Security News

A pair of flaws in ASUS routers for the home could allow an attacker to compromise the devices - and eavesdrop on all of the traffic and data that flows through them. The bugs are specifically found in the RT-AC1900P whole-home Wi-Fi model, within the router's firmware update functionality.

A threat actor believed to be working for the Iranian government recently launched another round of attacks on Israel's water sector, and a source tells SecurityWeek that the attackers used vulnerable cellular equipment as a point of entry. A new round of attacks on Israel's water sector was reported last week and, similar to the first attacks, they targeted smaller, local facilities.

Cisco has fixed 33 CVE-numbered flaws in a variety of its devices, including five critical ones affecting RV-series VPN routers and firewalls and Cisco Prime License Manager, which is used by enterprises to manage user-based licensing. Cisco Small Business RV110W Wireless-N VPN Firewalls with firmware releases prior to v1.2.2.8 can be taken over by attackers via a system account has a default and static password.

A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. "Cybercriminals know that a vast majority of home routers are insecure with default credentials and have ramped up attacks on a massive scale. For the home user, that's hijacking their bandwidth and slowing down their network. For the businesses being targeted by secondary attacks, these botnets can totally take down a website, as we've seen in past high-profile attacks."

Cisco on Wednesday released security advisories to inform customers of several critical vulnerabilities that can be exploited remotely to hack small business routers and firewalls that are no longer being sold. One of the critical flaws, which is tracked as CVE-2020-3330 and has a CVSS score of 9.8, affects Cisco Small Business RV110W Wireless-N VPN firewalls and it allows a remote and unauthenticated attacker to take full control of a device by connecting to it using a default and static password.

A newly identified version of the Mirai Internet of Things botnet includes an exploit for a vulnerability impacting Comtrend routers. According to Trend Micro's security researchers, this is the first botnet version to target CVE-2020-10173, a vulnerability in the Comtrend VR-3033 routers.

A security review of 127 popular home routers found most contained at least one critical security flaw, according to researchers. On average, the routers analyzed-by vendors such as D-Link, Netgear, ASUS, Linksys, TP-Link and Zyxel-were affected by 53 critical-rated vulnerabilities, with even the most "Secure" device of the bunch having 21 CVEs, according to the report.

Cisco on Wednesday announced that it has patched several vulnerabilities affecting its products, including flaws in Small Business routers and switches. Of the eight vulnerabilities for which Cisco published an advisory this week, only CVE-2020-3297 has been rated high severity.

Cisco has patched a cross-site scripting vulnerability in two VPN routers it sells to small businesses and branch offices. By default, the management feature is disabled for remote users, though it is enabled for people on the same LAN. "A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information," Cisco explained in its advisory yesterday.

Netgear has now patched 28 out of 79 vulnerable router models, six months after infosec researchers first noticed security problems potentially allowing an attacker to remotely execute code as root. Over the past few weeks Netgear has been pushing out fixes, having so far plugged problems with 28 of the 79 models it says are affected by the unwanted remote-superuser flaw.