Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Malicious SYNful Cisco router implant found on more devices across the globe

Malicious SYNful Cisco router implant found on more devices across the globe

2015/09/18

Help Net Security - (International) Security researchers followed recent FireEye findings of SYNful modified malicious router firmware with four scans of public IPv4 addresses and found that 79 hosts displayed behavior consistent with the SYNful Knock implant, including 25 in the U.S. which belong to a single East Coast service provider.

Source: http://www.net-security.org/malware_news.php?id=3104

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:17