Tag: network
-
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
-
CISA Hunts for Cisco Backdoor Spotted on Federal Network
‘Firestarter’ Backdoor Can Survive Reboots, Upgrades and Standard Fixes. The Cybersecurity and Infrastructure Security Agency issued an emergency directive warning a newly-discovered Cisco backdoor can survive routine remediation processes, forcing agencies to investigate edge devices that anchor federal firewall and VPN security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-hunts-for-cisco-backdoor-spotted-on-federal-network-a-31505
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
Latest in long-running pwning of Cisco kit found in mystery Fed agency First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/government_cni_on_high_alert/
-
Compromised everyday devices power Chinese cyber espionage operations
China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ncsc-china-covert-networks-advisory/
-
China-Linked Cyber Actors Turn to Massive Covert Botnets to Evade Detection
A newly issued cybersecurity advisory highlights an evolution in the tactics, techniques and procedures (TTPs) employed by China-Nexus threat actors. The report, released with support from the UK Cyber League and coordinated by the National Cyber Security Centre (NCSC-UK) alongside international partners, sheds light on how Chinese threat actors are relying on large-scale covert networks of compromised…
-
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…
-
China-Linked Hackers Hide Behind Compromised Routers
Hackers linked to China are increasingly abusing compromised routers and edge devices to build covert networks, enabling stealthy cyber operations that are harder to detect and block. Instead of relying on dedicated servers or purchased hosting, threat actors are now leveraging large-scale botnets made up of hacked small office/home office (SOHO) routers, IoT devices, and…
-
Breach Roundup: Myanmar Scam Compound Managers Charged
Also, Europol Cracks DDoS Networks, Mythos Finds Bugs, France Portal Hit. This week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for Mozilla. France ID portal breach. Israeli and Venezuelan critical infrastructure targeted. Russian hacking in Ukraine. An Apache flaw. A ransomware negotiator aided BlackCat. First seen on…
-
China-Backed Hackers Are Industrializing Botnets
China’s state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/china-hackers-industrializing-botnets
-
3 practical ways AI threat detection improves enterprise cyber resilience
Legitimate admin activity and malicious behavior often look similar without contextHybrid environments generate fragmented telemetry that rule sets can’t correlateLean teams don’t have time to manually connect the dots across systemsPlatforms like Adlumin MDR apply behavioral models and automated triage to suppress low”‘value alerts and elevate incidents that actually matter. Fewer alerts, better context, and…
-
3 practical ways AI threat detection improves enterprise cyber resilience
Legitimate admin activity and malicious behavior often look similar without contextHybrid environments generate fragmented telemetry that rule sets can’t correlateLean teams don’t have time to manually connect the dots across systemsPlatforms like Adlumin MDR apply behavioral models and automated triage to suppress low”‘value alerts and elevate incidents that actually matter. Fewer alerts, better context, and…
-
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
Investigators found the malware, dubbed Firestarter, on a federal agency’s network in a campaign dating back to at least September 2025. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-firestarter-malware-cisa-warning/
-
Hacked Devices Are Gateways for Chinese Nation-State Hackers
Routing Malicious Traffic Through Hacked IoT Devices Is Leading to ‘IoC Extinction’. Networks comprised of hacked domestic devices underpin a mounting number of Chinese nation-state hacking operations, warned British, U.S. and a slew of other national cybersecurity agencies. The networks comprise small office home office routers, IoT equipment and smart devices. First seen on govinfosecurity.com…
-
Five steps to become Mythos ready
Tags: access, ai, attack, automation, breach, business, cloud, compliance, control, cvss, cyber, cybersecurity, data, defense, detection, exploit, flaw, framework, identity, incident response, infrastructure, LLM, mitre, network, office, open-source, openai, risk, software, threat, tool, training, update, vulnerability, zero-dayAI is uncovering vulnerabilities at a scale that will overwhelm legacy defenses. Here is how to build a security organization that is Mythos ready. Key takeaways While frontier AI models like Claude Mythos boost cyber defenses, they also empower attackers to discover and weaponize vulnerabilities at unprecedented machine speed. To avoid getting buried by an…
