, GCFE
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingThe Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingMuhammad FAHAD
 
Nastiest Malware 2021
Nastiest Malware 2021Nastiest Malware 2021
Nastiest Malware 2021tsevier
 
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepEverything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepIvanti
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017chauhananand17
 
BO2K Byline
BO2K BylineBO2K Byline
BO2K BylineCondition Zebra (CONZebra)
 

Empfohlen

Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011Ashwin Patil, GCIH, GCIA, GCFE
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingThe Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingMuhammad FAHAD
 
Nastiest Malware 2021
Nastiest Malware 2021Nastiest Malware 2021
Nastiest Malware 2021tsevier
 
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepEverything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepIvanti
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017chauhananand17
 
BO2K Byline
BO2K BylineBO2K Byline
BO2K BylineCondition Zebra (CONZebra)
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2Gaurav Ahluwalia
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat Security Conference
 
News Bytes
News BytesNews Bytes
News BytesMegha Sahu
 
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Black Duck by Synopsys
 
Comparative Study of Fileless Ransomware
Comparative Study of Fileless RansomwareComparative Study of Fileless Ransomware
Comparative Study of Fileless Ransomwareijtsrd
 
RIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdfRIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdfRifDhy22
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Identify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdfIdentify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdffatoryoutlets
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionSimrat Singh
 
Cloud mz cto_roundtable
Cloud mz cto_roundtableCloud mz cto_roundtable
Cloud mz cto_roundtableeaiti
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threatsSsendiSamuel
 
Webinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking TrojanWebinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking TrojanBlueliv
 
News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011Ashwin Patil, GCIH, GCIA, GCFE
 
seqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdfseqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdfsatheesh kumar
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015n|u - The Open Security Community
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016Qrator Labs
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Wallarm
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software developmentBill Ross
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersPriyanka Aash
 
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...Lior Rotkovitch
 
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdfBots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdfLior Rotkovitch
 

Weitere ähnliche Inhalte

Ähnlich wie Software management, the seasonal return of DDoS - This Week in Security.pdf

2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2Gaurav Ahluwalia
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat Security Conference
 
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Black Duck by Synopsys
 
Comparative Study of Fileless Ransomware
Comparative Study of Fileless RansomwareComparative Study of Fileless Ransomware
Comparative Study of Fileless Ransomwareijtsrd
 
RIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdfRIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdfRifDhy22
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Identify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdfIdentify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdffatoryoutlets
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionSimrat Singh
 
Cloud mz cto_roundtable
Cloud mz cto_roundtableCloud mz cto_roundtable
Cloud mz cto_roundtableeaiti
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threatsSsendiSamuel
 
Webinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking TrojanWebinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking TrojanBlueliv
 
seqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdfseqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdfsatheesh kumar
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016Qrator Labs
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Wallarm
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software developmentBill Ross
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersPriyanka Aash
 

Ähnlich wie Software management, the seasonal return of DDoS - This Week in Security.pdf (20)

2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
 
News Bytes
News BytesNews Bytes
News Bytes
 
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...
 
Comparative Study of Fileless Ransomware
Comparative Study of Fileless RansomwareComparative Study of Fileless Ransomware
Comparative Study of Fileless Ransomware
 
RIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdfRIFDHY RM ( Cybersecurity ).pdf
RIFDHY RM ( Cybersecurity ).pdf
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Identify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdfIdentify one cyberattack that occurred in the last 2 years. What cau.pdf
Identify one cyberattack that occurred in the last 2 years. What cau.pdf
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech Solution
 
Cloud mz cto_roundtable
Cloud mz cto_roundtableCloud mz cto_roundtable
Cloud mz cto_roundtable
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
 
Webinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking TrojanWebinar: Vawtrak v2 the next big Banking Trojan
Webinar: Vawtrak v2 the next big Banking Trojan
 
News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
 
seqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdfseqrite-prediction-report-2023.pdf
seqrite-prediction-report-2023.pdf
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software development
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software Updaters
 

Mehr von Lior Rotkovitch

HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...Lior Rotkovitch
 
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdfBots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdfLior Rotkovitch
 
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...Lior Rotkovitch
 
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdf
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdfA Day in the Life of a Security Engineer from Tel Aviv- clean.pdf
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdfLior Rotkovitch
 
The WAF book (Web App Firewall )
The WAF book (Web App Firewall )The WAF book (Web App Firewall )
The WAF book (Web App Firewall )Lior Rotkovitch
 
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdfBrute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdfLior Rotkovitch
 
The WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchThe WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchLior Rotkovitch
 
