BrightBox Home, SMB Routers Leak Volumes of Data
Leave it to a software test engineer to be thorough about his home networking gear. Scott Helme, an engineer in the U.K., likes to take a close look at traffic coming and going from new devices...
View Article300,000 Compromised Routers Redirecting Traffic to Attacker Sites
More than 300,000 small office and home office routers, most in Europe and Asia, were compromised in a campaign that started in mid-December, continuing a rash of security incidents involving home and...
View ArticleEasy Pickings at DEF CON Router Hacking Contest
Fifteen zero day vulnerabilities were exploited during the SOHOpelessly Broken router hacking contest at DEF CON.
View ArticleWPS Implementation Issue Exposes Wi-Fi Routers to Attack
A researcher discovered an issue with the random generation of WPS keys in a number of unnamed routers that could allow an attacker to guess the key in one try.
View ArticleInternet Voting Hack Alters PDF Ballots in Transmission
Researchers have published a paper that describes an Internet voting hack that alters PDF ballots in transmission.
View ArticlePirelli Home Broadband Routers Exposed for Two Years
Administration files for Pirelli routers, issued by the biggest ISP in Spain, can be accessed from anywhere putting WPA keys, PINs, certificates and more at risk.
View ArticleD-Link Working on Firmware Updates for Three Critical Bugs
D-Link is in the midst of pushing out firmware updates for eight of its home router models, addressing three serious remote code injection vulnerabilities.
View ArticleD-Link Patches Two Remotely Exploitable Bugs in Firmware
Router company D-Link has patched two separate vulnerabilities in its firmware that could be exploited remotely and lead to takeover and arbitrary code execution. Devices under the DCS-93xl umbrella,...
View ArticleDefault Credentials Lead to Massive DDoS-For-Hire Botnet
Tens of thousands of home and office-based routers have been hijacked over the last several months to stage a distributed denial of service attack campaign.
View ArticleExploit Kit Using CSRF to Redirect SOHO Router DNS Settings
French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
View ArticleTotoLink Routers Plagued By XSS, CSRF, RCE Bugs
A slew of routers manufactured in China are fraught with vulnerabilities, some which have existed in products for as long as six years.
View ArticleMultiple Critical Vulnerabilities in Quanta Routers Won’t Be Patched
Routers manufactured by Quanta are riddled with critical vulnerabilities that won’t be patched, as the company considers the product end of life.
View ArticleBeta Firmware Updates Available for Vulnerable Netgear Routers
Netgear has built beta firmware updates for its Nighthawk routers vulnerable to a command injection attack disclosed last week.
View ArticleRouter Vulnerabilities Disclosed in July Remain Unpatched
Command injection vulnerabilities and accessible default admin credentials in home routers distributed by Thailand’s largest broadband provider remain unpatched despite private disclosures to the...
View ArticleThreatpost News Wrap, February 3, 2017
Mike Mimoso and Chris Brook recap the news of the week, including a Microsoft SMB zero day, the latest Netgear router vulnerability, and a new HTTPS milestone.
View ArticleUpdated Firmware Due for Serious TP-Link Router Vulnerabilities
A researcher disclosed vulnerabilities in TP-Link C2 and C20i routers that allow for remote code execution and denial-of-service attacks with authentication.
View ArticleASUS Patches RT Router Vulnerabilities
ASUS updated the firmware in March of a number of its RT routers to address vulnerabilities found within the device’s native web interface.
View ArticleAuthentication Bypass, Potential Backdoors Plague Old WiMAX Routers
WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.
View Article
