Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices
The threat at a glance Darktrace researchers have identified PumaBot, a Go-based Linux botnet that focuses on embedded surveillance cameras and other IoT devices.Unlike spray-and-pray botnets that scan the whole internet, PumaBot pulls a curated IP list from its C2 and then brute-forces SSH logins on port 22 until it gets a shell. Once in, it drops its payload under /lib, registers a rogue systemd service, injects a back-door key into ~/.ssh/authorized_keys, and can fetch further modules via the same C2 channel. Why device-level controls matter Because PumaBot’s entire kill-chain exploited vulnerabilities and misconfiguration on the device itself, network-edge firewalls […]
The post Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices appeared first on Check Point Blog.
目录
最新
- Two Types of Threat Intelligence That Make Security Work
- Check Point Named Leader in GigaOm Radar for Cloud Network Security For 3 Years in a Row – Protects 22 Cloud Vendors
- Using AI for Covert Command-and-Control Channels
- The UK’s Cyber Threat Has Changed. Most Organizations Haven’t.
- Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files
- Securing Your AI Transformation: How Check Point Is Helping Security Teams Keep Control in an AI-First World
- Love Is in the Air — and So Are Scammers: Valentine’s Day 2026 Threats to Watch For
- WAF Security Test Results 2026: Why Prevention-First Matters More Than Ever