Conclusion

Continuing the trend from January, threat actors in February delivered crypto-miners and Mirai variants. Most of the vulnerabilities exploited in February are not new, however, they are known vulnerabilities in popular applications and systems. In these cases, a threat actor is not looking for a specific target, but instead tries to exploit as many targets as possible.

To protect your application infrastructure, it’s important to stay abreast of latest releases in the technologies deployed on your application stack. Make sure that there is a process for vulnerability management, and that it’s followed by the teams responsible for applying patches. For most organizations, a firewall is the first line of defense. A well-monitored and updated web application firewall (WAF) should also be able to stop these threat actors from exploiting vulnerable systems within your network.

F5 security researchers will continue monitoring new web application exploits to deliver the latest threat intelligence to its customers, and to share it with the broader IT security community.