The waf book intro waf elements v1.0 lior rotkovitch
The waf book intro waf elements v1.0 lior rotkovitchThe waf book intro waf elements v1.0 lior rotkovitch
The waf book intro waf elements v1.0 lior rotkovitchLior Rotkovitch
 
The waf book intro v1.0 lior rotkovitch
The waf book intro v1.0 lior rotkovitchThe waf book intro v1.0 lior rotkovitch
The waf book intro v1.0 lior rotkovitchLior Rotkovitch
 
The waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitchThe waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitchLior Rotkovitch
 
F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch
 
Advance WAF bot mitigations V13.1
Advance WAF bot mitigations V13.1 Advance WAF bot mitigations V13.1
Advance WAF bot mitigations V13.1 Lior Rotkovitch
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanLior Rotkovitch
 
Bots mitigations overview with advance waf anti bot engine
Bots mitigations overview with advance waf anti bot engineBots mitigations overview with advance waf anti bot engine
Bots mitigations overview with advance waf anti bot engineLior Rotkovitch
 
Asm bot mitigations v3 final- lior rotkovitch
Asm bot mitigations v3 final- lior rotkovitchAsm bot mitigations v3 final- lior rotkovitch
Asm bot mitigations v3 final- lior rotkovitchLior Rotkovitch
 
Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior Rotkovitch
 
ASM 11.6 DDoS profile- lior rotkovitch
ASM 11.6 DDoS profile- lior rotkovitchASM 11.6 DDoS profile- lior rotkovitch
ASM 11.6 DDoS profile- lior rotkovitchLior Rotkovitch
 
Html cors- lior rotkovitch
Html cors- lior rotkovitchHtml cors- lior rotkovitch
Html cors- lior rotkovitchLior Rotkovitch
 
Web Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchWeb Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchLior Rotkovitch
 
הדרכה מבוססת אינטרנט Wbt - Web based training
הדרכה מבוססת אינטרנט Wbt - Web based training הדרכה מבוססת אינטרנט Wbt - Web based training
הדרכה מבוססת אינטרנט Wbt - Web based training Lior Rotkovitch
 

Mehr von Lior Rotkovitch (20)

HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
HTTP Brute Force Mitigation Playbook Bot Profile for Brute Force Mitigations ...
 
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdfBots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
Bots mitigations overview with Advance WAF - Anti ... - DevCentral.pdf
 
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
 
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdf
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdfA Day in the Life of a Security Engineer from Tel Aviv- clean.pdf
A Day in the Life of a Security Engineer from Tel Aviv- clean.pdf
 
The WAF book (Web App Firewall )
The WAF book (Web App Firewall )The WAF book (Web App Firewall )
The WAF book (Web App Firewall )
 
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdfBrute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
 
The WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchThe WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitch
 
The waf book intro waf elements v1.0 lior rotkovitch
The waf book intro waf elements v1.0 lior rotkovitchThe waf book intro waf elements v1.0 lior rotkovitch
The waf book intro waf elements v1.0 lior rotkovitch
 
The waf book intro v1.0 lior rotkovitch
The waf book intro v1.0 lior rotkovitchThe waf book intro v1.0 lior rotkovitch
The waf book intro v1.0 lior rotkovitch
 
The waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitchThe waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitch
 
F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection
 
Advance WAF bot mitigations V13.1
Advance WAF bot mitigations V13.1 Advance WAF bot mitigations V13.1
Advance WAF bot mitigations V13.1
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
 
Bots mitigations overview with advance waf anti bot engine
Bots mitigations overview with advance waf anti bot engineBots mitigations overview with advance waf anti bot engine
Bots mitigations overview with advance waf anti bot engine
 
Asm bot mitigations v3 final- lior rotkovitch
Asm bot mitigations v3 final- lior rotkovitchAsm bot mitigations v3 final- lior rotkovitch
Asm bot mitigations v3 final- lior rotkovitch
 
Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12
 
ASM 11.6 DDoS profile- lior rotkovitch
ASM 11.6 DDoS profile- lior rotkovitchASM 11.6 DDoS profile- lior rotkovitch
ASM 11.6 DDoS profile- lior rotkovitch
 
Html cors- lior rotkovitch
Html cors- lior rotkovitchHtml cors- lior rotkovitch
Html cors- lior rotkovitch
 
Web Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchWeb Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitch
 
הדרכה מבוססת אינטרנט Wbt - Web based training
הדרכה מבוססת אינטרנט Wbt - Web based training הדרכה מבוססת אינטרנט Wbt - Web based training
הדרכה מבוססת אינטרנט Wbt - Web based training
 

