SYNful Knock Scanner

By Talos Group This post was authored by William McVey . Talos is constantly researching the ways in which threat actors are evolving to exploit systems. Recently, a piece of persistent malware coined as “ SYNful Knock” was discovered on Cisco routers . While this malware attack is not a vulnerability, as it had to be installed by someone using valid credentials or who had physical access to the device, Cisco has published an Event Response Page for customers to provide the information needed to detect and remediate these types of attacks. We are also working with partners []

Source:: Cisco Security Notice