Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet
Someone has been quietly backdooring selected Juniper routers around the world in key sectors including semiconductor, energy, and manufacturing, since at least mid-2023. The devices were infected with what appears to be a variant of cd00r, a publicly available “invisible backdoor” designed to operate stealthily on a victim’s machine by monitoring network traffic for specific conditions before activating. It’s not yet publicly known how the snoops gained sufficient access to certain organizations’ Junos OS equipment to plant the backdoor, which gives them remote control over the networking gear. What we do know is that about half of the devices have been configured as VPN gateways.
UnitedHealth now says 190 million impacted by 2024 data breach
UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. In October, UnitedHealth reported to the US Department of Health and Human Services Office for Civil Rights that the attack affected 100 million people. However, as first reported by TechCrunch, UnitedHealth confirmed on Friday that the figure has nearly doubled to 190 million. “Change Healthcare has determined the estimated total number of individuals impacted by the Change Healthcare cyberattack is approximately 190 million,” UnitedHealth Group told TechCrunch.
New Law Could Mean Prison for Reporting Data Leaks
The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: “Those who carry out activities aimed at targeting institutions or individuals by creating the perception that there has been a data breach in cyberspace, even though there has been no data breach, shall be sentenced to imprisonment for a term of two to five years.”
The problem is, of course, that such a law may discourage the reporting of any potential data leaks.
CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks
Most CISOs plan to enhance their crisis simulation capabilities in 2025 to better prepare for potential full-scale cyber crises, according to a new study by Hack The Box. Of the 200 UK and US-based CISOs surveyed, 74% said they plan to increase their crisis simulation budgets in 2025. According to Hack The Box, this decision reflects growing concerns around rising attack volumes, lack of incident response planning and inadequate stress-testing of crisis scenarios. These concerns are heavily influenced by the wave of high-profile cyber-attacks that occurred in 2024, including national and global organizations like 23andMe, Cencora, the UK’s National Health Service (NHS) and Transport for London (TfL).
TalkTalk investigating data breach after hacker claims theft of customer data
U.K. telecoms giant TalkTalk has confirmed that it is investigating a data breach after a hacker claimed to have stolen the personal information of millions of customers. In a post on a popular cybercrime forum seen by TechCrunch, an individual using the alias “b0nd” claimed to have stolen the personal data of more than 18.8 million current and former TalkTalk subscribers. This data, which the threat actor is offering for sale, supposedly includes customer names, email addresses, IP addresses, phone numbers and subscriber PINs.
Industry leaders explain how AI will change cybersecurity
Over the past year, the security industry has grappled with the widespread adoption of AI as an essential technology for protecting against cyberattacks and, in the hands of criminals, a formidable weapon disrupting traditional approaches to security. At our recent Innovate 2025 conference, we brought together several renowned security and AI leaders to explain how AI will transform our industry and what we can expect in the months ahead. Knowledge sharing is one of the best exercises we can engage in as a cyber community to collectively fight against the evolving AI threat, and Innovate 2025 had no shortage of valuable and actionable perspectives.