{"id":213789,"date":"2026-02-11T10:41:00","date_gmt":"2026-02-11T15:41:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/11\/infosec-researchers-mull-curious-case-of-telnet-ancient-flaw-the-register\/"},"modified":"2026-02-15T11:00:13","modified_gmt":"2026-02-15T16:00:13","slug":"infosec-researchers-mull-curious-case-of-telnet-ancient-flaw-the-register","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/11\/infosec-researchers-mull-curious-case-of-telnet-ancient-flaw-the-register\/","title":{"rendered":"Infosec researchers mull curious case of Telnet ancient flaw \u2022 The Register"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/11\/were_telcos_tipped_off_to\/\">Infosec researchers mull curious case of Telnet ancient flaw \u2022 The Register<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/11\/were_telcos_tipped_off_to\/\">https:\/\/www.theregister.com\/2026\/02\/11\/were_telcos_tipped_off_to\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-11 10:41:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p>Telcos likely received advance warning about January&#8217;s critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.<\/p>\n<p>Global Telnet traffic &#8220;fell off a cliff&#8221; on January 14, six days before security advisories for CVE-2026-24061 went public on January 20. The flaw, a decade-old bug in GNU InetUtils telnetd with a 9.8 CVSS score, allows trivial root access exploitation.<\/p>\n<p>GreyNoise data shows Telnet sessions dropped 65 percent within one hour on January 14, then 83 percent within two hours. Daily sessions fell from an average 914,000 (December 1 to January 14) to around 373,000, equating to a 59 percent decrease that persists today.<\/p>\n<p>&#8220;That kind of step function \u2013 propagating within a single hour window \u2013 reads as a configuration change on routing infrastructure, not behavioral drift in scanning populations,&#8221; said GreyNoise&#8217;s Bob Rudis and &#8220;Orbie,&#8221; in a recent blog.<\/p>\n<p>The researchers unverified theory is that infrastructure operators may have received information about the make-me-root flaw before advisories went to the masses.<\/p>\n<p>&#8220;A backbone or transit provider \u2013 possibly responding to a coordinated request, possibly acting on their own assessment\u2013 implemented port 23 filtering on transit links. The filtering went live on January 14. The public disclosure followed on January 20.&#8221;<\/p>\n<p>As for supporting evidence? 18 operators, including BT, Cox Communications, and Vultr went from hundreds of thousands of Telnet sessions to zero by January 15.<\/p>\n<p>Major cloud providers were mostly unaffected by this drop off, and in some cases like AWS, increased by 78 percent.<\/p>\n<p>&#8220;Cloud providers have extensive private peering at major IXPs that bypass traditional transit backbone paths. Residential and enterprise ISPs typically don&#8217;t,&#8221; the researchers said.<\/p>\n<p>All of&#8230;<\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/11\/were_telcos_tipped_off_to\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Infosec researchers mull curious case of Telnet ancient flaw \u2022 The Register https:\/\/www.theregister.com\/2026\/02\/11\/were_telcos_tipped_off_to\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":213790,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/regmedia.co.uk\/2022\/08\/03\/decline.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[27],"class_list":["post-213789","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213789"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=213789"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213789\/revisions"}],"predecessor-version":[{"id":213791,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/213789\/revisions\/213791"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/213790"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=213789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=213789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=213789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}