Security News

Zyxel Networks announced the expansion of their growing portfolio of business-class WiFi 6 access points. The addition of the new WAX610D 802.11ax Dual-Radio Unified Access Point and NWA210AX 802.11ax Dual-Radio Access Point offers users the most complete and comprehensive portfolio of WiFi 6 access points for the small and medium business market.

Zyxel Communications announced the receipt of OnGo certification for its high-power LTE7485-S905 4G LTE-A outdoor router by the CBRS Alliance. For service providers, OnGo certification brings interoperability to multi-vendor, large-scale deployments, thus enabling best-of-breed solutions at competitive costs.

Zyxel Communications launched the MPro Mesh system for whole-home WiFi and the addition of two new WiFi 6 products for service providers: EX3510 AX5700 WiFi 6 Gigabit Ethernet Gateway and WX3310 Dual-Band Wireless AX Gigabit Access Point/Extender. All Zyxel WiFi 6 products are part of the MPro Mesh Managed WiFi Solution and are fully-compliant with the EasyMesh™ standard to provide fast, reliable whole-home coverage.

Zyxel Networks announced the release of the latest update to its Nebula Cloud Networking Solution. The upgrade, which is available now as a free firmware release for Zyxel Nebula managed access points, switches and security gateways, incorporates key features that enhance WiFi security and enable vertical partners to incorporate the delivery of new value-add services.

Zyxel Networks announced USG FLEX, a new series of mid-range firewalls designed for SMBs to keep up with the workplace mobility, connectivity and security requirements post-pandemic. Zyxel's new USG FLEX 100, USG FLEX 200 and USG FLEX 500 firewalls feature upgraded hardware and software power that level up SMB security with up to 125 percent of firewall performance and up to an additional 500 percent Unified Threat Management performance.

Zyxel Communications announced its 5G Fixed Wireless Access product portfolio is available for service providers and mass production will begin as soon as Q2 2020. The Zyxel FWA portfolio helps service providers leverage 5G NR technology to deliver high-capacity, premium broadband services, high-speed connectivity, enhanced network security, and deployment flexibility.

Zyxel Networks, a leader in delivering secure, AI- and cloud-powered home and business solutions, announced it has partnered with McAfee, the device-to-cloud cybersecurity company, to offer customers an integrated, one-box security solution designed specifically for small- to medium-sized businesses. The integration of McAfee's anti-malware solution into Zyxel's high-end ATP firewall family will provide SMBs with best-of-breed malware detection, security performance, and advanced web filtering within a single firewall device.

That's according to researchers at Radware, who also said that it's notable how quickly Hoaxcalls operators have moved to weaponize the ZyXel bug, which as of this time of writing, has still not been addressed in a ZyXel advisory. According to the Palo Alto Unit 42 researchers who found it, the original sample featured three DDoS attack vectors: UDP, DNS and HEX floods; and, it was seen infecting devices through two vulnerabilities: A DrayTek Vigor2960 remote code-execution vulnerability and a GrandStream Unified Communications remote SQL injection bug.

A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates to plug the security holes exploited by the botmasters or, if they can't, to stop using the devices altogether or to put them behind network firewalls.

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.