Swap EOL Zyxel routers, upgrade Netgear ones!

There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no pat… Continue reading Swap EOL Zyxel routers, upgrade Netgear ones!

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would all… Continue reading Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure

VulnCheck launched IP Intelligence, a new feature set designed to provide real-time tracking of attacker infrastructure and vulnerable IP’s on the internet. VulnCheck IP Intelligence compiles data from popular Internet-Connected Device (ICD) datasets a… Continue reading VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the router… Continue reading MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)