Blog

BIG-IP APM vulnerability CVE-2021-22985 Security Advisory Security Advisory Description Under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory. A malicious, ... More info: https://support.f5.com/csp/article/K32049501?utm_source=f5support&utm_medium=RSS

iControl REST vulnerability CVE-2021-22974 Security Advisory Security Advisory Description An authenticated attacker with access to iControl REST over the control plane may be able to take ... More info: https://support.f5.com/csp/article/K68652018?utm_source=f5support&utm_medium=RSS

big3d agent vulnerability CVE-2021-22982 Security Advisory Security Advisory Description big3d does not securely handle and parse certain payloads resulting in a buffer overflow. (CVE-2021-22982) More info: https://support.f5.com/csp/article/K72708443?utm_source=f5support&utm_medium=RSS

The BIG-IP ASM system may not properly perform signature checks on cookies Security Advisory Security Advisory Description The BIG-IP ASM system may not properly perform signature checks on cookies. More info: https://support.f5.com/csp/article/K88162221?utm_source=f5support&utm_medium=RSS

iRules LX vulnerability CVE-2021-22973 Security Advisory Security Advisory Description JSON parser function does not protect against out-of-bounds memory accesses or writes. (CVE-2021-22973) Impact More info: https://support.f5.com/csp/article/K13323323?utm_source=f5support&utm_medium=RSS

TMM vulnerability CVE-2021-22975 Security Advisory Security Advisory Description Under some circumstances, Traffic Management Microkernel (TMM) may restart on the BIG-IP system while passing large ... More info: https://support.f5.com/csp/article/K21971977?utm_source=f5support&utm_medium=RSS

BIG-IP APM CTU vulnerability CVE-2021-22980 Security Advisory Security Advisory Description An untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for ... More info: https://support.f5.com/csp/article/K29282483?utm_source=f5support&utm_medium=RSS

TMM vulnerability CVE-2021-22977 Security Advisory Security Advisory Description Cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core ... More info: https://support.f5.com/csp/article/K14693346?utm_source=f5support&utm_medium=RSS

BIG-IP ASM WebSocket vulnerability CVE-2021-22976 Security Advisory Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large ... More info: https://support.f5.com/csp/article/K88230177?utm_source=f5support&utm_medium=RSS

• Más de 100 millones de dólares en criptodivisas fueron robados por medio del secuestro de números de teléfono.

Un total de ocho delincuentes fueron detenidos el pasado 9 de febrero como resultado de una investigación internacional acerca de una serie de ataques de SIM swapping (o intercambio de tarjetas SIM) dirigidos a celebridades de Estados Unidos. Estas detenciones se suman a otras anteriores en Malta y Bélgica de otros miembros pertenecientes a la misma red delictiva.

Los ataques orquestados por esta banda delictiva se dirigieron a miles de víctimas a lo largo de 2020, entre las que se encontraban famosos influencers de Internet, estrellas del deporte, músicos y sus familias. Se cree que los delincuentes les robaron más de 100 millones de dólares en criptodivisas tras acceder ilegalmente a sus teléfonos.

Este barrido internacional se produce tras una investigación de un año de duración llevada a cabo conjuntamente por las autoridades policiales del Reino Unido, Estados Unidos, Bélgica, Malta y Canadá, con una actividad internacional coordinada por Europol.

Europol (10/02/2021)