Lucene search
K

8 matches found

Packet Storm News
Packet Storm News
added 2026/04/08 12:0 a.m.3 views

Hiding in the Tunnels: Unmasking the New Stealthy BPFDoor Variants

This is Rapid7's whitepaper discussing BPFDoor variants. Advanced persistent threats APTs are locked in a continuous arms race with network defenders. As static indicators of compromise IoCs for the notorious BPFDoor malware became widely deployed by security vendors, the threat actors went back ...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/04/02 1:0 p.m.8 views

New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay

Executive Overview Advanced persistent threats APTs are constantly and consistently changing tactics as network defenders plug holes in defenses. Static indicators of compromise IoCs for the BPFDoor have been widely deployed, forcing threat actors to get creative in their use of this particular...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/26 5:40 p.m.6 views

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/26 1:0 p.m.19 views

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

Executive overview The strategic positioning of covert access within the world’s telecommunication networks A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor, Red Menshen, placing some of the stealthiest digital sleeper cells the team has ev...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 7:38 a.m.42 views

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. "The threat...

10CVSS8AI score0.99571EPSS
Exploits29
HackRead
HackRead
added 2024/11/14 4:32 p.m.7 views

CISA and FBI: Chinese Hackers Compromised US Telecom Networks

The CISA and FBI have issued an advisory detailing a sophisticated cyberespionage campaign by state-sponsored Chinese hackers that…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/29 11:33 a.m.52 views

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges GRX The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol GTP for command-and-control C2 communications. GPRS...

7.1AI score
Exploits0
HackRead
HackRead
added 2023/06/08 11:49 p.m.19 views

IoT Botnet DDoS Attacks Threaten Global Telecom Networks, Nokia

By Waqas The surge in malicious activity, initially observed during the Russia-Ukraine conflict, has now spread to various regions globally, as revealed in the NOKIA Threat Intelligence Report 2023. This is a post from HackRead.com Read the original post: IoT Botnet DDoS Attacks Threaten Global...

6.9AI score
Exploits0
Rows per page
Query Builder