US and security allies warn Russian attacks on critical infrastructure are ramping up against ‘poorly configured and vulnerable networking devices worldwide’



  • NSA, FBI, CISA, and 15 allied agencies warn Russia’s FSB Center 16 is exploiting weak/default credentials and old Cisco flaws to compromise critical infrastructure devices
  • Advisory highlights CVE‑2018‑0171 (Smart Install DoS/RCE) and CVE‑2008‑412813 (CSRF in Cisco IOS 12.4) as examples of vulnerabilities still being abused
  • TTPs overlap with Chinese groups but attribution points to Russian actors like Berserk Bear and Energetic Bear; full IoCs and mitigations were published in the joint advisory

Russian state-sponsored threat actors are continuously targeting broken and poorly configured networking devices belonging to critical infrastructure providers all around the world, a joint security advisory published by the US National Security Agency (NSA) and more than a dozen other agencies has warned.

As per the advisory, hackers working for the Russian Federal Security Service (FSB) Center 16 are constantly scanning for routers and other internet-connected devices that can be accessed with “common or default” login credentials.

https://cdn.mos.cms.futurecdn.net/kqDd8hw4VtrskmqGDY5fKa-1980-80.png



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img