Juniper Networks reported an incident on December 11, 2024, where multiple customers experienced suspicious behavior on their Session Smart Network (SSN) platforms. These systems were infected with Mirai malware, which employed the devices in DDoS attacks, causing network disruptions. The malware exploited devices still using default passwords, facilitating unauthorized access and remote command execution. Juniper Networks outlined that signs of Mirai's presence included port scanning, failed SSH logins, spikes in outbound traffic, and erratic behavior. The company recommended enhancing security by changing default credentials, monitoring logs, using firewalls and IDS/IPS, and keeping firmware updated to mitigate the risk of future attacks.
Source: https://securityaffairs.com/172157/malware/juniper-networks-mirai-botnet.html
"id": "jun000122024",
"linkid": "juniper-networks",
"type": "Breach",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"