Cert2Connect

Joint Cybersecurity Advisory - Russian Threat Actors Using Compromised Routers For Cyber Operations

The Joint Cybersecurity Advisory issued on February 27 2024 highlights the use of compromised Ubiquiti EdgeRouters by Russian state-sponsored cyber actors specifically the GRU unit APT28 (aka Fancy Bear Forest Blizzard) to conduct malicious cyber operations globally. These operations include harvesting credentials collecting NTLMv2 digests proxying network traffic and hosting spear-phishing landing pages as well as custom tools. While efforts have been made to disrupt these activities owners of impacted devices are being advised to take actions to remediate the threat including performing a hardware factory reset upgrading firmware changing default credentials and implementing strategic firewall rules.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak