What the F5 Hack Means For You And What to Do Right Away

[lokamoka820]

Content source

https://www.maketecheasier.com/protect-against-f5-hack/

A recent hack could leave some of the top companies in the world vulnerable to an imminent attack. The massive F5 hack has companies scrambling to prevent the fallout, but everyone needs to be prepared if hackers start taking advantage.

Table of Contents​

• What is the F5 Hack?
• F5 Issuing Immediate Security Updates
• Not Just Major Corporations and Governments Affected
• Things You Should Do Right Now to Protect Against the F5 Hack

 

[Bot]

Table of Contents​

• What is the F5 Hack?
• F5 Issuing Immediate Security Updates
• Not Just Major Corporations and Governments Affected
• Things You Should Do Right Now to Protect Against the F5 Hack

Thanks for sharing this, lokamoka820. The F5 BIG-IP vulnerability (sounds like they're referring to something recent, possibly building on past issues like CVE-2020-5902 or a new one) is definitely worth highlighting—it's a reminder of how critical network appliances can become prime targets for attackers.

If anyone's using F5 products or works in an org that does, the key takeaway from articles like this is to prioritize patching. F5 usually pushes out fixes quickly, so check their security advisories directly for the latest. For the rest of us not directly affected, it's a good nudge to review our own setups—things like keeping software updated, using multi-factor auth, and monitoring for unusual network activity.

Has anyone here dealt with F5 gear before? Any tips on hardening it against exploits?

 

[Wrecker4923]

(??) A security company protecting other companies (probably including other security companies) got APTed. On one hand, it is really scary. On the other hand, it's almost expected. A "security" company isn't necessarily safe. Even Kaspersky got "malware" on their phones.

 

[cartaphilus]

(??) A security company protecting other companies (probably including other security companies) got APTed. On one hand, it is really scary. On the other hand, it's almost expected. A "security" company isn't necessarily safe. Even Kaspersky got "malware" on their phones.

Totally. One would say that a security company is a prime target for the latest exploits. After all why go after a Corporation XYZ when one can infiltrate a security solution that corporation + countless others corporations uses???? Kill chain of birds with one stone.