Tag Archives: FireEye

Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100

A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about […]

Attackers Replacing Firmware on Cisco Routers

Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to maintain persistence on the victim’s network. Such a technique […]

New Hammertoss Espionage Tool Tied to MiniDuke Gang

Hammertoss, a backdoor uncovered by researchers at FireEye, combines many previous communication venues used by APT29, a espionage outfit linked to the Russian government.