DevCentral ICMYI - October 2024 (Happy Halloween!)

DevCentral publishes new content constantly, and it’s easy to miss the latest from F5’s technical user community with all that turnover. So here’s a monthly round-up of DevCentral news, content, and events—in case you missed it!

New and Notable

• Happy 20th Birthday, BIG-IP TMOS! - TMOS's 20th birthday! Reflecting on its impact on network engineering and app performance. Early user Jason Rahm shares experiences with profiles, iRules, and tcpdump. Revolutionizing infrastructure management and community collaboration.
• Share Your Expertise at F5 AppWorld 2025! CFP is now open.
• Elevate Your Skills - Register for AppWorld 2025

Content Round-Up

AI

• Enhance your GenAI chatbot with the power of Agentic RAG and F5 platform - Discover how to supercharge your GenAI chatbot with Agentic Retrieval-Augmented Generation (RAG) in our latest demo. Foo-Bang Chan
• AI Security : Prompt Injection and Insecure Output Handling. - Explore the OWASP LLM Top 10, highlighting key attack methodologies like Prompt Injection and Insecure Output Handling.
• Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect - Explore how F5 NGINX App Protect v5 safeguards Gen AI applications against sensitive information disclosure risks, ensuring secure and ethical use of Large Language Models while addressing critical security gaps highlighted by the OWASP LLM Top 10. Mohammed Janibasha Valentin Tobi

Security Insights

This Week in Security

• Cybersecurity Awareness Month, Pokémon and Oracle's CPU - For Cybersecurity Awareness Month, let's look at key online safety findings. We'll also cover Iranian hackers exploiting Windows, critical patches from Jetpack and Oracle, and a data breach at Game Freak. All these highlight the evolving challenges and need for vigilance in cybersecurity. Lior Rotkovitch
• Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities - The F5 Security Incident Response Team shares significant cyberattacks on embassies, the deprecation of PPTP and L2TP in Windows Server, the use of ChatGPT by threat actors, critical MMS protocol vulnerabilities, and Google's new Global Signal Exchange initiative to combat online scams and fraud. Dharminder Rana
• Kia Telematics, Telecom Security, and Documentation. - This week’s TWIS highlights vulnerabilities found in Kia’s telematics system, the slow evolution of telecom security amidst persistent threats, and the importance of clear documentation in technology processes.
• Money, Agents, Apologies, Switcheroos, Hype, and Hope - In this belated edition of This Week In Security, MZ MegaZone discusses key cybersecurity incidents including a major cyberattack on MoneyGram, the rise of North Korean sleeper agents in U.S. companies, CrowdStrike's ongoing fallout, Kaspersky's controversial market exit, vulnerabilities in the Common Unix Printing System, and NIST's proposed changes to outdated password policies.

App Security

• How the F5 SIRT Looks for Malware - F5 SIRT Security Engineer Kyle Fox explains how to find malware on compromised BIG-IP systems with iHealth. He also talks about common attack methods and the importance of strong security to stop unauthorized access.
• A Single IP is Scanning Intensely, and Yields a List of Malware Loaders - In the August 2024 edition of the Sensor Intelligence Series, Jesse Smith notes a significant 79% drop in scanning for CVE-2017-9841 and an 18.8% decrease for CVE-2023-1389, while overall non-CVE scanning surged by 90.9%, primarily driven by a single IP address from Lithuania targeting U.S. sensors.
• Javascript injecting systems effect on web application end users - a scenario review - In this scenario review, Arvin Fopalan explores how JavaScript-injecting systems, such as CDN services, caused authentication failures for end users on a web application protected by F5's BIG-IP ASM and Shape Security Defense, highlighting key troubleshooting steps and resolutions.
• Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio - Explore the critical differences between positive and negative security models in cybersecurity and discover how F5's innovative WAAP solutions can enhance your application's protection strategies. Garland Moore

