Hackers Prepping IOTroop Botnet with Exploits

Researchers warn that hackers have weaponized a vulnerability that could be used in an IOTroop (or Reaper) attack, bringing the likelihood of an attack one step closer. Continue reading Hackers Prepping IOTroop Botnet with Exploits

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher

Malware dubbed IOTroop that researchers say is “worse than Mirai” has already infected one million businesses worldwide. Continue reading ‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

Netgear patches over a dozen vulnerabilities impacting its routers, switches and NAS devices. Continue reading Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

Popular D-Link Router Riddled with Vulnerabilities

D-Link router model 850L has 10 vulnerabilities that could allow a hacker to gain remote access and control of device, according to researcher. Continue reading Popular D-Link Router Riddled with Vulnerabilities

Wikileaks Alleges Years of CIA D-Link and Linksys Router Hacking Via ‘Cherry Blossom’ Program

The latest dump from Wikileaks alleges the CIA installed custom router firmware on unsuspecting targets in order to spy on internet activity. Continue reading Wikileaks Alleges Years of CIA D-Link and Linksys Router Hacking Via ‘Cherry Blossom’ Program

VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

D-Link DIR-850L,firmware versions 1.14B07,2.07.B05,and possibly others,contains a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Other models may also be affected. Continue reading VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

D-Link DIR-850L,firmware versions 1.14B07,2.07.B05,and possibly others,contains a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Other models may also be affected. Continue reading VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability