SOHO Router | Breaking Cybersecurity News | The Hacker News

Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets. The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence Service has used its threat reduction warrant powers this way. The warrant let CSIS alter, degrade, and destroy botnet data on the infected machines and cut the devices loose from the networks. The targets were Canada-based servers, small office and home office (SOHO) routers, and Internet of Things devices: Ring doorbells, security cameras, TVs, and other Wi-Fi-enabled appliances. Justice Catherine Kane granted the warrant on May 1, 2024, renewed it that August, and issued the confidential reasons in February 2026. The warrant stayed out of public view for more than two years, until this month's redacted release. CSIS needed the order because the cleanup would likely hav...

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials from multiple Microsoft customers. "Active since at least 2021, Storm-0940 obtains initial access through password spray and brute-force attacks, or by exploiting or misusing network edge applications and services," the Microsoft Threat Intelligence team said . "Storm-0940 is known to target organizations in North America and Europe, including think tanks, government organizations, non-governmental organizations, law firms, defense industrial base, and others." Quad7, aka 7777 or xlogin, has been the subject of extensive analyses by Sekoia and Team Cymru in recent months. The botnet malware has been observed targeting several brands of SOHO routers and VPN appliances...