Cybersecurity firm F5 Networks says government-backed hackers had “long-term, persistent access” to its network, which allowed them to steal the company’s source code and customer information. In a filing with the U.S. Securities and Exchange Commission on Wednesday,
F5 said it now “believes its containment actions have been successful,” after first discovering the hackers in its network on August 9. The Seattle, Washington-based company, which specializes in providing application security and cybersecurity defenses for large companies and governments, said the hackers had access to its BIG-IP product development environment and its knowledge management systems, which included source code and publicly undisclosed security vulnerabilities.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Octopus Trojan exploits Telegram ban fears to snag diplomatic targets across Asia
October 15, 2018
Researchers have uncovered the Octopus Trojan in a wave of cyberattacks being launched against diplomatic entities across central Asia. According to cybersecurity firm Kaspersky Lab, the targeted campaign has used the recent ban of Telegram messenger across Russia and reported attempts to ban the service across some former Soviet areas such as Kazakhstan to dupe victims into believing ...
- Up to 35 Million 2018 Voter Records For Sale on Hacking Forum
October 15, 2018
Just weeks before the midterms, voter information from 19 states has turned up on the Dark Web. Up to 35 million voter records have been found up for sale on a popular hacking forum from 19 states, researchers discovered. Researchers at Anomali Labs and Intel 471 on Monday said that they discovered Dark Web communications offering a ...
- New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors
October 11, 2018
Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot. Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called ...
- Innovative Phishing Tactic Makes Inroads Using Azure Blob
October 10, 2018
A brand-new approach to harvesting credentials hinges on users’ lack of cloud savvy. A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, ...
- Over nine million cameras and DVRs open to APTs, botnet herders, and voyeurs
October 9, 2018
Millions of security cameras, DVRs, and NVRs contain vulnerabilities that can allow a remote attacker to take over devices with little effort, security researchers have revealed today. All vulnerable devices have been manufactured by Hangzhou Xiongmai Technology Co., Ltd.(Xiongmai hereinafter), a Chinese company based in the city of Hangzhou. But end users won’t be able to tell that ...
- Artificial Intelligence: A Cybersecurity Tool for Good, and Sometimes Bad
October 3, 2018
Attractive to both white-hats and cybercriminals, AI’s role in security has yet to find an equilibrium between the two sides. Artificial intelligence is the new golden ring for cybersecurity developers, thanks to its potential to not just automate functions at scale but also to make contextual decisions based on what it learns over time. This can ...