Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices

A surge in internet probes targeting devices from Juniper Networks, Cisco Systems, and Palo Alto Networks should put their admins on alert, say security experts.

A threat actor is probing the internet using default credentials for a Juniper Networks router, prompting a cybersecurity expert to warn network admins to change the login combo from the factory setting if they haven’t already done so.

“It’s sad [that a major networking company is still using a default username and password in 2025] for big, expensive products like this,” Johannes Ullrich, dean of research at the SANS Institute, who noticed the surge in scans for the username “t128” and password “128tRoutes,” said in an interview.



Source link

Leave a Comment