Kürzlich hochgeladen

Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfSumit Kumar yadav
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Lokesh Kothari
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfSumit Kumar yadav
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bSérgio Sacani
 
fundamental of entomology all in one topics of entomology
fundamental of entomology all in one topics of entomologyfundamental of entomology all in one topics of entomology
fundamental of entomology all in one topics of entomologyDrAnita Sharma
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Sérgio Sacani
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...anilsa9823
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000Sapana Sha
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksSérgio Sacani
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfSumit Kumar yadav
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticssakshisoni2385
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsAArockiyaNisha
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)Areesha Ahmad
 
Botany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsBotany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsSumit Kumar yadav
 
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.Nitya salvi
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...Sérgio Sacani
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)Areesha Ahmad
 

Kürzlich hochgeladen (20)

Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdf
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdf
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
fundamental of entomology all in one topics of entomology
fundamental of entomology all in one topics of entomologyfundamental of entomology all in one topics of entomology
fundamental of entomology all in one topics of entomology
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
 
Chemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdfChemistry 4th semester series (krishna).pdf
Chemistry 4th semester series (krishna).pdf
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based Nanomaterials
 
The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of Science
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
Botany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsBotany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questions
 
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.
❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)
 

Software management, the seasonal return of DDoS - This Week in Security.pdf

  • 1.  Help   Technical Articles F5 SMEs share good practice. Turn on suggestions Topics with No Replies | Recent Solutions | Contact DevCentral Search all content  BIG-IP 13.1.x reaches EoSD on December 31, 2022. Upgrade to 14.1.x or later to ensure access to software patches beyond this date. See K5903 DevCentral  Technical Articles  Software management, the seasonal return of DDoS -... Options  Software management, the seasonal return of DDoS - F5 SIRT- This Week in Security: 10/9 - 10/15 Lior_Rotkovitch F5 SIRT on ‎ 20-Oct-2022 01:14  This Week in Security October 9th to October 15th, 2022 "Software security management, the seasonal return of DDoS and cyber-attacks will get you to real prison" Editor's introduction
  • 2. This week editor is Lior Rotkovitch. October is Cybersecurity Awareness Month and F5 promotes this event both externally and internally with discussions and knowledge being transfered. This makes you see over and over the huge impact of security on our day-to-day life in general, and on hardware and software products and service in specific. Reading security news lately feels like we have more major challenges to overcome. Yet another CVE exploitation, more security for software end of life, and what can we do when a 0day will be in our cars? DDoS is always a for sure way to hit the headlines; and cyber crime will get you to real jail. My recommendation for this week: One of the high profile topics is the software supply chain problem that is described nicely at Ryan Naraine's Security Conversations--mentioning that not long ago we all said that open source was considered a more secure software since more eyes were watching it. They also talk about the SBOM concept as a good starting point for solving this topic. Until next time, keep it up. Lior. Twitter: @rotkovitch PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin Automotive Security Threats Are More Critical Than Ever Over 45,000 VMware ESXi servers just reached end-of-life Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack Russian DDoS attack project pays contributors for more firepower US airports' sites taken down in DDoS attacks by pro-Russian hackers International crackdown on West-African financial crime rings How Wi-Fi spy drones snooped on financial firm Security M&A PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin Remember the critical Fortinet CVE that Dharminder mention last week ? This is one of those cases that a POC and then a operational exploit is being released. This is then fed into the botnets scanning web and the race to patch that I described begins. So I'm sending my support to the Fortinet security team. “On Monday, the company made public an advisory and confirmed that the zero-day flaw had been exploited in at least one attack. This suggested that the attack observed by Fortinet was likely the work of a sophisticated — likely state- sponsored — threat actor. However, as more details are coming to light, it’s increasingly likely that CVE- 2022-40684 will be widely exploited.
