Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)

By Ben Reardon, Corelight Security Researcher Having a CVE 10 unauthenticated Remote Code Execution vulnerability on a central load balancing device? That’s bad… Not being able to detect when a threat actor attempts and/or succeeds in compromising that device? That’s definitely bad… Recently the US Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploits … Continue reading Zeek in its sweet spot: Detecting F5’s Big-IP CVE10 (CVE-2020-5902)