BIG-IP

Classic BIG-IP

• F5 BIG-IP APM with Omnissa Workspace ONE Access - Discover the enhanced integration guide for F5 BIG-IP APM with Omnissa Workspace ONE Access, featuring the latest updates and step-by-step instructions for secure, scalable access. Matthew Mabis
• Load Balancing Omnissa Unified Access Gateway with BIG-IP LTM - Uncover the most recent and improved solution manual for merging F5 BIG-IP LTM and Omnissa Unified Access Gateway, with enhanced deployment choices and a more seamless procedure. It is now ready for immediate download. Matthew Mabis
• How to run an FTP server on Kubernetes with F5 BIG-IP - Learn how to securely expose an FTP server in Kubernetes using F5 BIG-IP and Azure Kubernetes Service (AKS), combining legacy file transfer capabilities with modern cloud infrastructure for optimal performance and protection. Michael O'Leary
• Use Fully Qualified Domain Name (FQDN) for GSLB Pool Member with F5 DNS - This article shows you how to set up Fully Qualified Domain Names (FQDN) as GSLB pool members in F5 BIG-IP. This setup lets you use advanced features like health check monitoring and load balancing. doddy widanto
• Load Balancing TCP TLS Encrypted Syslog Messages - This article describes how to implement the F5 BIG-IP Generic Message Routing Framework (MRF) to evenly distribute TCP syslog messages across backend servers while ensuring message confidentiality through TLS encryption. Andrew Conley

BIG-IP Next

• BIG-IP Next – Introduction to the Blueprints API - Explore the advantages of F5’s new Blueprints API in automating BIG-IP configurations, offering a streamlined, centrally managed approach that enables seamless deployments across multiple instances without the need for manual GUI interactions. Bob Hanson

NGINX

• Upcoming Action Required: F5 NGINX Plus R33 Release and Licensing Update - NGINX Plus R33, set for release this quarter, introduces essential licensing changes, including mandatory JSON Web Token installation for commercial instances and improved usage tracking to enhance customer experience—ensure you follow the required steps to maintain uninterrupted service. Prabhat Dixit
• Automating F5 NGINX Instance Manager Deployments on VMWare - Learn how to automate the deployment of F5 NGINX Instance Manager in isolated environments using Packer and Terraform, ensuring efficient management of your NGINX inventory. Amir Rawdat

F5 Distributed Cloud

• Seamless App Connectivity with F5 and Nutanix Cloud Services - Explore how F5 Distributed Cloud Services simplifies application connectivity across complex enterprise networks, integrating on-premises, cloud, and Kubernetes environments while enhancing security and reducing operational costs. Lauren Wood, CA-AM Daisuke Nakajima
• Deploying F5 Distributed Cloud Customer Edge in Red Hat OpenShift Virtualization - Discover how integrating F5 Distributed Cloud Customer Edge into 红帽 OpenShift Virtualization streamlines the management of virtual machines alongside containerized applications, enhancing security, performance, and resource utilization in a unified Kubernetes environment. Eric Ji
• Seamless Application Migration to OpenShift Virtualization with F5 Distributed Cloud - Discover how F5 Distributed Cloud and Red Hat's Migration Toolkit collaborate to ensure a smooth, secure, and efficient migration of virtual machines from VMware NSX to OpenShift Virtualization. Together, they help overcome common challenges such as minimizing downtime and preserving application performance. Eric Ji
• F5 Distributed Cloud - Mitigation for Cross Tenant Origin Exposure (CTOE) - F5 Distributed Cloud (XC) simplifies cloud administration with innovative features like shared Regional Edge Proxies, but organizations must implement proactive measures to mitigate risks such as cross-tenant origin exposure (CTOE) to ensure service availability and security in interconnected environments. Brad H Scherer

About DevCentral

DevCentral is an F5 community of technical users dedicated to learning, exchanging ideas, and solving problems—together. Join us to share F5 technology and application security best practices.