router security | Breaking Cybersecurity News | The Hacker News

Taiwanese networking equipment manufacturer D-Link has agreed to implement a "comprehensive software security program" in order to settle a Federal Trade Commission (FTC) lawsuit alleging that the company didn't take adequate steps to protect its consumers from hackers. Your wireless router is the first line of defense against potential threats on the Internet. However, sadly, most widely-used routers fail to offer necessary security features and have often found vulnerable to serious security flaws, eventually enabling remote attackers to unauthorizedly access networks and compromise the security of other devices connected to it. In recent years, the security of wireless networks has been more of a hot topic due to cyber attacks, as well as has gained headlines after the discovery of critical vulnerabilities—such as authentication bypass , remote code execution , hard-coded login credentials , and information disclosure—in routers manufactured by various brands....

A cybersecurity researcher at Tenable has discovered multiple security vulnerabilities in Verizon Fios Quantum Gateway Wi-Fi routers that could allow remote attackers to take complete control over the affected routers, exposing every other device connected to it. Currently used by millions of consumers in the United States, Verizon Fios Quantum Gateway Wi-Fi routers have been found vulnerable to three security vulnerabilities, identified as CVE-2019-3914, CVE-2019-3915, and CVE-2019-3916. The flaws in question are authenticated command injection (with root privileges), login replay , and password salt disclosure vulnerabilities in the Verizon Fios Quantum Gateway router (G1100), according to technical details Chris Lyne, a senior research engineer at Tenable, shared with The Hacker News. Authenticated Command Injection Flaw (CVE-2019-3914) When reviewing the log file on his router, Chris noticed that the "Access Control" rules in the Firewall settings, availabl...

Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker's perspective has never been more important. In this guide, we look at why attack surfaces are growing and how to monitor and manage them properly with  tools like Intruder . Let's dive in. What is your attack surface? First, it's important to understand what we mean when we talk about an attack surface. An attack surface is the sum of your digital assets that are 'reachable' by an attacker – whether they are secure or vulnerable, known or unknown, in active use or not. You can also have both internal and external attack surfaces - imagine for example a malicious email attachment landing in a colleague's inbox, vs a new FTP server being...

Is your router collects data on your network? Netgear last week pushed out a firmware update for its wireless router model NightHawk R7000 with a remote data collection feature that collects router's analytics data and sends it to the company's server. For now, the company has rolled out the firmware update for its NightHawk R7000, but probably other router models would receive the update in upcoming days. The Netgear's alleged router analytics data collects information regarding: Total number of devices connected to the router IP address MAC addresses Serial number Router's running status Types of connections LAN/WAN status Wi-Fi bands and channels Technical details about the use and functioning of the router and the WiFi network. The company said it is collecting the data for routine diagnostic to know how its products are used and how its routers behave. "Technical data about the functioning and use of our routers and their WiFi network ...

Bad news for consumers with Linksys routers: Cybersecurity researchers have disclosed the existence of nearly a dozen of unpatched security flaws in Linksys routers, affecting 25 different Linksys Smart Wi-Fi Routers models widely used today. IOActive's senior security consultant Tao Sauvage and independent security researcher Antide Petit published a blog post on Wednesday, revealing that they discovered 10 bugs late last year in 25 different Linksys router models. Out of 10 security issues (ranging from moderate to critical), six can be exploited remotely by unauthenticated attackers. According to the researchers, when exploited, the flaws could allow an attacker to overload the router, force a reboot by creating DoS conditions, deny legitimate user access, leak sensitive data, change restricted settings and even plant backdoors. Many of the active Linksys devices exposed on the internet scanned by Shodan were using default credentials, making them susceptible to the...

Image Source: Book - Protect Your Windows Network from Perimeter to Data The United States' trade watchdog has sued Taiwan-based D-link, alleging that the lax security left its products vulnerable to hackers. The Federal Trade Commission (FTC) filed a lawsuit ( pdf ) against D-Link on Thursday, arguing that the company failed to implement necessary security protection in its routers and Internet-connected security cameras that left "thousands of consumers at risk" to hacking attacks. The move comes as cyber criminals have been hijacking poorly secured internet-connected devices to launch massive DDoS attacks that can force major websites offline. Over two months back, a nasty IoT botnet, known as Mirai, been found infecting routers, webcams, and DVRs built with weak default passwords and then using them to DDoS major internet services. The popular Dyn DNS provider was one of the victims of Mirai-based attack that knocked down the whole internet for many users...

While using your cell phone at a massive public event, like a concert, conference, or sporting event, you have probably experienced slow communication, poor performance or slow browsing speeds, as crowds arrive. That's because of ' Spectrum Crunch ', which means, Interference of WiFi signals with each other. WiFi signals of all cell-phones in a large event interfere with each other because they are all fighting over the same limited spectrum but there is not enough bandwidth to handle all the traffic from the cellphones that are trying to use the same frequency slice at the same time, leaving them frustrated with painfully slow Internet access. However, a team of researchers from the MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) has developed a solution for this problem. In a new research paper, 'Real-time Distributed MIMO Systems,' published online this week, the MIT team described a system for managing networks that cause the WiFi ...

Currently, Asus is undergoing through a troublesome situation after a lawsuit had been filed by the US Federal Trade Commission (FTC) regarding its Router Insecurity. On Tuesday, FTC settled charges with Asus, where the hardware manufacturing company agrees to: Undergo Independent Security Audits Once in 2 years, for the Next 2 Decades . This action had been taken as the result of security negligence in Asus Wireless Routers that put the home and corporate networks of hundreds of thousands of consumers at risk. If Asus is found to violate the agreement, the company could end up paying a civil penalty of up to $16,000 for each violation. Asus Router Security Blunders Since Asus markets its products under the label of Secure and Intelligent routers through its website, following flaws would splash its level of security and intelligence. 1. Default Username & Password: ADMIN In 2014, a serious security issue had been brought to the public regarding...