Cyber agencies share security guidance for network edge devices www.bleepingcomputer.com/news/secu…

Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. Such devices, including firewalls, routers, virtual private networks (VPN) gateways, internet-facing servers and operational technology (OT) systems, and Internet of Things (IoT) devices, have been heavily targeted by both state-sponsored and financially motivated attackers.

Edge devices are often targeted and compromised because they don’t support Endpoint Detection and Response (EDR) solutions, allowing threat actors to gain initial access to the targets' internal enterprise networks. In many cases, such devices also lack regular firmware upgrades and strong authentication, come with security vulnerabilities and insecure configurations by default, and provide limited logging, severely reducing security teams' ability to detect breaches.

Moreover, being positioned at the network’s edge and handling almost all corporate traffic, they attract attention as targets that make it easy to monitor traffic and gather credentials for further access to the network if left unsecured.