In a recent report, NCC Group elaborates on the recent discovery of the active exploitation of CVE-2021-22986. This vulnerability allows for unauthenticated, remote code execution of F5 BIG-IP devices through the BIG-IQ iControl REST API. F5 has since patched the vulnerability, but there are currently 6,791 potentially vulnerable devices online at the time of writing. One Proof of Concept (POC) exploit is available on GitHub, but more will likely be published soon.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is