# Risky Business #811 -- F5 is the Tip of the Crap Software Iceberg
Brought to you by Push Security
The recent breach at US-based cybersecurity provider F5 has sent shockwaves throughout the industry, with experts warning that thousands of networks are now vulnerable to an "imminent threat." But what exactly happened, and why should organizations be concerned?
According to sources, the breach was blamed on China, highlighting the growing threat landscape in the world of cybersecurity. The incident has left many wondering if F5's network security devices are truly secure, or if they've been relying too heavily on outdated technology.
The problem lies in the fact that some of these devices are still using 1990s-era flaws, leaving them open to exploitation by hackers. This is a stark reminder that even the most seemingly secure systems can be vulnerable to attack.
But F5's breach is just the tip of the iceberg. A recent report from Recorded Future reveals that European police have busted a network selling thousands of phone numbers to scammers. This highlights the ever-present threat of identity theft and phishing scams, which can have devastating consequences for individuals and organizations alike.
In other news, hackers have claimed to have personal data of hundreds of DHS, ICE, FBI, and DOJ officials, while NSA and government officials are also said to be among their targets. This raises serious concerns about the security of these agencies and the potential for sensitive information to be compromised.
Meanwhile, a new attack has been discovered that allows hackers to steal 2-factor authentication codes from Android phones. This is a significant development, as 2-factor authentication is widely used to protect against phishing and other types of cyber attacks.
But it's not all bad news. A recent exploit developer alert from Apple revealed that his iPhone was targeted with government spyware, leading to the discovery of a vulnerability in the app. The developer has since been working with Apple to resolve the issue and ensure that similar incidents do not occur again.
In addition, a new attack known as GlassWorm has been identified, which uses invisible code to self-propagate and infect open-source software. This highlights the ongoing threat posed by open-source software and the need for vigilance when using these tools.
Lastly, NSO spyware company was recently ordered by a US court to stop targeting WhatsApp users, with damages being reduced from $4.7 billion to $1 million. This is a significant victory for those fighting against corporate espionage and cyber surveillance.
Stay safe online, and stay tuned for more updates on the latest cybersecurity threats and vulnerabilities.
---
Push Security: Browser Threat Detection & Response
At Push Security, we understand the importance of staying one step ahead of hackers and cyber threats. Our browser threat detection and response services are designed to provide peace of mind for organizations and individuals alike.
With our cutting-edge technology and expert analysts, we can identify and respond to even the most sophisticated threats in real-time. Don't let your browser become a target - contact us today to learn more about our services and how we can help keep you safe online.
---
How Push Stopped a High-Risk LinkedIn Spear-Phishing Attack
We recently came across a high-risk spear-phishing attack on a prominent LinkedIn user. Our team quickly sprang into action, using our advanced threat detection capabilities to identify the malicious email and block it before it reached the victim's inbox.
Our attackers were caught off guard by our swift response, and we were able to prevent a serious breach of their security. This is just one example of how Push Security can help organizations protect themselves against even the most sophisticated cyber threats.
Contact us today to learn more about our threat detection and response services, and how we can help keep your organization safe online.