Security News

New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors
2022-01-11 04:15

Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital, among others. KCodes NetUSB is a Linux kernel module that enables devices on a local network to provide USB-based services over IP. Printers, external hard drives, and flash drives plugged into a Linux-based embedded system are made available via the network using the driver.

Netgear leaves vulnerabilities unpatched in Nighthawk router
2021-12-31 12:15

Researchers have found half a dozen high-risk vulnerabilities in the latest firmware version for the Netgear Nighthawk R6700v3 router. Nighthawk R6700 is a popular dual-bank WiFi router advertised with gaming-focused features, smart parental controls, and internal hardware that is sufficiently powerful to accommodate the needs of home power users.

Dark Mirai botnet targeting RCE on popular TP-Link router
2021-12-09 17:14

The botnet known as Dark Mirai has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. According to a report by researchers at Fortinet, who have been following Dark Mirai activity, the botnet added the particular RCE in its arsenal only two weeks after TP-Link released the firmware update.

How MikroTik Routers Became a Cybercriminal Target
2021-12-09 15:56

Due to the sheer number of devices in use, their high power and numerous known vulnerabilities within them, threat actors have been using MikroTik devices for years as the command center from which to launch numerous attacks, researchers said. Eclypsium researchers began exploring the how and why of the weaponization of MikroTik devices in September, based on previous research into how TrickBot threat actors used compromised routers as command-and-control infrastructure.

Netgear router flaws exploitable with authentication ... like the default creds on Netgear's website
2021-12-03 17:30

AWS previewed new developer resources at its Re:invent conference, including new SDKs for Rust, Swift, and Kotlin, as well as Amplify Studio for rapid web applications, integrated with the Figma design tool. The SDKs provide a language wrapper for APIs to AWS services.

Nine WiFi routers used by millions were vulnerable to 226 flaws
2021-12-02 14:30

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. The tested routers are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys, and are used by millions of people.

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers
2021-11-23 07:31

Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said. If an attack was successful, their router would fall under the attacker's control, allowing the crook to open up ports to access other devices on the local network, change the LAN's default DNS settings to redirect browsers to malicious sites, reconfigure the gateway, and cause other general mischief and irritation.

6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years
2021-11-19 17:39

Sky, a U.K. broadband provider, left about 6 million customers' underbellies exposed to attackers who could remotely sink their fangs into their home networks: a nice, soft attack surface left that way for nearly 18 months as the company tried to fix a DNS rebinding vulnerability in customers' routers. Pen Test Partners reported the problem to Sky Broadband - a broadband service offered by Sky UK in the United Kingdom - on May 11, 2020 and then chased Sky for a repeatedly postponed update, the security firm said in a post.

Six million Sky routers exposed to takeover attacks for 17 months
2021-11-19 14:57

Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. DNS rebinding attacks are used to bypass a browser security measure called Same Origin Policy, which blocks a site from sending requests to websites other than its own origin.

Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models
2021-11-18 04:59

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.