• Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Login
Join Free
Home
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Coming Soon
Job Board
Events
Contact Awards
USMC Deception Manual
Login
Join Free
Home Global Operations

US & Partner Intelligence Agencies Warn of Russian Cyber Exploits Through Faulty Routers

  • SOFX Staff Writer
  • February 28, 2024
(Shutterstock / Photo Contributor Dmytro Tyshchenko)
Share on FacebookShare on TwitterLinkedIn

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners have issued a critical cybersecurity advisory. This alert brings to light the sophisticated cyber operations conducted by Russian state-sponsored actors, notably APT28, also known as Fancy Bear and Forest Blizzard, through compromised Ubiquiti EdgeRouters. The advisory aims to provide a comprehensive understanding of the tactics, techniques, and procedures (TTPs) employed, along with mitigation strategies to counter these threats effectively.

The Threat Landscape

APT28, identified with the Russian General Staff Main Intelligence Directorate (GRU), has exploited vulnerabilities in Ubiquiti EdgeRouters to facilitate a range of malicious activities. These activities include credential harvesting, network traffic proxying, and hosting spear-phishing campaigns. Targets span across various sectors, including academic and research institutions, embassies, defense contractors, and political organizations globally.

Ubiquiti EdgeRouters, favored for their user-friendly Linux-based operating system, have become a prime target due to inherent security weaknesses. Many devices are shipped with default credentials and lack adequate firewall protections, making them susceptible to exploitation. Furthermore, these routers do not automatically update their firmware, posing a significant security risk if not manually updated by the user.

Mitigation Recommendations

The advisory outlines several critical steps for mitigating the threat posed by compromised routers:

  • Hardware Factory Reset: This action is recommended to eliminate any malicious configurations and files that may be present on the device.
  • Firmware Update: Upgrading to the latest firmware version is crucial for fixing vulnerabilities that could be exploited by cyber actors.
  • Changing Default Credentials: Users are advised to change any default usernames and passwords to prevent unauthorized access.
  • Implementing Firewall Rules: Strategic firewall rules should be applied on WAN-side interfaces to block unsolicited inbound traffic and mitigate the risk of external attacks.

International Response and Collaboration

The joint advisory is a result of collaboration between US intelligence agencies and international partners from Belgium, Brazil, France, Germany, Latvia, Lithuania, Norway, Poland, South Korea, and the United Kingdom. This collective effort underscores the global nature of cyber threats and the importance of international cooperation in addressing these challenges.

Read The Full Report

SOFX Staff Writer

SOFX Staff Writer

The Editor Staff at SOFX comprises a diverse, global team of dedicated staff writers and skilled freelancers. Together, they form the backbone of our reporting and content creation.

Subscribe
Login
Notify of
guest
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
ADVERTISEMENT

Trending News

Russian Recruits Last 20 to 30 Minutes at the Front, the CIA Director Says, Crediting Ukraine’s Drones

Russian Recruits Last 20 to 30 Minutes at the Front, the CIA Director Says, Crediting Ukraine’s Drones

by SOFX Staff Writer
July 18, 2026
1

The average Russian recruit survives just 20 to 30 minutes at the front in Ukraine before being killed or wounded,...

Army’s $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

Army’s $469M Texas Munitions Plant Fails to Deliver a Single Shell Component

by SOFX Staff Writer
July 15, 2026
1

A contractor-operated plant in Mesquite, Texas, built to produce 30,000 155mm projectile components per month, has not delivered a single...

Viral Video Shows a Russian Gunner Flung From a Runaway Machine Gun

Viral Video Shows a Russian Gunner Flung From a Runaway Machine Gun

by SOFX Staff Writer
July 15, 2026
1

A viral video shows a Russian soldier thrown from a YakB-12.7 rotary machine gun during a training exercise after the...

Hegseth Orders Testosterone Screening for U.S. Troops

Hegseth Orders Testosterone Screening for U.S. Troops

by SOFX Staff Writer
July 16, 2026
6

War Secretary Pete Hegseth announced Wednesday that the U.S. military will begin annually screening service members aged 30 and older...

ADVERTISEMENT
ADVERTISEMENT
Next Post
Subsea Sabotage? Underwater Cables Damaged in Red Sea Amid Houthi Threats

Subsea Sabotage? Underwater Cables Damaged in Red Sea Amid Houthi Threats

Navalny’s Foundation Head Claims Jailed Opposition Leader Was Nearing Prisoner Swap Release

Navalny's Foundation Head Claims Jailed Opposition Leader Was Nearing Prisoner Swap Release

997 Morrison Dr. Suite 200, Charleston, SC 29403

News

  • Global Operations
  • Special Interest
  • Industry
  • Global Operations
  • Special Interest
  • Industry

Resources

  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
No Result
View All Result
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Subscribe
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.

Log in to your account

Lost your password?
wpDiscuz