router

Update your OpenWrt router! Security issue made supply chain attack possible

Update your OpenWrt router! Security issue made supply chain attack possible 2024-12-09 at 20:51 By Zeljka Zorz A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt […]

React to this headline:

Loading spinner

Update your OpenWrt router! Security issue made supply chain attack possible Read More »

The role of compromised cyber-physical devices in modern cyberattacks

The role of compromised cyber-physical devices in modern cyberattacks 2024-10-17 at 11:46 By Zeljka Zorz Cyber-physical devices are increasingly getting compromised and leveraged by criminal groups and state-sponsored threat actors. Fyodor Yarochkin, Senior Threat Solution Architect with Trend Micro, believes that getting a better understanding of attackers’ infrastructure leads to a better understanding of the

React to this headline:

Loading spinner

The role of compromised cyber-physical devices in modern cyberattacks Read More »

FBI forced Flax Typhoon to abandon its botnet

FBI forced Flax Typhoon to abandon its botnet 2024-09-19 at 14:16 By Zeljka Zorz A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operations to take control of

React to this headline:

Loading spinner

FBI forced Flax Typhoon to abandon its botnet Read More »

D-Link Patches Critical Router Vulnerabilities

D-Link Patches Critical Router Vulnerabilities 2024-09-17 at 17:34 By Ionut Arghire D-Link has released patches for critical vulnerabilities that could allow attackers to execute arbitrary code and commands on routers. The post D-Link Patches Critical Router Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

D-Link Patches Critical Router Vulnerabilities Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

React to this headline:

Loading spinner

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware 2024-08-07 at 09:16 By Help Net Security Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components

React to this headline:

Loading spinner

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware Read More »

Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers

Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers 2024-07-01 at 15:31 By Ionut Arghire GreyNoise observes the first attempts to exploit a path traversal vulnerability in discontinued D-Link DIR-859 WiFi routers. The post Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers Read More »

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers 2024-06-11 at 17:01 By Ionut Arghire Redfox Security warns of multiple vulnerabilities in Netgear WNR614 routers discontinued three years ago. The post Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers Read More »

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers 2024-05-31 at 14:46 By Ionut Arghire Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable. The post Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers Read More »

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products 2024-05-17 at 17:01 By Ionut Arghire CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw. The post CISA Warns of Exploited Vulnerabilities in EOL D-Link Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products Read More »

New SOHO router malware aims for cloud accounts, internal company resources

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

React to this headline:

Loading spinner

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data 

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data  2024-05-01 at 18:33 By Ryan Naraine Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic. The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data  Read More »

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks 12/10/2023 at 14:46 By Eduard Kovacs Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks.  The post Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks Read More »

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router 03/08/2023 at 17:47 By Ionut Arghire Cisco Talos researchers warn of dozens of critical- and high-severity vulnerabilities in the Milesight UR32L industrial router leading to code execution. The post Dozens of RCE Vulnerabilities Impact Milesight Industrial Router appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router Read More »

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) 26/07/2023 at 16:47 By Zeljka Zorz A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the routers is not that difficult. “RouterOS [the underlying

React to this headline:

Loading spinner

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) Read More »

Asus Patches Highly Critical WiFi Router Flaws

Asus Patches Highly Critical WiFi Router Flaws 20/06/2023 at 00:17 By Ryan Naraine Asus patches nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks. The post Asus Patches Highly Critical WiFi Router Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Asus Patches Highly Critical WiFi Router Flaws Read More »

TP-Link routers implanted with malicious firmware in state-sponsored attacks

TP-Link routers implanted with malicious firmware in state-sponsored attacks 17/05/2023 at 16:44 By Helga Labus A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmware was exclusively created for TP-Link

React to this headline:

Loading spinner

TP-Link routers implanted with malicious firmware in state-sponsored attacks Read More »

Scroll to Top