US, UK Agencies Warn of Nation-State Hackers Using Custom Malware on Cisco Routers
The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. A joint report released by the UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), the NSA, and the FBI details how the APT28 hackers have been exploiting an old SNMP flaw on Cisco IOS routers to deploy the malware. The malware exfiltrates information from the router and provides unauthenticated backdoor access to the device. CVEs: CVE-2017-6742 Malware: Sednit, JaguarTooth [View Article](https://www.bleepingcomputer.com/news/security/us-uk-warn-of-govt-hackers-using-custom-malware-on-cisco-routers/?&web_view=true)