Security News

A high-severity flaw in Cisco's IOS XR software could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers. The flaw stems from Cisco IOS XR, a train of Cisco Systems' widely deployed Internetworking Operating System.

Bug bounty hunters have hacked routers, network-attached storage devices and smart TVs at the Zero Day Initiative's Pwn2Own Tokyo 2020 hacking competition. Due to the COVID-19 pandemic, the competition has been turned into a virtual event and Pwn2Own Tokyo is actually coordinated by Trend Micro's ZDI from Toronto, Canada, with participants demonstrating their exploits remotely.

Bug bounty hunters hacked a NETGEAR router and a Western Digital network-attached storage device on the first day of the Zero Day Initiative's Pwn2Own Tokyo 2020 hacking competition. On the first day of the event, the NETGEAR Nighthawk R7800 router was targeted by Team Black Coffee, Team Flashback, and teams from cybersecurity firms Starlabs and Trapa Security.

Cisco today warned of attacks actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company's Cisco IOS XR Software. The IOS XR Network OS is deployed on several Cisco router platforms including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers.

Armor G5 delivers the high efficiency, fast throughput, and excellent wireless range required to support the increased network performance and bandwidth demands of work-from-home and virtual learning environments. Designed to provide the high-performance network infrastructure to support video-intensive and IoT-heavy networks, Armor G5 combines a powerful 64-bit 2.2 GHz quad-core processor with WiFi 6 802.11AX technology to deliver wireless speeds up to 6000Mbps.

A new Mirai-based botnet is targeting zero-day vulnerabilities in Tenda routers, according to researchers at 360 Netlab, a unit of Chinese cybersecurity company Qihoo 360. In order to circumvent detection of typical traffic generated by Mirai botnets, Ttint uses the WSS protocol for communication with the command and control server, and also uses encryption.

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. For one, on the RAT front, researchers said that it implements 12 remote access functions, that combine with custom command-and-control server commands to carry out tasks like setting up a Socket5 proxy for router devices, tampering with router DNS, setting iptables and executing custom system commands.

Cisco this week released patches for two high-severity vulnerabilities in IOS XR software that have been actively exploited in attacks for over a month. Tracked as CVE-2020-3566 and CVE-2020-3569 and featuring a CVSS score of 8.6, the two flaws were made public in late August, when Cisco revealed that hackers were already targeting them in attacks.

With the new NETGEAR Insight Managed Business Router, these remote employees will simply need a BR200 in their home or remote office to connect to another BR200 in the main office and be able to access data residing on their office network securely. Designed specifically to enable businesses to instantly protect their networks with a secure site-2-site VPN and firewall rapidly and cost-effectively through the Insight Cloud Portal or mobile app, the Insight Managed Business Router comes with easy setup, firewall, VLAN management, and remote cloud monitoring and management from anywhere.

Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device. Some of the vulnerabilities can allow an unauthenticated, remote attacker who has access to this web interface to take complete control of the targeted router.