  • 3. Penetration testing company Horizon3.ai has made public a PoC exploit that allows an attacker to add an SSH key to the admin user, enabling the attacker to access the targeted system with administrator privileges. The firm has also released technical details, and others have created templates for vulnerability scanners. There have been several reports over the past day indicating that scanning for systems affected by CVE- 2022-40684 is underway. Threat intelligence firm GreyNoise has seen exploitation attempts coming from more than 40 unique IPs in the past 24 hours. WordPress security company Defiant has also seen exploitation attempts, coming from nearly two dozen IPs." “Most of the requests we have observed are GET requests presumably trying to determine whether a Fortinet appliance is in place,” the Wordfence team at Defiant explained. “However, we also found that a number of these IPs are also sending out PUT requests matching the recently released proof of concept, [...] which attempts to update the public SSH key of the admin user.” https://www.securityweek.com/poc-published-fortinet-vulnerability-mass-exploitation-attempts-begin https://www.darkreading.com/attacks-breaches/concerns-fortinet-flaw-poc-increased-exploit-activity https://www.bleepingcomputer.com/news/security/exploit-available-for-critical-fortinet-auth-bypass- b... Automotive Security Threats Are More Critical Than Ever Cars have more and more software in them, not just the connectivity WiFi, Bluetooth, LTE but also the software itself. Like any software, automotive software needs to be sustained with updates. “...supply chain from OEM factories and legacy systems to component suppliers including those supplying sensors, ECUs, connections and other communication technology to maintain cohesion across applications.” Now think about a critical vulnerability on one of the OEM softwares that needs to be patched with exposure to a million cars?!?! https://www.securityweek.com/automotive-security-threats-are-more-critical-ever Over 45,000 VMware ESXi servers just reached end-of-life Not just supply chain software challenges, what happens when widely used software are in end of life and in end of support? “Will only receive technical support but no security updates, putting the software at risk of vulnerabilities.”
  • 4. https://www.bleepingcomputer.com/news/security/over-45-000-vmware-esxi-servers-just-reached- end-of-l... Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. Characterizing it as a "multi-vector attack consisting of UDP and TCP floods," researcher Omer Yoachimik said the DDoS attack targeted the Minecraft server Wynncraft in Q3 2022. "The entire 2.5 Tbps attack lasted about 2 minutes, and the peak of the 26 million rps attack [was] only 15 seconds," https://thehackernews.com/2022/10/mirai-botnet-hits-wynncraft-minecraft.html https://www.securityweek.com/mirai-botnet-launched-25-tbps-ddos-attack-against-minecraft-server Russian DDoS attack project pays contributors for more firepower “A pro-Russian group created a crowdsourced project called 'DDOSIA' that pays volunteers launching distributed denial-of-service (DDOS) attacks against western entities.” “Volunteers for DDOSIA need to register through Telegram to receive a ZIP archive with the malware (“dosia.exe”), which contains a unique ID for each user. Members can link this ID to a cryptocurrency wallet and receive money for participating in DDoS attacks, payment being proportional to the firepower they provide.” Top contributors in each attack wave receive 80,000 rubles ($1,250), second-place attackers receive 50,000 rubles ($800), and third-place contributors are compensated with 20,000 rubles ($300). In the attacks against the U.S. airports, DDOSIA announced that they would distribute payouts to the top ten contributors, increasing the rewards for the contributors. “ https://www.bleepingcomputer.com/news/security/russian-ddos-attack-project-pays-contributors-for- mor...
  • 5. US airports' sites taken down in DDoS attacks by pro-Russian hackers “The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service (DDoS) attacks against websites of several major airports in the U.S., making them unaccessible. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.” “KillNet listed the domains yesterday on its Telegram channel, where members and volunteers of the hacktivist group gather to acquire new targets.” https://www.bleepingcomputer.com/news/security/us-airports-sites-taken-down-in-ddos-attacks-by- pro-r... General – security bits International crackdown on West-African financial crime rings https://www.interpol.int/en/News-and-Events/News/2022/International-crackdown-on-West-African-financ... INTERPOL arrests ‘Black Axe’ cybercrime syndicate members https://www.bleepingcomputer.com/news/security/interpol-arrests-black-axe-cybercrime-syndicate- membe... How Wi-Fi spy drones snooped on financial firm https://www.theregister.com/2022/10/12/drone-roof-attack/ Wi-Fi drones were used by hackers to penetrate a financial firm's network remotely https://www.techspot.com/news/96321-drones-helped-hackers-penetrate-financial-firm-network-remotely.... Security M&A "If you're wondering why Google blew $5b on Mandiant, this may shed some light” https://www.theregister.com/2022/10/11/google_mandiant_brain/ Security
  • 6.  F5 SIRT series-F5SIRT-this-week-in-security TWIS Add tags 1 Kudo  Edit Comment Comment PREVIEW Paragraph                            Hint: @ links to members, content Email me when someone replies Post Your Comment Cancel Version history Last update: ‎ 20-Oct-2022 01:13 Updated by: Lior_Rotkovitch
  • 7. View Article History Contributors Lior_Rotkovitch ABOUT DEVCENTRAL Devcentral News Technical Forum Technical Articles CrowdSRC Community Guidelines DevCentral EULA Get a Developer Lab License Become a DevCentral MVP F5 RESOURCES Product Documentation White Papers Glossary Customer Stories Webinars Free Online Courses F5 Certification LearnF5 Training F5 SUPPORT Manage Subscriptions Support Portal Professional Services Create a Service Request Software Downloads F5 PARTNERS Find a Reseller Partner Technology Alliances Become an F5 Partner Login to Partner Central CONNECT WITH DEVCENTRAL ©2022 F5, Inc. All rights reserved. Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information Cookie Preferences    