BROADCASTS.com

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication bypass vulnerability affecting multiple versions of F5 Networks BIG-IP.\xa0\nAA22-138A Alert, Technical Details, and Mitigations\nF5 Security Advisory K23605346\xa0and indicators of compromise\nF5 guidance K11438344\xa0for remediating a compromise\nEmerging Threats suricata signatures\nPalo Alto Networks Unit 42 Threat Brief: CVE-2022-1388. This brief includes indicators of compromise.\xa0\nCisco Talos Intelligence Group - Comprehensive Threat Intelligence: Threat Advisory: Critical F5 BIG-IP Vulnerability. This blog includes indicators of compromise. Note: due to the urgency to share this information, CISA and MS-ISAC have not yet validated this content.\nRandori\u2019s bash script. This script can be used to identify vulnerable instances of BIG-IP. Note: MS-ISAC has verified this bash script identifies vulnerable instances of BIG-IP.\xa0\nAll organizations should report incidents and anomalous activity to CISA\u2019s 24/7 Operations Center at\xa0central@cisa.dhs.gov\xa0or (888) 282-0870 and to the FBI via your\xa0local FBI field office\xa0or the FBI\u2019s 24/7 CyWatch at (855) 292-3937 or\xa0CyWatch@fbi.gov.\nLearn more about your ad choices. Visit megaphone.fm/adchoices