Surge in Internet Probes Targets Devices from Major Network Vendors

Warning Issued for Network Admins

A surge in internet probes targeting devices from Juniper Networks, Cisco Systems, and Palo Alto Networks has prompted cybersecurity experts to issue a warning to network admins.

Threat Actor Exploiting Default Credentials

A threat actor is probing the internet using default credentials for a Juniper Networks router, prompting a cybersecurity expert to warn network admins to change the login combination from the factory setting if they haven’t already done so.

Security Expert’s Concerns

“It’s sad that a major networking company is still using a default username and password in 2025 for big, expensive products like this,” Johannes Ullrich, dean of research at the SANS Institute, said in an interview.

Ullrich noticed the surge in scans for the username “t128” and password “128tRoutes,” which he said is a common tactic used by threat actors to gain unauthorized access to devices.

What You Need to Know

• Juniper Networks, Cisco Systems, and Palo Alto Networks devices are being targeted by internet probes.
• The threat actor is using default credentials for a Juniper Networks router.
• Network admins are advised to change the login combination from the factory setting if they haven’t already done so.

Conclusion

The surge in internet probes targeting devices from major network vendors is a stark reminder of the importance of securing devices with strong, unique passwords and updating them regularly. Network admins must take immediate action to change the default login combination and ensure the security of their devices.

FAQs

Q: What devices are being targeted by the threat actor?

A: Devices from Juniper Networks, Cisco Systems, and Palo Alto Networks are being targeted.

Q: What is the default username and password being used by the threat actor?

A: The default username is “t128” and the default password is “128tRoutes.”

Q: What should network admins do to protect their devices?

A: Network admins should change the login combination from the factory setting if they haven’t already done so and ensure the security of their devices by using strong, unique passwords and updating them regularly.