Category Archives: Routers

Chinese spies are exploiting routers to try hacking French targets, cyber agency says

Posted on by

France’s national cybersecurity agency said on Wednesday that it is contending with a massive campaign by Chinese state-backed hackers targeting French organizations through compromised routers. The Agence nationale de la sécurité des systèmes d’information (French National Agency for the Security of Information Systems), or ANSSI, released forensic information to help French entities to recognize if they had been compromised. The alert did not specify which industries or specific organizations were targets. ANSSI said the APT31 group, sometimes known as Zirconium or Judgment Panda, carried out the reconnaissance. The group’s prior targets include Finland’s parliament, according to a June allegation from the Finnish Security and Intelligence Service, and the presidential campaign of then-contender Joe Biden in 2020, according to Google’s Threat Analysis Group. APT31’s effort in France is “a large intrusion campaign of compromise” that is “still in progress and still ongoing,” according to an English version of the ANSSI alert. France’s […]

The post Chinese spies are exploiting routers to try hacking French targets, cyber agency says appeared first on CyberScoop.

Continue reading Chinese spies are exploiting routers to try hacking French targets, cyber agency says

Digital Ocean Minds its MANRS Alongside Other Service Providers

Posted on by

Digital Ocean has become the latest service provider to join a Mutually Agreed Norms for Routing Security (MANRS) initiative, led by content delivery networks (CDNs) and cloud service providers, to reduce common routing security threats. Barry Cooks, … Continue reading Digital Ocean Minds its MANRS Alongside Other Service Providers

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

Posted on by

The worm returned in recent attacks against web applications, IP cameras and routers. Continue reading Gitpaste-12 Worm Widens Set of Exploits in New Attacks

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

Posted on by

Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. Continue reading D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Posted on by

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. Continue reading ‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Router vendor has patched some zero-days, but leaves others wide open

Posted on by

In April, security researcher Rich Mirch got a text from a friend who had just switched to a new wireless router and was raving about its high-speed internet. You have to try it, the friend told Mirch. Curious, Mirch downloaded the router’s firmware and started picking it apart. He found that the device, made by an obscure Canada-based company called MoFi Network, had multiple password-related vulnerabilities packed into its code. But Mirch wanted to delve deeper. So the senior adversarial engineer at Texas-based security firm CriticalStart ordered the router online and rolled up his sleeves. He ended up finding 10 previously undisclosed vulnerabilities in the device that, if exploited, could allow attackers to steal passwords and data from networks running the vulnerable routers, including VPN credentials and API keys. “Some of these vulnerabilities have probably existed since 2015,” said Mirch, who published his findings on Wednesday. The research points to a longstanding […]

The post Router vendor has patched some zero-days, but leaves others wide open appeared first on CyberScoop.

Continue reading Router vendor has patched some zero-days, but leaves others wide open

Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit

Posted on by

Unidentified hackers are trying to exploit critical vulnerabilities in router software made by Cisco while the networking giant scrambles to address the issues. The bugs, which Cisco revealed Saturday, could allow an attacker to remotely break into a device running the software and exhaust the memory on the device. That, in turn, could destabilize “interior and exterior routing protocols” on an affected network, Cisco said in an advisory. It’s unclear when a patch will be ready; “as soon as possible” is all a Cisco spokesperson would say. The company made recommendations for mitigating the vulnerability until a patch is available. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency encouraged users to check for “indicators of compromise’ or signs of malicious cyber activity. It’s unclear who is attempting to exploit the vulnerability. With the advisory out, cybersecurity incident responders will be watching for any additional hacking. Justin Elze, a […]

The post Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit appeared first on CyberScoop.

Continue reading Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit

Report: Most Popular Home Routers Have ‘Critical’ Flaws

Posted on by

Common devices from Netgear, Linksys, D-Link and others contain serious security vulnerabilities that even updates don’t fix. Continue reading Report: Most Popular Home Routers Have ‘Critical’ Flaws

Report: Most Popular Home Routers Have ‘Critical’ Flaws

Posted on by

Common devices from Netgear, Linksys, D-Link and others contain serious security vulnerabilities that even updates don’t fix. Continue reading Report: Most Popular Home Routers Have ‘Critical’ Flaws