Recherche : [lumen] - Cyberveille

The J-Magic Show: Magic Packets and Where to find them - Lumen Blog https://blog.lumen.com/the-j-magic-show-magic-packets-and-where-to-find-them/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118

27/01/2025 09:23:20

A backdoor tailored to Juniper routers that hides the activation signal in regular traffic using “Magic Packets” to give access to an attacker

The Pumpkin Eclipse https://blog.lumen.com/the-pumpkin-eclipse/

30/05/2024 18:31:25

Executive Summary Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement. Public scan data Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP).

Eight Arms to Hold You: The Cuttlefish Malware https://blog.lumen.com/eight-arms-to-hold-you-the-cuttlefish-malware/?ref=news.risky.biz

03/05/2024 07:43:56

Executive Summary: The Black Lotus Labs team at Lumen Technologies is tracking a malware platform we’ve named Cuttlefish, that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers. This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent local area network (LAN). A

The Darkside of TheMoon https://blog.lumen.com/the-darkside-of-themoon/

30/03/2024 17:41:03

Executive Summary The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and

KV-Botnet: Don’t call it a Comeback - Lumen https://blog.lumen.com/kv-botnet-dont-call-it-a-comeback/

12/02/2024 01:14:17

Executive Summary On December 13, 2023, Lumen’s Black Lotus Labs reported our findings on the KV-botnet, a covert data transfer network used by state-sponsored actors based in China to conduct espionage and intelligence activities targeting U.S. critical infrastructure. Around the time of the first publication, we identified a spike in activity that we assess aligns

New HiatusRAT router malware covertly spies on victims - Lumen https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/

08/03/2023 21:38:44

Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.

Chaos is a Go-based Swiss army knife of malware https://blog.lumen.com/chaos-is-a-go-based-swiss-army-knife-of-malware/

01/10/2022 01:03:28

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware developed for Windows and Linux

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks https://blog.lumen.com/zuorat-hijacks-soho-routers-to-silently-stalk-networks/

30/06/2022 09:44:20

Black Lotus Labs, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly NA and European networks of interest.

Liens par page

Filtres