Ivanti patches two EPMM flaws exploited in the wild https://www.csoonline.com/article/3985912/ivanti-patches-two-epmm-flaws-exploited-in-the-wild.html #ZeroDayVulnerabilities #NetworkSecurity #MobileSecurity

Ivanti patches two EPMM flaws exploited in the wild https://www.csoonline.com/article/3985912/ivanti-patches-two-epmm-flaws-exploited-in-the-wild.html #ZeroDayVulnerabilities #NetworkSecurity #MobileSecurity
The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.
Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:
The FBI’s May 2025 alert
TheMoon malware and the Faceless proxy service
What these botnets mean for your enterprise
What you need to do now to stay protected
Watch the video: https://youtu.be/x_40BlvWsHk
Listen to the podcast: https://www.chatcyberside.com/e/outdated-routers-a-hidden-threat-in-your-neighborhood/?token=b0b648ff9ddf79f7cb1099945c74f7f0
1.3 with exciting and long awaited new features is here
Access Control / Firewall management: https://docs.defguard.net/enterprise/all-enteprise-features/access-control-list
LDAP & Active Directory two-way synchronization: https://docs.defguard.net/enterprise/all-enteprise-features/ldap-and-active-directory-integration/two-way-ldap-and-active-directory-synchronization
More on Github: https://github.com/DefGuard/defguard/releases/tag/v1.3.0
Network engineers -- Do you know what 802.1X and/or AAA is?
Help me settle a debate with this completely unscientific poll.
Think your network is locked down? Think again.
Register for our May 28th Cyberside Chats Live episode featuring special guest @tompohl, LMG Security’s Head of Penetration Testing, and discover the most common security gaps attackers exploit.
Tom will share how his team routinely gains domain admin access in over 90% of their engagements—and how you can stop real attackers from doing the same. He’ll break down the weak points they target, from insecure default Active Directory settings to overlooked misconfigurations—even in mature environments.
Register now: https://www.lmgsecurity.com/event/cyberside-chats-live-may-2025/
Cyber threat: Operation Moonlander dismantles a decades-old router botnet
Aging Linksys, Ericsson & Cisco routers were hijacked by TheMoon malware
Four foreign nationals indicted for running Anyproxy/5socks proxy-for-hire networks
FBI bulletin urges disposal of unsupported routers and firmware updates
Joint takedown by FBI, Dutch National Police & DOJ
Protect your network: replace EOL devices, apply patches, and monitor IoT traffic for anomalies.
#CyberSecurity #Botnet #IoT #OperationMoonlander #NetworkSecurity
https://www.theregister.com/2025/05/10/router_botnet_crashed/
FBI warns that end of life devices are being actively targeted by threat actors – Source: www.csoonline.com https://ciso2ciso.com/fbi-warns-that-end-of-life-devices-are-being-actively-targeted-by-threat-actors-source-www-csoonline-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #NetworkSecurity #CSOonline #CSOOnline #Security #botnets
FBI warns that end of life devices are being actively targeted by threat actors https://www.csoonline.com/article/3982368/fbi-warns-that-end-of-life-devices-are-being-actively-targeted-by-threat-actors.html #NetworkSecurity #Security #Botnets
When can we declare IP Geo location / country code blocking practically dead as a mitigation strategy?
Sure it is still useful blocking script kiddies from Iran and other low hanging fruit, but do any serious APT crews actually launch attacks from their home country anymore?
With the use of zero trust, distributed attack and delivery networks (looking at you Cloudflare), and VPN usage country blocking feels less useful than in the past.
Dive into our new technical blog, No Exploits Needed: Using Cisco’s Own Features to Extract Credentials, for a behind-the-scenes look at how default settings can lead to a data breach.
