Tag: router
-
Mirai Botnet Variant Exploits Zero-Day Vulnerabilities in Routers
Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing, integrating N-day vulnerabilities, and ultimately leveraging a 0-day vulnerability in Four-Faith industrial routers. By November 2024, Gayfemboy had infected over 15,000 devices, utilizing over 40 grouping categories for command and…
-
Trio of Netis Router Bugs Could Prompt Significant Compromise
Tags: routerFirst seen on scworld.com Jump to article: www.scworld.com/brief/trio-of-netis-router-bugs-could-prompt-significant-compromise
-
Industrial router zero-day leveraged by new Mirai-based botnet
First seen on scworld.com Jump to article: www.scworld.com/brief/industrial-router-zero-day-leveraged-by-new-mirai-based-botnet
-
Netis routers vulnerable to chained authentication bypass, RCE flaws
First seen on scworld.com Jump to article: www.scworld.com/news/netis-routers-vulnerable-to-chained-authentication-bypass-rce-flaws
-
Gayfemboy Botnet targets Four-Faith router vulnerability
Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 2024, it borrows the code from the basic Mirai variant and now integrates N-day and 0-day exploits. By November 2024, Gayfemboy exploited 0-day vulnerabilities in Four-Faith…
-
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States. First seen on…
-
New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mirai-botnet-zerodays-routers/
-
Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation
Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &… First seen on hackread.com Jump to article: hackread.com/moxa-reports-critical-industrial-router-vulnerabilities/
-
Sicherheitslücken: Hintertür gefährdet Industrie-Router von Moxa
Wichtige Sicherheitsupdates schließen unter anderem eine kritische Lücke in Moxa-Routern. Für ein Modell ist der Patch aber bisher nicht erschienen. First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsluecken-Hintertuer-gefaehrdet-Industrie-Router-von-Moxa-10231140.html
-
New Mirai botnet targets industrial routers with zero-day exploits
A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-mirai-botnet-targets-industrial-routers-with-zero-day-exploits/
-
Moxa Warns of Critical Industrial Router Vulnerabilities
Flaws Enable Privilege Escalation and Remote Exploitation. Taiwanese industrial computing firm Moxa Technologies is warning customers about two high-severity vulnerabilities affecting its routers and network appliances, posing significant security risks to operational technology environments. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/moxa-warns-critical-industrial-router-vulnerabilities-a-27234
-
Moxa Urges Immediate Updates for Security Vulnerabilities
Moxa has reported two critical vulnerabilities in its routers and network security appliances that could allow system compromise and arbitrary code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/moxa-urges-updates-security/
-
Moxa router flaws pose serious risks to industrial environmets
Moxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution. Moxa addressed privilege escalation and OS command injection vulnerabilities in cellular routers, secure routers, and network security appliances. Below are the descriptions for both vulnerabilities: Moxa released firmware updates to address vulnerabilities CVE-2024-9140 and CVE-2024-9138. Affected…
-
Moxa: Teils kritische Router-Lücken gefährden Industrienetzwerke
Tags: routerDie Sicherheitslücken betreffen mehrere Produkte von Moxa. Eine davon basiert auf fest kodierten Zugangsdaten. Administratoren sollten handeln. First seen on golem.de Jump to article: www.golem.de/news/moxa-teils-kritische-router-luecken-gefaehrden-industrienetzwerke-2501-192188.html
-
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution.The list of vulnerabilities is as follows -CVE-2024-9138 (CVSS 4.0 score: 8.6) – A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain First seen…
-
Industrial networking manufacturer Moxa reports ‘critical’ router bugs
Moxa says the flaws can be used to bypass user authentication, escalate privileges and gain root access to devices. First seen on cyberscoop.com Jump to article: cyberscoop.com/industrial-networking-manufacturer-moxa-reports-critical-router-bugs/
-
Vulnerable Moxa devices expose industrial networks to attacks
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vulnerable-moxa-devices-expose-industrial-networks-to-attacks/
