Find notable cyber news and cases, enriched with sources, timelines, and signals.

NSA/FBI/CISA router hardening advisory

Advisory/Mitigation
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

NSA, FBI, CISA and 15 allied agencies issued a joint router hardening advisory after hackers targeted vulnerable and poorly configured routers in critical infrastructure networks. The guidance tells defenders to upgrade to SNMPv3, disable Cisco Smart Install, enforce strong unique passwords, and block TFTP and SNMP at edge firewalls. It also calls for software and firmware updates and replacing end-of-life devices.

Related Happenings

Russian FSB Center 16 router intrusion campaign

Campaign
H score40 First: 13.07.2026 12:32 Last: 13.07.2026 12:32 Sources 1

How related: Cybersecurity agencies from the United States and eight other countries have issued a joint warning that Russian state hackers are targeting vulnerable and poorly configured routers to infiltrate critical infrastructure networks.

About this happening: A **Russian FSB Center 16** campaign is targeting **vulnerable and poorly configured routers** to infiltrate **critical infrastructure networks**, raising the risk of device takeo...

CISA-led joint advisory to secure internet-exposed ATG systems

Public Sector Action
H score43 First: 05.06.2026 17:50 Last: 05.06.2026 17:50 Sources 1

About this happening: On **2026-06-05**, **CISA**, the **FBI**, the **NSA**, the **Department of Energy**, and other U.S. partners issued a **joint advisory** telling **critical infrastructure organiza...

NCSC-UK joint advisory on covert botnets and proxy networks

Public Sector Action
H score66 First: 23.04.2026 15:28 Last: 23.04.2026 15:28 Sources 1

About this happening: **NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...

CISA and NCSC-UK China-nexus covert device networks advisory

Advisory/Mitigation
H score25 First: 23.04.2026 15:00 Last: 23.04.2026 15:00 Sources 1

About this happening: **CISA** and **NCSC-UK** released a new advisory warning organizations about **Chinese government-linked** covert networks built from **compromised devices**. The guidance says we...

CISA KEV directive for CVE-2026-20133

Public Sector Action
H score36 First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Timeline

  1. 13.07.2026 12:32 2 articles · 2h ago

    NSA, FBI, and CISA warn about Russian router intrusions

    Initial Disclosure

    NSA, FBI, CISA and 15 other agencies from Australia, the United Kingdom, Canada, New Zealand, Estonia, Finland, France, and Italy issued a joint warning that Russian Federal Security Service (FSB) Center 16, also tracked as Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra, is scanning internet-connected routers for default or common SNMP authentication strings, using spoofed IP addresses to copy device configuration files, and exfiltrating them via TFTP to actor-controlled servers. The agencies urged defenders to upgrade to SNMPv3, disable Cisco Smart Install, enforce strong unique passwords, block TFTP and SNMP traffic at edge firewalls, update software and firmware, and replace end-of-life devices.

    Show sources