Threat Awareness – EnemyBot Incorporates Exploits for Critical VMware and F5 BIG-IP Vulnerabilities

The EnemyBot botnet continues to add critical vulnerabilities to its capabilities. Specifically, researchers observed that the botnet has added the recently disclosed VMware and F5 BIG-IP CVEs. EnemyBot is a botnet that was first discovered in March and is primarily being used to conduct distributed denial-of-service (DDoS) attacks and infect new devices. As a reminder, WaterISAC has been reporting on the VMware and F5 BIG-IP CVEs and stressing to members the importance of applying the updated patches. Both vulnerabilities allow a threat actor the ability to take control of an infected device or network and execute arbitrary commands. To defend against the EnemyBot, its critical to apply the latest patches and monitor network traffic for suspicious activity. Read more at BleepingComputer.