-
Five steps to become Mythos ready
Tags: access, ai, attack, automation, breach, business, cloud, compliance, control, cvss, cyber, cybersecurity, data, defense, detection, exploit, flaw, framework, identity, incident response, infrastructure, LLM, mitre, network, office, open-source, openai, risk, software, threat, tool, training, update, vulnerability, zero-dayAI is uncovering vulnerabilities at a scale that will overwhelm legacy defenses. Here is how to build a security organization that is Mythos ready. Key takeaways While frontier AI models like Claude Mythos boost cyber defenses, they also empower attackers to discover and weaponize vulnerabilities at unprecedented machine speed. To avoid getting buried by an…
-
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
A new security advisory highlights Beijing’s stealthy techniques. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-botnets-cyberattacks-covert-networks-advisory/818309/
-
China-linked hackers targeted Mongolian government using Slack, Discord for covert communications
The group, which researchers at cybersecurity firm ESET named GopherWhisper, has been active since at least November 2023 and was discovered in January 2025 after investigators found a previously unknown backdoor on the network of a Mongolian government institution. First seen on therecord.media Jump to article: therecord.media/china-linked-hackers-target-mongolian-gov-slack-discord
-
A dozen allied agencies say China is building covert hacker networks out of everyday routers
The joint warning describes a major tactical shift by Chinese-linked hackers and lays out what organizations should do about it. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-nexus-covert-networks-advisory/
-
Chinese hackers using compromised networks to spy on Western companies, says Five Eyes
Companies urged to take countermeasures as Chinese hacking groups use networks of infected home and office devices ‘at scale’ to evade security monitoring systems First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641986/Chinese-hackers-using-compromised-networks-to-spy-on-Western-companies-says-Five-Eyes
-
SASE im Browser
Der Spezialist für Secure-Access-Service-Edge (SASE), Versa Networks, stellt den Versa-Secure-Enterprise-Browser vor. Diese Erweiterung der <> setzt direkt im Browser die festgelegten SASE-Richtlinien durch und schützt so Mitarbeitende und Partner effektiv bei der Nutzung von Web-, SaaS- und unternehmensinternen KI-Anwendungen. Der Browser hat sich zur vorherrschenden Umgebung für die Arbeit in Unternehmen entwickelt. […] First seen…
-
SASE im Browser
Der Spezialist für Secure-Access-Service-Edge (SASE), Versa Networks, stellt den Versa-Secure-Enterprise-Browser vor. Diese Erweiterung der <> setzt direkt im Browser die festgelegten SASE-Richtlinien durch und schützt so Mitarbeitende und Partner effektiv bei der Nutzung von Web-, SaaS- und unternehmensinternen KI-Anwendungen. Der Browser hat sich zur vorherrschenden Umgebung für die Arbeit in Unternehmen entwickelt. […] First seen…
-
SASE im Browser
Der Spezialist für Secure-Access-Service-Edge (SASE), Versa Networks, stellt den Versa-Secure-Enterprise-Browser vor. Diese Erweiterung der <> setzt direkt im Browser die festgelegten SASE-Richtlinien durch und schützt so Mitarbeitende und Partner effektiv bei der Nutzung von Web-, SaaS- und unternehmensinternen KI-Anwendungen. Der Browser hat sich zur vorherrschenden Umgebung für die Arbeit in Unternehmen entwickelt. […] First seen…
-
UK warns of Chinese hackers using proxy networks to evade detection
The United Kingdom’s National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/
-
Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say
The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/
-
Check Point belegt ersten Platz im Hybrid-Mesh-NetworkBenchmark von Miercom
Check Point Software Technologies, gibt bekannt, dass man im <> den ersten Platz belegt hat. Dieser bedeutsame Erfolg markiert für Check Point das vierte Jahr in Folge die branchenweite Spitzenposition. Check Point erreichte mit einer Phishing-Erkennungsrate von 100 Prozent und einer KI-gestützten Malware-Abwehr von 99,9 Prozent den Spitzenwert […] First seen on netzpalaver.de Jump to…
-
Outlook Mailboxes Abused to Conceal Linux GoGra Backdoor Traffic
The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control (C2) traffic within Microsoft Outlook mailboxes, making it significantly harder to detect with traditional network defenses. Researchers from Symantec and Carbon Black Threat Hunter Team discovered the malware. They linked…