In this post, Penetration Testing Team Manager @tompohl shares how he extracted a Cisco router’s entire running configuration—no credentials required—during a recent penetration test and offers tips for hardening your security. https://www.lmgsecurity.com/no-exploits-needed-using-ciscos-own-features-to-extract-credentials/
How To Secure Digital Wallets from Phishing Attacks - Digital wallets have become increasingly popular, offering users an easy way to make paym... https://www.itsecurityguru.org/2025/05/08/how-to-secure-digital-wallets-from-phishing-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-secure-digital-wallets-from-phishing-attacks #networksecurity
U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases – Source: securityboulevard.com https://ciso2ciso.com/u-s-wins-one-maybe-two-extradition-petitions-in-unrelated-cases-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #environmentalgroups #CyberSecurityNews #IndustrySpotlight #SecurityAwareness #SecurityBoulevard #Identity&Access #NetworkSecurity #SocialFacebook #SocialLinkedIn #CloudSecurity #Cybersecurity #datasecurity #ransomware #Spotlight
At #RSAC2025, the message was clear: it's time to move beyond legacy VPNs.
Discover how Tailscale is leading the charge towards modern, secure networking solutions.
Read our RSAC 2025 recap: https://tailscale.com/blog/rsac-2025-recap
How do You Know if You’re Ready for a Red Team Partnership? https://www.securityweek.com/how-do-you-know-if-youre-ready-for-a-red-team-partnership/ #NetworkSecurity #RiskManagement #RedTeam
How do You Know if You’re Ready for a Red Team Partnership? https://www.securityweek.com/how-do-you-know-if-youre-ready-for-a-red-team-partnership/ #NetworkSecurity #RiskManagement #RedTeam
Europol Launches Taskforce to Combat Violence-as-a-Service Networks https://gbhackers.com/europol-launches-to-combat-violence-as-a-service/ #CyberSecurityNews #NetworkSecurity #cybersecurity #Vulnerability
NetFoundry Raises $12 Million for Network Security Solutions https://www.securityweek.com/netfoundry-raises-12-million-for-network-security-solutions/ #CybersecurityFunding #NetworkSecurity #networksecurity #NetFoundry #ZeroTrust #funding
NetFoundry Raises $12 Million for Network Security Solutions https://www.securityweek.com/netfoundry-raises-12-million-for-network-security-solutions/ #CybersecurityFunding #NetworkSecurity #networksecurity #NetFoundry #ZeroTrust #funding
North Korean Group Creates Fake Crypto Firms in Job Complex Scam – Source: securityboulevard.com https://ciso2ciso.com/north-korean-group-creates-fake-crypto-firms-in-job-complex-scam-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #NorthKoreaITworkerscam #cryptocurrencyfraud #ThreatIntelligence #CyberSecurityNews #IndustrySpotlight #SecurityBoulevard #socialengineering #Identity&Access #NetworkSecurity #MobileSecurity #SocialFacebook #SocialLinkedIn #Malware
New Threat Alert: Rustobot Botnet
A new Rust-based botnet is making waves — and it's hijacking routers to do it. @FortiGuardLabs latest research dives into Rustobot, a stealthy, modular botnet that’s fast, evasive, and ready to wreak havoc.
Learn how it works, what makes it different, and how to protect your network:
https://www.fortinet.com/blog/threat-research/new-rust-botnet-rustobot-is-routed-via-routers
IOCs
URLs
hxxp://66[.]63[.]187[.]69/w.sh
hxxp://66[.]63[.]187[.]69/wget.sh
hxxp://66[.]63[.]187[.]69/t
hxxp://66[.]63[.]187[.]69/tftp.sh
hxxp://66[.]63[.]187[.]69/arm5
hxxp://66[.]63[.]187[.]69/arm6
hxxp://66[.]63[.]187[.]69/arm7
hxxp://66[.]63[.]187[.]69/mips
hxxp://66[.]63[.]187[.]69/mpsl
hxxp://66[.]63[.]187[.]69/x86
Hosts
dvrhelper[.]anondns[.]net
techsupport[.]anondns[.]net
rustbot[.]anondns[.]net
miraisucks[.]anondns[.]net
5[.]255[.]125[.]150
Edit: Shout-out to the author behind this research, @7olzu