Tag: router
-
National security risks in routers, modems targeted in bipartisan Senate bill
A separate piece of bipartisan Senate legislation would create a cyber insurance working group. First seen on cyberscoop.com Jump to article: cyberscoop.com/routers-modems-national-security-risks-senate-bill/
-
Network security tool defects are endemic, eroding enterprise defense
When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/network-security-defects-erode-defense/738387/
-
Sicherheitsupdate: Schadcode-Attacken können D-Link-Router schaden
In der aktuellen Firmware haben D-Link-Entwickler eine offensichtlich kritische Schwachstelle im Router DSL-3788 geschlossen. First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdate-Schadcode-Attacken-koennen-D-Link-Router-schaden-10259091.html
-
Juniper-Router: Maßgeschneiderte Backdoors warten auf Magic Packets
IT-Forscher haben Backdoors auf Juniper-Routern entdeckt und untersucht. Sie werden durch Magic Packets aktiviert. First seen on heise.de Jump to article: www.heise.de/news/Juniper-Router-Massgeschneiderte-Backdoors-warten-auf-Magic-Packets-10258653.html
-
Privacy Roundup: Week 4 of Year 2025
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Black ‘Magic’ Targets Enterprise Juniper Routers With Backdoor
Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don’t run monitoring software like Sysmon, making the attacks harder to detect. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/black-magic-enterprise-juniper-routers-backdoor
-
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic.According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a “magic packet” sent by the threat actor in TCP traffic. “J-magic campaign…
-
New backdoor discovered that specifically targets Juniper routers
Researchers at Black Lotus Labs have uncovered an operation where a back door is dropped onto enterprise-grade Juniper Networks routers and listens for specific network signals, known as >>magic packets,
-
Murdoc Botnet Exploiting AVTECH Cameras Huawei Routers to Gain Complete Control
Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc, which has been targeting AVTECH cameras and Huawei HG532 routers since at least July 2024. Mass Campaign Leveraging Two Key Vulnerabilities The campaign exploits two known vulnerabilities: These vulnerabilities enable attackers to co-opt vulnerable devices into a Mirai-based botnet infrastructure. Current…
-
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks.According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further abuse.Some…
-
Spooks of the internet came alive this Halloween
Halloween 2024 made history with a massive spike in distributed denial of service (DDoS) attacks, with one particular assault reaching over 5 Terabits-per-second (Tbps) worth of phony traffic.In its quarterly analysis of DDoS attacks, Cloudflare reported a surge in hyper-volumetric attacks in the fourth quarter of 2024.”In the fourth quarter, over 420 of those attacks…
-
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet.The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys security researcher Shilpesh First seen on…
-
New Mirai Variant Targets Flaws in Cameras and Routers
Murdoc Botnet Uses Over 100 Distinct C2 Servers to Manage Infected Devices. A new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in…
-
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers
Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet. Murdoc Botnet is a new Mirai botnet variant that targets vulnerabilities in AVTECH IP cameras and Huawei HG532 routers, the Qualys Threat Research Unit reported. The botnet has been active since at least…
-
PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3 and 4 with all firmware up to the latest version. This vulnerability, which has been documented as CVE-2024-54887, allows for potential arbitrary remote code execution (RCE) through stack buffer overflow…
-
New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers
Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mirai-variant-targets-cameras/
-
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet.The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys security researcher Shilpesh First seen on thehackernews.com…
-
Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally
Millions of devices, including home routers, VPN servers, and CDNs are vulnerable to exploitation due to critical flaws… First seen on hackread.com Jump to article: hackread.com/tunneling-flaws-millions-of-vpns-and-routers-at-risk/
-
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices.The activity “take[s] advantage of misconfigured DNS records to pass email protection techniques,” Infoblox security researcher David Brunsdon said in a technical report…
-
High Severity Vulnerability Discovered in CP Plus Router: Immediate Attention Needed
A security vulnerability has been identified in the CP Plus CP-XR-DE21-S Router, which could potentially expose sensitive user information and compromise system integrity. This CP Plus Router vulnerability, categorized under the CERT-In Vulnerability Note CIVN-2025-0005, was disclosed on January 20, 2025. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cp-plus-router-vulnerability/
-
PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887)
A serious code execution vulnerability in the TP-Link TL-WR940N router, identified as CVE-2024-54887, has become the focus of intense scrutiny following the release of a proof-of-concept (PoC) exploit. This vulnerability allows attackers to execute arbitrary code on the device remotely without authentication, posing significant risks to network security. The following article provides an overview of…
-
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks.”Internet hosts that accept tunneling packets without verifying the sender’s identity can be hijacked to perform anonymous attacks and provide access to their networks,” Top10VPN said in a study, as part of a collaboration with…
-
Slew of WavLink vulnerabilities
Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page, of the Wavlink AC3000 wireless router web application. The Wavlink AC3000 wireless router is one of the First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/slew-of-wavlink-vulnerabilities/
-
Beware cybersecurity tech that’s past its prime, 5 areas to check or retire
Tags: access, advisory, ai, antivirus, attack, authentication, breach, bug-bounty, ciso, cloud, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, firewall, Hardware, network, password, penetration-testing, risk, router, siem, software, strategy, switch, threat, tool, vpn, vulnerability, waf, zero-trustCybersecurity leaders can choose from an ever-expanding list of digital tools to help them ward off attacks and, based on market projections, they’re implementing plenty of those options.Gartner predicts a 15% increase in cybersecurity spending for 2025, with global expenditures expected to reach $212 billion in the upcoming year. The research and consulting firm says…
-
Free-software warriors celebrate landmark case that enforced GNU LGPL
On the Fritz: German router maker AVM lets device rights case end after coughing up source code First seen on theregister.com Jump to article: www.theregister.com/2025/01/10/german_router_maker_avm_lgpl/
-
New Mirai botnet targets industrial routers
Tags: access, attack, botnet, cctv, china, credentials, cve, cybercrime, data, ddos, exploit, germany, network, password, remote-code-execution, router, russia, update, vulnerability, zero-dayAccording to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices.Experts from VulnCheck reported at the end of…