Hackers are using unencrypted F5 BIG-IP cookies to access internal devices on corporate networks, with the Cybersecurity and Infrastructure Security Agency (CISA) highlighting the potential vulnerabilities and recommending organizations to encrypt the cookies to ensure security. The persistent cookies, which speed up server routing by assigning devices to server pools but expose internal IP addresses and ports to clients, have been a longstanding hacking vector. CISA advises following F5 guidance to secure BIG-IP cookies and leveraging F5's tool for diagnostics
Given the growing focus on network edge device vulnerabilities by both state-sponsored hackers and cybercriminals, the security of technologies like BIG-IP remains critical, as highlighted by past exploits and vulnerabilities found by researchers. Ensuring encryption of these cookies is crucial to preventing potential risks and network compromises. ```https://www.bankinfosecurity.com/hackers-prowling-for-unencrypted-big-ip-cookies-warns-cisa-a-26519