Path Network, Inc’s Post

This analysis uncovers the expansion of a significant botnet operation, dubbed Quad7 or 7777 botnet, characterized by its unique use of TCP port 7777 on compromised routers, primarily TP-Link and Hikvision devices. The research reveals a potential second tranche of bots, the 63256 botnet, comprised mainly of infected ASUS routers, indicating an evolution of the threat actor's tactics. Over 30 days, 12,783 active bots were identified across both infrastructures, highlighting the botnet's substantial scale. The analysis also pinpoints seven management IP addresses associated with the botnet's operations, some previously undisclosed. The findings underscore the resilience and adaptability of this persistent threat, warranting continued vigilance and collaborative efforts to mitigate its impact. Reference: https://lnkd.in/gFFxKTPq

#NetworkSecurity #EdgeDevices The increase in mass exploitation involving edge services and devices is likely to worsen. The post Edge Devices: The New Frontier for Mass Exploitation Attacks appeared first on SecurityWeek. https://lnkd.in/gkmnukCE

#UK #TSA How does BGP aggregation help in managing IP prefixes and routing efficiency in a network? ==================================================== Aggregate routes where possible and advertise covering summary prefixes based on blackhole routes (i.e. route to null) to avoid updates for inactive aggregates. Advertisement of prefixes more specific than those normally accepted should have consideration made to limit onward propagation. For example, by use of NO-EXPORT, NO PEER or provider-specific communities. Reference: https://lnkd.in/dHRfY2iF #telecoms #TSA #telecomsecurity  #ExposedEdge #security #5G #4G #3G #Aggregation #router

'... an advanced BGP prefix de-aggregation attack that announces millions of IPv6 routes via thousands of IXP connections to overflow the memory of routers within remote ASes. Kirin's highly distributed nature allows it to bypass traditional route-flooding defense mechanisms ... 'Despite its low deployment cost, we find that Kirin may inject lethal amounts of routes into the routers of thousands of ASes'. https://lnkd.in/gdpuqtc6

LKN researchers presented latest results on security in wireless networks at ACM WiSEC 2024, which took place from May 27 to 30, 2024 in Seoul, Korea. - O. Zeidler, J. Sturm, D. Fraunholz, and W. Kellerer: Performance Evaluation of Transport Layer Security in the 5G Core Control Plane (full paper) - J. Sturm, D. Fraunholz, O. Zeidler, K. Schaar, and W. Kellerer: 5G Puppeteer: Chaining Hidden Command and Control Channels in 5G Core Networks (poster)

One of the most widely used network protocols is vulnerable to a newly discovered attack that can allow adversaries to gain control over a range of environments, including industrial controllers, telecommunications services, ISPs, and all manner of enterprise networks.

https://lnkd.in/gAHef4Zr "Investigators are exploring whether the intruders gained access to Cisco Systems routers, core network components that route much of the traffic on the internet, according to people familiar with the matter." That's a very specific investigation workstream. I wonder why would they focus on it in WSJ... 🤣 #velvetant. While technical details on #salttyphoon are not out yet, I'm very curious to see how similar it is to #velvetant https://lnkd.in/gQtS6kHM https://lnkd.in/gnE2BfuX

🔆 Recent research in Quantum Key Distribution (QKD) by Andrew Lord at #BT Group explores two paradigms for enhancing quantum network security and efficiency. The study contrasts Trusted Node (TN) networks, using the Decoy BB84 protocol, with Non-Trusted Node (NTN) networks employing Twin-Field QKD (TF-QKD). The findings reveal that sharing QKD devices across network nodes can significantly reduce costs, particularly in NTN frameworks. #QuantumNetworking #QuantumKeyDistribution #Research

Delving into Communication Protocols: The Pillars of Network Transmission Communication protocols are fundamental to the exchange of information across networks. They govern how data is transmitted between devices, ensuring that communication is efficient and reliable. These protocols also include mechanisms to recover data lost in transit, maintaining the integrity of the information being exchanged. #InfoSec #CyberYami #NetworkProtocols #DataTransmission #TechCommunication #NetworkSecurity #DigitalCommunication

We often need a closer look at the packets to find out what’s happening on the network. When it comes to 𝗧𝗔𝗣 𝘃𝘀 𝗦𝗣𝗔𝗡, there are substantial differences that you should know about: ⦿ Capture quality: Opposed to TAPs, SPAN ports can quickly get oversubscribed, leading to packet drops. They also filter out physical layer errors, complicating analyses. TAPs, on the other hand, capture full duplex traffic at wirespeed. Plus, TAP data is admissible in court! ⦿ Security: TAPs isolate monitoring devices from the network, no IP/MAC address. A SPAN port is part of the network, turning it into a potential vulnerability. ⦿ VLAN challenges: SPAN ports don’t usually pass VLAN tags, impacting VLAN issue detection. Aggregating TAPs like the 𝗣𝗿𝗼𝗳𝗶𝘁𝗮𝗽 𝗕𝗼𝗼𝘀𝘁𝗲𝗿 can be a game-changer, supporting ingress VLAN tagging and aggregation of eight 10/100/1G ports to one 1G - 10G output! In short, SPAN ports are handy, but for performance, 𝗿𝗲𝗹𝗶𝗮𝗯𝗶𝗹𝗶𝘁𝘆, 𝗮𝗻𝗱 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆, 𝗧𝗔𝗣𝘀 𝘀𝘁𝗲𝗮𝗹 𝘁𝗵𝗲 𝘀𝗵𝗼𝘄. Choose wisely based on network utilization and priorities! Read out blog for more information: https://hubs.la/Q02g5FyG0 #networkmonitoring #techtalk #tap #SPAN