Canadian telecom hacked by suspected China state group

Canadian telecom hacked by suspected China state group (arstechnica.com)
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 23 Jun 23:11
https://lemmy.zip/post/42179887

Maximum-security Cisco vulnerability was patched Oct. 2023 and exploited Feb. 2025.

#cybersecurity

threaded - newest

Archangel1313@lemmy.ca on 23 Jun 23:29 next collapse

And China wants to expand economic ties with Canada? Why would they, at this point?

[deleted] on 24 Jun 01:00 next collapse

lnxtx@feddit.nl on 24 Jun 01:42 collapse

See, no backdoors in Huawei equipment.

BrikoX@lemmy.zip on 24 Jun 02:08 collapse

Full of them in US equipment though.

Eyekaytee@aussie.zone on 24 Jun 03:57 collapse

The hackers exploited CVE-2023-20198 to retrieve running configuration files from the devices and modified at least one of the files to create a GRE tunnel allowing traffic collection from the network the devices were connected to.

tbf they’ve been patched for ages and/or you can just turn the http web interface off, it’s 2 lines of config that takes 30 seconds to apply

We were alerted on the day and had a fix rolled out by end of day on hundreds of routers, this is a bit embarrassing for the canadian telcom tbh