Triki L, Tringali A, Arvanitakis M, Schepis T. Prevention of post-ERCP complications. Best Pract Res Clin Gastroenterol. 2024;69: 101906.
Google Scholar
Akshintala VS, Singh VK. Postendoscopic…
This request seems a bit unusual, so we need to confirm that you’re human. Please press and hold the button until it turns completely green. Thank you for your cooperation!
Lewis Hamilton is hopeful that Ferrari can take a “step forward” by extracting more from their car during the United States Grand Prix weekend, with the seven-time World Champion admitting that the final six races of the campaign could play a…
Thousands of networks—many of them operated by the US government and Fortune 500 companies—face an “imminent threat” of being breached by a nation-state hacking group following the breach of a major maker of software, the federal government warned on Wednesday.
F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long term.” Security researchers who have responded to similar intrusions in the past took the language to mean the hackers were inside the F5 network for years.
During that time, F5 said, the hackers took control of the network segment the company uses to create and distribute updates for BIG IP, a line of server appliances that F5 says is used by 48 of the world’s top 50 corporations. Wednesday’s disclosure went on to say the threat group downloaded proprietary BIG-IP source code information about vulnerabilities that had been privately discovered but not yet patched. The hackers also obtained configuration settings that some customers used inside their networks.
Control of the build system and access to the source code, customer configurations, and documentation of unpatched vulnerabilities has the potential to give the hackers unprecedented knowledge of weaknesses and the ability to exploit them in supply-chain attacks on thousands of networks, many of which are sensitive. The theft of customer configurations and other data further raises the risk that sensitive credentials can be abused, F5 and outside security experts said.
Customers position BIG-IP at the very edge of their networks for use as load balancers and firewalls, and for inspection and encryption of data passing into and out of networks. Given BIG-IP’s network position and its role in managing traffic for web servers, previous compromises have allowed adversaries to expand their access to other parts of an infected network.
F5 said that investigations by two outside intrusion-response firms have yet to find any evidence of supply-chain attacks. The company attached letters from firms IOActive and NCC Group attesting that analyses of source code and build pipeline uncovered no signs that a “threat actor modified or introduced any vulnerabilities into the in-scope items.” The firms also said they didn’t identify any evidence of critical vulnerabilities in the system. Investigators, which also included Mandiant and CrowdStrike, found no evidence that data from its CRM, financial, support case management, or health systems was accessed.
The company released updates for its BIG-IP, F5OS, BIG-IQ, and APM products. CVE designations and other details are here. Two days ago, F5 rotated BIG-IP signing certificates, though there was no immediate confirmation that the move is in response to the breach.
Researchers made this discovery while studying a rare…
Warner Bros Discovery has rebuked a pledge signed by more than 4,000 film industry figures to not work with Israeli film institutions “implicated in the genocide and apartheid against the Palestinian people”, saying that such a pledge would…
PET/CT imaging has revealed brain regions in leukemia patients with lower glucose metabolism after chemotherapy, according to a study published October 16 in the Journal of Nuclear Medicine.
The findings support research into metabolic imaging…
It took nearly 20 minutes and more than 20 bids between several specialists on the phone and a bidder in the room, but Sotheby’s came away with at least one major win at Thursday’s contemporary art evening sale. That victory lot was Francis…
Mark Savage
Music correspondent
Image source, XL RecordingsThe fourth album by Dublin’s Fontaines DC sees the quintet take their scratchy, sinister sound and…