ASUS | Breaking Cybersecurity News | The Hacker News

ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492 , has a CVSS score of 9.2 out of a maximum of 10.0. "An improper authentication control vulnerability exists in certain ASUS router firmware series," ASUS said in an advisory. "This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions." The shortcoming has been addressed with firmware updates for the following branches - 3.0.0.4_382 3.0.0.4_386 3.0.0.4_388, and 3.0.0.6_102 For optimal protection, it's recommended to update their instances to the latest version of the firmware. "Use different passwords for your wireless network and router administration page," ASUS said. "Use passwords that have at least 10 characters, with a mix of capital letter...

ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080 , the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device," according to a description of the flaw shared by the Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC). Also patched by the Taiwanese company is a high-severity buffer overflow flaw tracked as CVE-2024-3079 (CVSS score: 7.2) that could be weaponized by remote attackers with administrative privileges to execute arbitrary commands on the device. In a hypothetical attack scenario, a bad actor could fashion CVE-2024-3080 and CVE-2024-3079 into an exploit chain in order to sidestep authentication and execute malicious code on susceptible devices. Both the shor...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we'll focus on the device threat vector. The risk they pose is significant, which is why device management tools like Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) are essential components of an organization's security infrastructure. However, relying solely on these tools to manage device risk actually creates a false sense of security. Instead of the blunt tools of device management, organizations are looking for solutions that deliver device trust . Device trust provides a comprehensive, risk-based approach to device security enforcement, closing the large gaps left behind by traditional device management solutions. Here are 5 of those limitations and how to ov...

The U.S. Department of Justice (DoJ) announced that it neutralized Cyclops Blink , a modular botnet controlled by a threat actor known as Sandworm, which has been attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command-and-control (C2) of the underlying botnet," the DoJ  said  in a statement Wednesday. In addition to disrupting its C2 infrastructure, the operation also closed the external management ports that the threat actor used to establish connections with the firewall appliances, effectively severing contact and preventing the hacking group from using the infected devices to commandeer the botnet. The March 22 court-authorized disruption of Cyclops Blink comes a little over a month after intelligence agencies in the U.K. and the U.S.  described  the botnet as a replace...

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search for their MAC addresses to check whether they were in the hit list. However, many believe it is not a convenient way for large enterprises with hundreds of thousands of systems to know if they were targeted or not. List of MAC Addresses Targeted in ASUS Supply Chain Attack To solve this and help other cybersecurity experts continue their hunt for related hacking campaigns, Australian security firm Skylight's CTO Shahar Zini contacted The Hacker News and provided the full list of nearly 583 MAC addresses targeted in the ASUS breach. "If information regarding targets exi...

Remember the CCleaner hack ? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. A group of state-sponsored hackers last year managed to hijack ASUS Live automatic software update server between June and November 2018 and pushed malicious updates to install backdoors on over one million Windows computers worldwide. According to cybersecurity researchers from Russian firm Kaspersky Lab , who discovered the attack and dubbed it Operation ShadowHammer , Asus was informed about the ongoing supply chain attack on Jan 31, 2019. After analyzing over 200 samples of the malicious updates, researchers learned that hackers did not want to target all users, instead only a specific list of users identified by their uniq...

Currently, Asus is undergoing through a troublesome situation after a lawsuit had been filed by the US Federal Trade Commission (FTC) regarding its Router Insecurity. On Tuesday, FTC settled charges with Asus, where the hardware manufacturing company agrees to: Undergo Independent Security Audits Once in 2 years, for the Next 2 Decades . This action had been taken as the result of security negligence in Asus Wireless Routers that put the home and corporate networks of hundreds of thousands of consumers at risk. If Asus is found to violate the agreement, the company could end up paying a civil penalty of up to $16,000 for each violation. Asus Router Security Blunders Since Asus markets its products under the label of Secure and Intelligent routers through its website, following flaws would splash its level of security and intelligence. 1. Default Username & Password: ADMIN In 2014, a serious security issue had been brought to the public regarding...

In this era of Computers and Smartphones, where we are connected to the Internet every second and use it almost for everything. For an Internet connection, one has to plug a device called Router between the ISP (Internet Service Provider) and device. Some Routers are available with USB option, where you can attach an external Hard Disk that allows files to be stored and retrieved across a computer network. Asus one of the largest IT hardware manufacturer providing these kind of devices by which you can connect to the internet and make your external hard disk available on the Internet as FTP server just by configuring AiDisk utility from the router's administrator panel.  Many ASUS Routers have this feature available, including models: RT-N66U, RT-N56U, RT-N15U, RT-N65U, RT-AC66U, DSL-N55U and RT-N16. Recently a vulnerability has been noticed by some Sweden users in the ASUS Routers, that allows an attacker to access your Hard Disk remotely from any part ...