Tag: router
-
Bill mandating router security evaluations receives House OK
by
in SecurityNews
Tags: routerFirst seen on scworld.com Jump to article: www.scworld.com/brief/bill-mandating-router-security-evaluations-receives-house-ok
-
House passes bill to study routers’ national security risks
by
in SecurityNewsLawmakers say the ROUTERS Act is critical to understanding vulnerabilities in devices exploited by Chinese hackers and other adversaries. First seen on cyberscoop.com Jump to article: cyberscoop.com/routers-act-commerce-study-modems-chinese-hackers/
-
Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution
by
in SecurityNewsA severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server communication been disclosed, threatening countless embedded and IoT devices with remote code execution. FastCGI, widely used to connect web servers (like NGINX and lighttpd) to backend applications, is often found in resource-constrained devices such as network cameras, routers, and various smart…
-
React Router Vulnerabilities Allow Attackers to Spoof Content and Alter Values
by
in SecurityNewsThe widely used React Router library, a critical navigation tool for React applications, has resolved two high-severity vulnerabilities (CVE-2025-43864 and CVE-2025-43865) that allowed attackers to spoof content, alter data values, and launch cache-poisoning attacks. Developers must update toreact-router v7.5.2immediately to mitigate risks. Key Vulnerabilities and Impacts 1.CVE-2025-43864: DoS via SPA Mode Cache Poisoning Attackers could…
-
Threat groups exploit resurgent vulnerabilities
by
in SecurityNewsVPNs, routers and firewalls are being targeted via older CVEs, new GreyNoise research shows. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-exploiting-vulnerabilities/746229/
-
Threat groups exploiting resurgent vulnerabilities
by
in SecurityNewsVPNs, routers and firewalls are being targeted via older CVEs, new GreyNoise research shows. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-exploiting-vulnerabilities/746229/
-
Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators
by
in SecurityNews
Tags: access, advisory, ai, attack, breach, china, cisa, cisco, ciso, cloud, computer, control, csf, cve, cyber, cyberattack, cybersecurity, data, defense, encryption, espionage, exploit, firmware, framework, governance, government, group, hacker, hacking, healthcare, identity, infrastructure, Internet, LLM, malicious, mfa, mitigation, mitre, network, nist, open-source, password, phishing, privacy, risk, risk-assessment, router, service, software, strategy, supply-chain, technology, threat, tool, update, vulnerabilityCheck out NIST’s effort to further mesh its privacy and cyber frameworks. Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Also, find out what Tenable webinar attendees said about identity security. And get the latest on the MITRE CVE program and on attacks against edge routers. Dive into five…
-
Is Ivanti the problem or a symptom of a systemic issue with network devices?
by
in SecurityNewsNetwork edge devices, hardware that powers firewalls, VPNs and network routers, have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular, Ivanti, have confronted exploited vulnerabilities in their products more than any […] First seen on…
-
A Seven”‘Year”‘Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
by
in SecurityNews
Tags: cisco, credentials, cyber, data-breach, exploit, firmware, flaw, hacker, infrastructure, network, router, service, theft, threatA Cisco’s Smart Install protocol (CVE-2018-0171), first patched in 2018, remains a pervasive threat to global network infrastructure due to widespread misconfigurations and exploitation by state-sponsored threat actors. The flaw allows unauthenticated attackers to execute arbitrary code on Cisco switches and routers via exposed Smart Install Client services, enabling configuration theft, credential harvesting, and firmware…
-
Über 6.000 Geräte infiziert – Neues Botnetz attackiert TP-Link-Router
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/neues-botnetz-ballista-angriff-auf-tp-link-router-a-fee1ba9560903f4b82cf8e61d5793e5a/
-
Study Identifies 20 Most Vulnerable Connected Devices of 2025
by
in SecurityNewsRouters are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows. The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/study-identifies-20-most-vulnerable-connected-devices-of-2025/
-
Blackhat: Wie realistisch ist der neue Film von Michael Mann?
