Blog

BIG-IP software SYN cookies vulnerability CVE-2022-36795 Security Advisory Security Advisory Description When an LTM TCP profile configured on a virtual server has the Auto Receive Window option ... More info: https://support.f5.com/csp/article/K52494562?utm_source=f5support&utm_medium=RSS

Overview of F5 vulnerabilities (October 2022) Security Advisory Security Advisory Description On October 19, 2022, F5 announced the following security issues. This document is intended to serve as ... More info: https://support.f5.com/csp/article/K30425568?utm_source=f5support&utm_medium=RSS

F5OS CLI vulnerability CVE-2022-41780 Security Advisory Security Advisory Description A directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker ... More info: https://support.f5.com/csp/article/K81701735?utm_source=f5support&utm_medium=RSS

BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41691 Security Advisory Security Advisory Description When an F5 BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, ... More info: https://support.f5.com/csp/article/K02694732?utm_source=f5support&utm_medium=RSS

OpenSSL vulnerability CVE-2022-3358 Security Advisory Security Advisory Description OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function ... More info: https://support.f5.com/csp/article/K32553170?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2021-41864 Security Advisory Security Advisory Description prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows ... More info: https://support.f5.com/csp/article/K11255393?utm_source=f5support&utm_medium=RSS

The number of technological developments, data protection standards, and security threats have continued to grow over the last two years. VMware strives to provide your enterprise with the tools and knowledge you need to evolve your multi-cloud environment, bolster your security, and provide you with the network visibility you need to claim victory on the … ContinuedThe post 5 Security and Networking Sessions at VMware Explore Europe 2022 You Can’t Miss appeared first on VMware More info: https://blogs.vmware.com/security/2022/10/5-security-and-networking-sessions-at-vmware-explore-europe-2022-you-cant-miss.html?utm_source=rss&utm_medium=rss&utm_campaign=5-security-and-networking-sessions-at-vmware-explore-europe-2022-you-cant-miss

In celebration of this year’s Cybersecurity Awareness Month theme – See Yourself in Cyber – we are spotlighting five VMware security pros to ask them five questions about their career path. Deb Snyder is a cyber threat intelligence researcher supporting VMware Threat Analysis Unit’s malware team. She has over 10 years of experience in the … ContinuedThe post See Yourself in Cyber: 5 Questions with Deb Snyder appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2022/10/see-yourself-in-cyber-5-questions-with-deb-snyder.html?utm_source=rss&utm_medium=rss&utm_campaign=see-yourself-in-cyber-5-questions-with-deb-snyder

Tomcat vulnerability CVE-2021-43980 Security Advisory Security Advisory Description The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0 ... More info: https://support.f5.com/csp/article/K41102235?utm_source=f5support&utm_medium=RSS

Behavioral Summary LockBit 3.0 seems to love the spotlight. Also known as LockBit Black, this ransomware family announced itself in July 2022 stating that it would now offer the data of its nonpaying victims online in a freely available easy-to-use searchable form. Then in July, it introduced a bug bounty program to find defects in … ContinuedThe post LockBit 3.0 Ransomware Unlocked appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2022/10/lockbit-3-0-also-known-as-lockbit-black.html?utm_source=rss&utm_medium=rss&utm_campaign=lockbit-3-0-also-known-as-lockbit-black