Tag: router
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. First…
-
Russian cyber spies targeting consumer, Soho routers
The UK’s NCSC and Microsoft have shared details of an ongoing cyber espionage campaign targeting vulnerable network routers, orchestrated by the Russian state actor Fancy Bear. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641403/Russian-cyber-spies-targeting-consumer-Soho-routers
-
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025.The large-scale exploitation campaign has been…
-
Russia’s Fancy Bear still attacking routers to boost fake sites, NCSC warns
200 orgs and 5,000 devices compromised so far in Vlad’s latest intelligence grab, Microsoft reckons First seen on theregister.com Jump to article: www.theregister.com/2026/04/07/russia_fancy_bear_ncsc_router_attack/
-
Russian government hackers broke into thousands of home routers to steal passwords
Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/07/russian-government-hackers-broke-into-thousands-of-home-routers-to-steal-passwords/
-
Russian hackers hijack internet traffic using vulnerable routers
The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/russian-hackers-router-hijacking-dns-credential-theft/
-
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/
-
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/
-
Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns
Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-apt28-hijack-routers-uk-ncsc/
-
UK exposes Russian cyber unit hacking home routers to hijack internet traffic
Officials said the activity centers on compromising small office and home office routers and similar network devices exposed to the internet, often because of weak security settings or outdated software. First seen on therecord.media Jump to article: therecord.media/uk-exposes-russian-cyber-unit-hacking-home-routers
-
Banning Routers Won’t Secure the Internet
Washington’s push to ban foreign-made Wi-Fi routers may sound tough on cybersecurity, but like earlier bans on foreign drones and telecom gear it risks becoming security theater that ignores the real problem: Millions of unpatched devices already sitting on American networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/banning-routers-wont-secure-the-internet/
-
Cisco fixes critical IMC auth bypass present in many products
Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
-
Breach of Confidence: 3 April 2026
I once tried to assemble IKEA furniture this week without looking at the instructions. Got halfway through before realising I’d built something structurally sound but utterly useless. Feels like a decent metaphor for most security programmes. America Discovers It Doesn’t Make Routers Anymore The US just banned foreign-made routers because malicious actors kept using them……
-
TP-Link Router Flaws Allowed Attackers to Launch DoS Attacks and Cause Crashes
TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. When vulnerabilities allow threat actors to knock these devices offline or change their settings without permission, it poses a direct risk…
-
TP-Link Router Flaws Allowed Attackers to Launch DoS Attacks and Cause Crashes
TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. When vulnerabilities allow threat actors to knock these devices offline or change their settings without permission, it poses a direct risk…
-
US Bans All Foreign-Made Consumer Routers
This is for new routers; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt…
-
US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’
Public policy professor says it will make America less secure but hits Netgear’s lobbying goals First seen on theregister.com Jump to article: www.theregister.com/2026/03/30/professor_criticizes_fcc_router_ban/
-
Is the FCC’s Router Ban the Wrong Fix?
The agency put foreign-made consumer routers on its list of prohibited communications devices, but the ban could create more problems down the road. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fcc-router-ban-wrong-fix
-
TP-Link warnt vor Sicherheitslücken: Firmware zahlreicher Router manipulierbar
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password
TP-Link patched high-severity Archer NX router flaws, including one that could let attackers upload rogue firmware without authentication. The post TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-tp-link-router-security-flaw-update-now/
-
Sicherheitslücken: Angreifer können TPRouter kapern
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
TP-Link: Router-Lücke lässt Angreifer andere Firmware einschleusen
TP-Link warnt vor Sicherheitslücken in mehreren seiner Router. Angreifer können unter anderem die Firmware austauschen und Konfigurationen manipulieren. First seen on golem.de Jump to article: www.golem.de/news/tp-link-router-luecke-laesst-angreifer-andere-firmware-einschleusen-2603-206939.html
-
US Bans New Foreign-Made Home Routers Over National Security Fears
The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices. First seen on hackread.com Jump to article: hackread.com/us-bans-foreign-home-routers-national-security/
-
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover
TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of 8.6), a critical authentication bypass flaw. The vulnerability impacts multiple models, including NX200, NX210, NX500,…
-
Forescout: Routers Now Top the Riskiest Connected Devices List, With 11 New Device Types Emerging
Forescout’s annual >>Riskiest Connected Devices<< report is out for 2026, and the findings point to a fast-expanding set of device categories presenting serious risk to enterprise networks. Published by Forescout Research's Vedere Labs at RSAC 2026, the report analyzed millions of devices in Forescout's Device Cloud using a multifactor risk scoring methodology. The headline finding:..…
-
FCC Bans Foreign-Made Routers Over National Security Concerns
The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-fcc-bans-foreign-made-routers/
-
FCC targets foreign router imports amid rising cybersecurity concerns
The FCC will ban new foreign-made routers in the U.S. over security risks, unless approved by DHS or defense authorities. The U.S. FCC announced a ban on importing new foreign-made consumer routers, citing unacceptable cyber and national security risks. The decision, backed by Executive Branch assessments, means such devices can no longer be sold or…
-
US targets foreign-made routers as security concerns rise, but experts warn risks go further
The US Federal Communications Commission (FCC) has expanded its “Covered List” to include certain foreign-made consumer routers, a move that will block new models from receiving equipment authorisation and prevent them from being imported or sold in the United States. The decision reflects growing concern around supply chain security and the potential for foreign state…