by
in SecurityNewsDer Hackerfilm Blackhat nutzt definitiv eine Cybersicherheits-Sprache mit echten Begriffen wie: Malware, Proxy, Server, Zero Day, Payload, RAT, Edge Router, IP-Adresse, PLC, Bluetooth, Android, PGP, Bulletproof Host und USB, um nur ein paar zu nennen. Aber wie realistisch ist die Geschichte des Films tatsächlich? First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/01/30/blackhat-wie-realistisch-ist-der-neue-film-von-michael-mann/
-
Bill to study national security risks in routers passes House committee
by
in SecurityNewsThe legislation calls for a Commerce Department examination of routers, modems and other devices controlled by U.S. adversaries. First seen on cyberscoop.com Jump to article: cyberscoop.com/bill-to-study-national-security-risks-in-routers-passes-house-committee/
-
Apollo Router Vulnerability Enables Resource Exhaustion via Optimization Bypass
by
in SecurityNewsA critical vulnerability (CVE-2025-32032) has been identified in Apollo Router, a widely used GraphQL federation tool, allowing attackers to trigger resource exhaustion and denial-of-service (DoS) conditions. Rated7.5 (High)on the CVSS v3.1 scale, the flaw impacts users running unpatched versions of the software. Technical Overview The vulnerability resides in Apollo Router’s query planner, which failed to…
-
Hackers Actively Scanning for Juniper Smart Routers Using Default Passwords
by
in SecurityNewsRecent cybersecurity findings reveal an alarming increase in malicious activity targeting Juniper’s Session Smart Networking Platform (SSR). According to SANS tech reports, Attackers are focusing their efforts on exploiting devices using the default credentials, >>t128>128tRoutes
-
Questions Remain Over Attacks Causing DrayTek Router Reboots
by
in SecurityNewsDrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered. The post Questions Remain Over Attacks Causing DrayTek Router Reboots appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/questions-remain-over-attacks-causing-draytek-router-reboots/
-
Altgeräte bedrohen Sicherheit in Unternehmen
by
in SecurityNews
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Volume of attacks on network devices shows need to replace end of life devices quickly
by
in SecurityNews
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
Privacy Roundup: Week 13 of Year 2025
by
in SecurityNews
Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-dayThis is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Guide to Network Device Configuration Review
by
in SecurityNewsNetwork infrastructure serves as the backbone of every organization’s IT ecosystem. Ensuring the security, efficiency, and reliability of network devices such as routers, switches, and firewalls is essential to maintaining… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/guide-to-network-device-configuration-review/
-
DrayTek routers face active exploitation of older vulnerabilities
by
in SecurityNewsThe company’s devices are also randomly rebooting in connection with additional CVEs disclosed earlier this month. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/draytek-routers-exploitation-vulnerabilities/743587/
-
DrayTek Router Vulnerability Exploited in the Wild Linked to Reboot Loop Issue
by
in SecurityNewsThe cybersecurity world has been abuzz with reports of widespread reboots affecting DrayTek routers across the globe. While the exact cause of these reboots remains largely unconfirmed, GreyNoise has brought to light significant in-the-wild exploitation of several known vulnerabilities in DrayTek devices. Although a direct link between this activity and the reported reboots cannot be…
-
Likely Chinese Hackers Infiltrated Asian Telecom for 4 Years
by
in SecurityNews‘Weaver Ant’ Used Web Shell Tunneling and Hacked Routers to Evade Detection. An apparently Chinese cyber espionage operation lurked inside the network of an Asian telecom for four years, camouflaging its presence through nested encryption and lightweight web shells. Chinese hackers have been uncovered on the inside of telecom networks spanning the globe. First seen…
-
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
by
in SecurityNewsDrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability. The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerability-exploitation-possibly-behind-widespread-draytek-router-reboots/
-
Neues IoT-Botnetz <> greift TP-Link-Router an
Sicherheitsforscher des Threat-Research-Teams von Cato Networks haben eine neue Bedrohung identifiziert: das IoT-Botnetz “Ballista”. Diese Schadsoftware nutzt eine gravierende Sicherheitslücke in TP-Link Archer-Routern aus, um sich ungehindert im Internet zu verbreiten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/iot-botnetz-ballista-tp-link-router
-
Hm, why are so many DrayTek routers stuck in a bootloop?
by
in SecurityNewsTime to update your firmware, if you can, to one with the security fixes, cough cough First seen on theregister.com Jump to article: www.theregister.com/2025/03/25/draytek_routers_bootloop/
-
Chinese hackers spent four years inside Asian telco’s networks
The hackers compromised home routers made by Zyxel to gain entry into a “major” telecommunications company’s environment. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-spent-years-telco
-
Widespread Keenetic Router Data Breach Uncovered
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-keenetic-router-data-breach-uncovered