Security News
Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers, which they say could be reliably abused as a jumping-off point to compromise a network's security and gain unfettered access. The three HTTPd authentication security weaknesses impact routers running firmware versions prior to v1.0.0.60, and have since been fixed by the company in December 2020 as part of a coordinated vulnerability disclosure process.
Attackers could use critical firmware vulnerabilities discovered by Microsoft in some NETGEAR router models as a stepping stone to move laterally within enterprise networks. They allow unauthenticated attackers to access unpatched routers' management pages via authentication bypass, gain access to secrets stored on the device, and derive saved router credentials using a cryptographic side-channel attack.
Cisco announced a new portfolio of Catalyst industrial routers to extend the power of the enterprise network to the edge with the flexibility, security and scalability needed for IoT success. Three new Catalyst 5G Industrial Routers to securely connect mobile and fixed assets: These new routers are based on Cisco IOS XE to extend the enterprise network and SD-WAN to the edge.
A variant of the Mirai botnet called Moobot saw a big spike in activity recently, with researchers picking up widespread scanning in their telemetry for a known vulnerability in Tenda routers. According to AT&T Alien Labs, the scanning for vulnerable Tenda routers piqued researcher interest given that such activity is typically rare.
Sierra Wireless launched the next evolution in routers with its new XR Series of multi-network 5G routers. The XR Series delivers the full performance of 5G across any network whether used for mobile applications or primary, temporary, or backup fixed wireless connectivity.
Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices. The bug, tracked as CVE-2021-1459, is rated with a CVSS score of 9.8 out of 10, and affects RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers, allowing an unauthenticated, remote attacker to execute arbitrary code on an affected appliance.
Cisco Systems said it will not fix a critical vulnerability found in three of its SOHO router models. The three Cisco router models and one VPN firewall device are of varying age and have reached "End of life" and will not be patched, according to Cisco.
The Archer AX5400 features the latest-generation in Wi-Fi 6 technology, equipped with HE160 and 1024-QAM, offering 25 percent faster data speeds and six streams of simultaneous transmissions for improved network efficiency and bandwidth to enjoy the benefits of a buffer-free experience while streaming, downloading, gaming and more, all at the same time. "We are thrilled to be releasing the Archer AX5400, featuring the latest in Wi-Fi 6 and wireless networking advancements," said Jeff Barney, COO at TP-Link USA. "Users will enjoy blazing fast wireless speeds over six simultaneous streams, with 4x more capacity for today's smart homes. Not only future-proofing their home network but enjoying the latest security features such as enhanced IoT protection."
After taking over the domains for the notorious Coinhive in-browsing Monero mining service, a researcher is now displaying alerts on hacked websites that are still injecting the mining service's JavaScript. Two years later, CoinHive is still injected on sites.
A popular line of small business routers made by Cisco Systems are vulnerable to a high-severity vulnerability. Cisco issued fixes on Wednesday for the flaw in its RV132W ADSL2+ Wireless-N VPN routers and RV134W VDSL2 Wireless-AC VPN routers.