Security News

A new Mirai-based botnet is targeting zero-day vulnerabilities in Tenda routers, according to researchers at 360 Netlab, a unit of Chinese cybersecurity company Qihoo 360. In order to circumvent detection of typical traffic generated by Mirai botnets, Ttint uses the WSS protocol for communication with the command and control server, and also uses encryption.

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. For one, on the RAT front, researchers said that it implements 12 remote access functions, that combine with custom command-and-control server commands to carry out tasks like setting up a Socket5 proxy for router devices, tampering with router DNS, setting iptables and executing custom system commands.

Cisco this week released patches for two high-severity vulnerabilities in IOS XR software that have been actively exploited in attacks for over a month. Tracked as CVE-2020-3566 and CVE-2020-3569 and featuring a CVSS score of 8.6, the two flaws were made public in late August, when Cisco revealed that hackers were already targeting them in attacks.

With the new NETGEAR Insight Managed Business Router, these remote employees will simply need a BR200 in their home or remote office to connect to another BR200 in the main office and be able to access data residing on their office network securely. Designed specifically to enable businesses to instantly protect their networks with a secure site-2-site VPN and firewall rapidly and cost-effectively through the Insight Cloud Portal or mobile app, the Insight Managed Business Router comes with easy setup, firewall, VLAN management, and remote cloud monitoring and management from anywhere.

Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device. Some of the vulnerabilities can allow an unauthenticated, remote attacker who has access to this web interface to take complete control of the targeted router.

Cisco Systems says hackers are actively exploiting previously unpatched vulnerabilities in its carrier-grade routers that could allow adversaries to crash or severely disrupt devices. The vulnerabilities exist in the Distance Vector Multicast Routing Protocol feature of Cisco IOS XR Software and could allow an unauthenticated, remote attacker to immediately crash the Internet Group Management Protocol process, the company warned in an advisory over the weekend.

Cisco has warned that hackers are targeting not one, but two unpatched vulnerabilities in the DVMRP feature of IOS XR software that runs on many carrier-grade routers. Over the weekend, the company published an advisory to warn of active attacks targeting a security flaw in the Distance Vector Multicast Routing Protocol feature of IOS XR to cause memory exhaustion denial of service.

A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Cisco plans to release software updates to plug these security holes, but in the meantime administrators are advised to implement one or all of the provided mitigations.

Zyxel Communications announced the receipt of OnGo certification for its high-power LTE7485-S905 4G LTE-A outdoor router by the CBRS Alliance. For service providers, OnGo certification brings interoperability to multi-vendor, large-scale deployments, thus enabling best-of-breed solutions at competitive costs.

D-Link made available its EXO AX5400 Mesh WiFi 6 Router with ultra-fast speeds and efficient performance benefits of WiFi 6 protocol. The AX5400 Router is the latest model in D-Link's trio of best-in-class WiFi 6 routers developed for superior coverage, increased capacity, reduced network congestion, and improved device battery life in device-dense homes.