Tag: router
-
DrayTek routers worldwide go into reboot loops over weekend
Many Internet service providers (ISPs) worldwide are alerting customers of an outage that started Saturday night and triggered DrayTek router connectivity problems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/draytek-routers-worldwide-go-into-reboot-loops-over-weekend/
-
Schwachstelle in Tenda-AC7-Routern
CVE-2025-1851 ist eine schwerwiegende Sicherheitslücke, die Tenda-AC7-Router mit Firmware-Versionen bis 15.03.06.44 betrifft. Tenda-AC7 ist ein drahtloser Dualband-Router für den Einsatz in Privathaushalten sowie kleinen und mittelständischen Unternehmen. Die Schwachstelle beim Pufferüberlauf innerhalb der Funktion formSetFirewallCfg ermöglicht es einem Angreifer, eine speziell gestaltete Payload an die Webschnittstelle des Routers zu senden. Bei erfolgreicher Ausnutzung können Angreifer…
-
âš¡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Tags: attack, cybersecurity, exploit, finance, fraud, group, Hardware, malware, open-source, pypi, ransomware, router, supply-chain, threat, toolFrom sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source First…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool Ragnar Loader Desert Dexter. Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Microsoft patches […]…
-
Cisco IOS XR flaw allows attackers to crash BGP process on routers
Cisco addressed a denial of service (DoS) vulnerability that allows attackers to crash the Border Gateway Protocol (BGP) process on IOS XR routers. Cisco has addressed a denial of service (DoS) vulnerability, tracked as CVE-2025-20115, that could allow an unauthenticated, remote attacker to crash the Border Gateway Protocol (BGP) process on IOS XR routers by sending a single BGP…
-
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses
Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windowsSigns of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
-
Actively exploited Juniper router vulnerability addressed
First seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-juniper-router-vulnerability-addressed
-
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/
-
Chinese espionage group UNC3886 targets Juniper routers
Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620812/Chinese-espionage-group-UNC3886-targets-Juniper-routers
-
5 Things To Know About China-Linked Juniper Router Attacks
Juniper Networks has released a fix for a Junos OS vulnerability, which Mandiant researchers say has been exploited by a China-based espionage group. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-about-china-linked-juniper-router-attacks
-
Old Juniper routers targeted by Chinese hackers to deploy various payloads
First seen on scworld.com Jump to article: www.scworld.com/brief/old-juniper-routers-targeted-by-chinese-hackers-to-deploy-various-payloads
-
Juniper patches bug that let Chinese cyberspies backdoor routers
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/juniper-patches-bug-that-let-chinese-cyberspies-backdoor-routers-since-mid-2024/
-
Tenda AC7 Vulnerability Lets Hackers Execute Malicious Payloads for Root Access
A vulnerability has been discovered in the Tenda AC7 router, firmware version V15.03.06.44, which allows attackers to execute malicious payloads and gain root access. As per a report in Github, the vulnerability, identified through experimental setup and exploitation, revolves around a stack overflow issue in the formSetFirewallCfg function. This exploit is significant, as it not only enables…
-
China-Backed Hackers Backdoor US Carrier-Grade Juniper MX Routers
Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called TinyShell. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-hackers-backdoor-carrier-grade-juniper-mx-routers
-
Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor
Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks’ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent…
-
China-linked APT UNC3886 targets EoL Juniper routers
Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper NetworksJunos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to…
-
China continues cyberattacks on routers, this time targeting Juniper Networks devices
Researchers said the state-backed group dubbed UNC3886 was behind a campaign to deploy custom backdoors on the company’s Junos OS routers. First seen on therecord.media Jump to article: therecord.media/china-continues-attacks-routers-juniper
-
Thousands Of Vulnerable TP-Link Routers Targeted By Ballista Botnet
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-vulnerable-tp-link-routers-targeted-by-ballista-botnet
-
US lawmakers warn against China-made routers over cybersecurity risks
First seen on scworld.com Jump to article: www.scworld.com/brief/us-lawmakers-warn-against-china-made-routers-over-cybersecurity-risks
-
‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it’s being used once more for another botnet campaign with its own malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ballista-botnet-campaign-exploits-2023-vuln-tp-link-routers
-
Juniper MX routers targeted by China-nexus threat group using custom backdoors
The devices have reached end-of-life status and need to be upgraded, as the company has issued in a security advisory. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/juniper-routers-china–hacker-backdoor/742315/
-
Emerging botnet exploits TP-Link router flaw posing risk to US organizations
Ballista’s attacks on TP-Link devices comes as U.S. lawmakers consider banning the company’s products over suspected links to China. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/-botnet-exploits-tp-link-router/742319/
-
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected. First seen on hackread.com Jump to article: hackread.com/chinese-group-unc3886-backdoor-juniper-routers/
-
Mandiant Uncovers Custom Backdoors on EndLife Juniper Routers
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mandiant-uncovers-custom-backdoors-on-end-of-life-juniper-routers/