๐Ÿท๏ธ network-security

5 articles tagged network-security.

Industrial Routers Under Botnet Attack: Four-Faith and ASUS Vulnerabilities Being Actively Exploited in OT Networks

Industrial Routers Under Botnet Attack: Four-Faith and ASUS Vulnerabilities Being Actively Exploited in OT Networks

Two vulnerabilities in widely deployed industrial and commercial routers are being actively exploited by botnets in May 2026. CVE-2024-9643 in Four-Faith F3x36 Industrial Cellular Routers, scoring 9.8 on CVSS, allows full administrative control without authentication. CVE-2018-5999 in ASUS AsusWRT routers, a vulnerability from 2018, has been re-weaponized by the RondoDox botnet as of May 17, 2026. Both vulnerabilities are being used to build botnet infrastructure, and compromised industrial routers in OT environments create paths from the internet directly into production control systems.

 CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVE-2026-20131 in Cisco Secure Firewall Management Center carries the maximum possible CVSS score of 10.0 and allows unauthenticated remote attackers to execute arbitrary Java code as root via an insecure deserialization flaw. The Interlock ransomware group was exploiting it as a zero-day from January 26, 2026 โ€” more than a month before Cisco disclosed the vulnerability publicly โ€” using memory-resident web shells, custom JavaScript and Java remote access trojans, and Active Directory certificate abuse to move through victim networks.

 Routers Are Now the Riskiest Device in Your Network: The 2026 Connected Device Risk Report

Routers Are Now the Riskiest Device in Your Network: The 2026 Connected Device Risk Report

New research tracking connected device risk across IT, OT, IoT, and IoMT environments has named routers the single most dangerous device category in enterprise networks, averaging 32 vulnerabilities per device and accounting for roughly a third of all critical vulnerabilities found in corporate infrastructure. Forty percent of device types on the 2026 riskiest list are entirely new entries, and 75% were not on the list two years ago โ€” a pace of attack surface expansion that most security programs are not designed to absorb.

 85% of Organizations Got Hit Through Wireless: What the Cisco 2026 State of Wireless Report Means for Your Smart Office

85% of Organizations Got Hit Through Wireless: What the Cisco 2026 State of Wireless Report Means for Your Smart Office

Cisco surveyed 6,098 wireless decision-makers across 30 countries and found that 85% of organizations experienced wireless security incidents in the past year, with IoT and OT devices identified as the primary weak link. Half of those incidents cost over $1 million. Here is what the data means for organizations running connected smart offices.

 Masjesu: The Commercial IoT Botnet That Sells 290 Gbps DDoS Attacks on Telegram โ€” and Targets Your Factory Floor

Masjesu: The Commercial IoT Botnet That Sells 290 Gbps DDoS Attacks on Telegram โ€” and Targets Your Factory Floor

Security researchers have exposed Masjesu, a sophisticated IoT botnet sold as a DDoS-for-hire service on Telegram. It targets routers and gateways across ARM, MIPS, and AMD64 architectures โ€” and has begun extorting smart manufacturing operations.

โ† All topics

Ask Sage ๐Ÿค–