-
More telecom firms were breached by Chinese hackers than previously reported
Tags: access, at&t, attack, breach, china, cisco, communications, cyber, cyberespionage, cybersecurity, data, defense, disinformation, espionage, exploit, finance, fortinet, framework, government, group, hacker, Hardware, infrastructure, intelligence, international, microsoft, mobile, network, phone, regulation, risk, risk-management, router, spy, technology, threat, vulnerabilityChinese hackers linked to the Salt Typhoon cyberespionage operation have breached even more US telecommunications firms than initially reported.New victims, Charter Communications, Consolidated Communications, and Windstream, add to a growing list that already includes AT&T, Verizon, T-Mobile, and Lumen Technologies.Earlier, the US authorities informed that nine telecom firms have been affected by the Chinese espionage…
-
Stimmen die Voraussetzungen, kann Schadcode auf Asus-Router gelangen
Angreifer können Router von Asus ins Visier nehmen und attackieren. Dagegen sind abgesicherte Firmwares erschienen. First seen on heise.de Jump to article: www.heise.de/news/Stimmen-die-Voraussetzungen-kann-Schadcode-auf-Asus-Router-gelangen-10226829.html
-
Privacy Roundup: Week 1 of Year 2025
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
US government sanctions Chinese cybersecurity company linked to APT group
The US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon.The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its operations…
-
ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands
In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several of its router models. These flaws, tracked as CVE-2024-12912 and CVE-2024-13062, pose severe risks by allowing attackers to execute arbitrary commands on compromised devices. ASUS has advised users to act immediately by updating their routers to stay protected. About the Vulnerabilities The two vulnerabilities…
-
38C3: CCC-Hacker fordern maschinenlesbare TÜV-Plakette für vernetzte Geräte
Auf die Packungen “böser” Hard- und Software wie Plaste-Router oder smarte Uhren gehört ein Mindesthaltbarkeitsdatum, hieß es bei den “Security Nightmares”. First seen on heise.de Jump to article: www.heise.de/news/38C3-CCC-Hacker-fordern-maschinenlesbare-TUeV-Plakette-fuer-vernetzte-Geraete-10222324.html
-
Malware botnets exploit outdated D-Link routers in recent attacks
Two botnets tracked as ‘Ficora’ and ‘Capsaicin’ have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malware-botnets-exploit-outdated-d-link-routers-in-recent-attacks/
-
Critical Flaw Exposes Four-Faith Routers to Remote Exploitation
SUMMARY: VulnCheck has discovered a critical new vulnerability (CVE-2024-12856) affecting Four-Faith industrial routers (F3x24 and F3x36), with evidence… First seen on hackread.com Jump to article: hackread.com/critical-flaw-expose-four-faith-routers-remote-exploitation/
-
Four-Faith Industrial Routers Vulnerability Exploited in the Wild to Gain Remote Access
A significant post-authentication vulnerability affecting Four-Faith industrial routers has been actively exploited in the wild. Assigned as CVE-2024-12856, this flaw allows attackers to execute unauthenticated remote command injections by leveraging the routers’ default credentials. Details of the Exploitation The vulnerability impacts at least two Four-Faith router models”, F3x24 and F3x36. It involves leveraging the /apply.cgi endpoint over HTTP…
-
FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks
Mirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks. First seen on hackread.com Jump to article: hackread.com/ficora-capsaicin-botnet-d-link-router-flaws-ddos-attacks/
-
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck.The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36.The severity of the shortcoming is lower due to the fact…
-
D-Link Botnet Attacks Surge in Global Spike
Mirari and Kaiten Botnet Variants Exploit Unpatched Routers. Attackers exploiting nearly decade-old D-Link router vulnerabilities drove a sharp rise in botnet activity in 2024 through variants of the Mirari and Kaiten taking advantage of unpatched devices. Operators of botnets known as Ficora and Capsaicin exploit nearly decade-old flaws. First seen on govinfosecurity.com Jump to article:…
-
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN.”These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings First seen on…