Juniper Networks

Juniper Networks issued an alert regarding a Mirai botnet attack on Session Smart Router (SSR) devices with default credentials. The attack, detected on December 11, 2024, compromised SSR products and facilitated DDoS attacks using the infected devices. The Mirai botnet exploited default passwords to enable remote command execution and initiate various forms of malicious activity, particularly DDoS attacks. Unusual port scans, frequent SSH login failures, traffic spikes, and erratic device behaviors were indicators of the infection. The incident necessitated a reinforcement of security measures, such as updating default credentials, strengthening passwords, regular monitoring of access logs, deployment of firewalls, and up-to-date firmware to mitigate further risks.

Source: https://securityaffairs.com/172157/malware/juniper-networks-mirai-botnet.html

"id": "jun000122424",
"linkid": "juniper-networks",
"type": "Vulnerability",
"date": "12/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"