Cybersecurity firm F5 Networks says government-backed hackers had “long-term, persistent access” to its network, which allowed them to steal the company’s source code and customer information. In a filing with the U.S. Securities and Exchange Commission on Wednesday,
F5 said it now “believes its containment actions have been successful,” after first discovering the hackers in its network on August 9. The Seattle, Washington-based company, which specializes in providing application security and cybersecurity defenses for large companies and governments, said the hackers had access to its BIG-IP product development environment and its knowledge management systems, which included source code and publicly undisclosed security vulnerabilities.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee
October 29, 2020
Domain parking services offer a simple solution for domain owners to monetize their sites’ traffic through third-party advertisements. While domain parking might appear harmless at first glance, parked domains pose significant threats, as they can redirect visitors to malicious or unwanted landing pages or turn entirely malicious at any point in time. We have been detecting ...
- FBI warning: Trickbot and ransomware attackers plan big hit on US hospitals
October 29, 2020
US healthcare providers, already under pressure from the COVID-19 pandemic, have been put on high alert over Trickbot malware and ransomware targeting the sector. The warning over an “imminent cybercrime threat to US hospitals and healthcare providers” comes from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), ...
- Maze ransomware is shutting down its cybercrime operation
October 29, 2020
The Maze cybercrime gang is shutting down its operations after rising to become one of the most prominent players performing ransomware attacks. The Maze ransomware began operating in May 2019 but became more active in November. That’s when the media-savvy operation revolutionized ransomware attacks by introducing a double-extortion tactic. Read more… Source: Bleeping Computer
- Trump Campaign Website Defaced by Cryptocurrency Scam
October 28, 2020
Hackers took over President Trump’s 2020 election campaign website late Tuesday, replacing parts of the site with a cryptocurrency scam before returning it to its original content several minutes later. Journalist Gabriel Lorenzo Greschler was the first to notice the attack while he was doing research for a climate-change article, he wrote in a tweet. The ...
- DDoS attacks in Q3 2020
October 28, 2020
Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to master techniques and develop malware already familiar to us from the last reporting period. For example, another DDoS botnet joined in the assault on Docker environments. The perpetrators infiltrated the target server, created an infected container, and ...
- APT groups aren’t all from Russia, China, and North Korea
October 28, 2020
Advance persistent threat (APT) hacker groups are often assumed to be state-supported organisations such as China’s APT10 aka Stone Panda, Russia’s APT28 aka Fancy Bear, or Vietnam’s APT32 aka Ocean Lotus. However, these and other groups are often identified and named by cyber intelligence firms with strong links to their national government. FireEye and Crowdstrike in ...