Expert Reaction On Mirai Botnet Is Targeting RCE Vulnerability In F5 BIG-IP Software

It has been reported that the Mirai botnet is now trying to exploit a critical RCE bug in F5 BIG-IP software. It scans for exposed BIG-IP boxes and then exploit with malicious payload, The successful exploitation will enable the attacker to ” to create or delete files, disable services, intercept information, run arbitrary system commands and Java code, completely compromise the system, and pursue further targets, such as the internal network” reported by researcher.


EXPERTS COMMENTS
Jonathan Knudsen, Senior Security Strategist ,  Synopsys
August 05, 2020
Thinking about security during every phase of the SSDLC means that the vendor locates and eliminates more vulnerabilities during product development.
It’s no surprise that the Mirai botnet now includes an exploit for CVE-2020-5902, and it is a good example of how known vulnerabilities get weaponized. Outside observers can easily Monday-morning-quarterback by suggesting that all affected customers should immediately upgrade their F5 products to the latest software versions. Unfortunately, it’s not that easy. Making a change to any producti ....
[Read More >>]
Andrea Carcano, Co-founder and CPO,  Nozomi Networks
August 05, 2020
This way only safe communications would get through to key areas of the control network, blocking DDOS attacks from Botnets from impacting ICS.
As our H1 2020 OT/IoT Security Report states, the organisations behind IoT malware are very quick to capitalise on new remote exploits being available. Since they’ve the infrastructure and code base already available, plugging in a new propagation strategy can be a matter of few hours. This is the main reason why the patching time is very important for defenders, as well as having a more strateg ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article