When the news broke that a Chinese hacking group known as Salt Typhoon had penetrated multiple U.S. telecommunications networks, gained access to the phones of a presidential campaign, and collected geolocation data on high-value targets around Washington D.C., one of the first questions on the minds of executives and U.S. officials was how long it…
Category: routers
Cybercrime, Cybersecurity, Department of Justice, Department of Justice (DOJ), fbi, Federal Bureau of Investigation (FBI), Global Security News, indictment, malware, North America, routers, Threats
US seizes Anyproxy, 5socks botnets and indicts alleged administrators
Federal authorities seized two domains and indicted four foreign individuals for alleged involvement in a long-running botnet service that infected older wireless internet routers, the Justice Department said Friday. The malware created for the botnet allowed infected routers to be reconfigured, which granted unauthorized access to third parties and made the routers available for sale…
Asia Pacific, Global Security News, modems, Policy, Robin Kelly, routers, ROUTERS Act, Salt Typhoon
House passes bill to study routers’ national security risks
A bill requiring the Department of Commerce to study national security issues posed by routers and modems controlled by U.S. adversaries passed the House on Monday, advancing legislation that lawmakers say is “crucial” to understanding the devices’ cybersecurity risks. The House has moved quickly on the Removing Our Unsecure Technologies to Ensure Reliability and Security…
Cybercrime, Cybersecurity, exploit, Exploits, firewall, Fortinet, Global Security News, Google Threat Intelligence Group, ivanti, Mandiant, Palo Alto Networks, Ransomware, Research, routers, Threats, virtual private network (VPN), vulnerabilities
Attackers hit security device defects hard in 2024
Attackers are having a field day with software defects in security devices, according to a new report released Wednesday by Mandiant Exploits were the most common initial infection vector, representing 1 of every 3 attacks in 2024, and the four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and…
china, CISA, cisco, citrix, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), espionage, exploit, Exploits, firewall, firewalls, Fortinet, Gartner, Global Security News, Google Threat Intelligence Group, ivanti, known exploited vulnerabilities (KEV), Mandiant, National Vulnerability Database, NIST, Palo Alto Networks, Rapid7, Research, routers, Technology, Threats, virtual private network (VPN), VulnCheck, vulnerabilities, vulnerability disclosure, zero days
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any…
Asia Pacific, Global Security News, modems, Policy, Robin Kelly, routers, ROUTERS Act
Bill to study national security risks in routers passes House committee
A federal study into the national security risks posed by routers, modems and similar devices controlled by U.S. adversaries moved one step closer to law Tuesday by advancing out of the House Energy and Commerce Committee. The Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act from Reps. Bob Latta, R-Ohio, and Robin…
china, cisco, Cybersecurity, Exploits, Five Eyes, Global Security News, nation state threats, nation-state hackers, Recorded Future, Research, routers, Salt Typhoon, Threats, vulnerabilities
Salt Typhoon remains active, hits more telecom networks via Cisco routers
Salt Typhoon, the Chinese nation-state threat group linked to a spree of attacks on U.S. and global telecom providers, remains active in its intrusion and has hit multiple additional networks worldwide, including two in the United States, Recorded Future said in a report released Thursday. Recorded Future’s Insikt Group observed seven compromised Cisco network devices communicating…
Asia Pacific, Cybersecurity, Global Security News, John Hickenlooper, marsha blackburn, modems, NTIA, Policy, routers, Shelly Moore Capito, SOHO
National security risks in routers, modems targeted in bipartisan Senate bill
The national security risks posed by routers, modems and similar devices produced by U.S. adversaries would be the subject of a new federal study under a bipartisan Senate bill introduced Monday. The Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act from Sens. Marsha Blackburn, R-Tenn., and Ben Ray Luján, D-N.M., is aimed…
backdoor, Cybersecurity, espionage, Europe, FreeBSD, Global Security News, Juniper Networks, Lumen Technologies, routers, Threats, virtual private network (VPN)
New backdoor discovered that specifically targets Juniper routers
Researchers at Black Lotus Labs have uncovered an operation where a back door is dropped onto enterprise-grade Juniper Networks routers and listens for specific network signals, known as “magic packets,” to execute malicious commands. The campaign, which researchers at the cybersecurity wing of Lumen Technologies refer to as “J-Magic,” was active between mid-2023 and mid-2024.…
Exploits, Global Security News, Internet of Things (IoT), routers, threat detection, Uncategorized, vulnerabilities
Thousands of industrial routers vulnerable to command injection flaw
Thousands of industrial routers from a Chinese telecommunications equipment manufacturer are vulnerable to a post-authentication vulnerability, with indications it is already being exploited in the wild to infect devices with Mirai malware. On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers…