Routers Archives - Cyber Security Minute

21 Vulnerabilities Discovered in Crucial IT-OT Connective Routers

Issued by: Dark Reading

Researchers have discovered 21 vulnerabilities in a popular brand of industrial router. On Dec. 7 at Black Hat Europe, analysts from Forescout will reveal the bugs — including one of 9.6 “Critical” severity on the CVSS scale, and nine “High” severity — affecting a brand of operational technology (OT)/Internet of Things (IoT) routers especially common…

Vulnerabilities

Critical bug in Cisco EoL Small Business Routers will receive no patch

Issued by: Security Affairs

Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL). The flaw is an authentication bypass issue…

Vulnerabilities

Synology fixes multiple critical vulnerabilities in its routers

Issued by: Security Affairs

Taiwanese NAS maker Synology published two new critical advisories in December. The first advisory is related to the most severe vulnerability addressed by the company, which is a critical out-of-bounds write issue, tracked as CVE-2022-43931 (CVSS3 Base Score10). The vulnerability resides in the Remote Desktop Functionality of Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635….

Malware & Threats

New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers

Issued by: Security Week

Dubbed Enemybot, the botnet appears to be the work of Keksec, an established cybercrime group that specializes in DDoS attacks and cryptocurrency mining. The malware was built using the source code of the Gafgyt (Bashlite) botnet – which leaked in 2015 – with some modules borrowed from the infamous Mirai botnet, including the scanner module…

Network Security

How to protect MikroTik routers from the Mēris botnet

Issued by: Kaspersky Blog

Recent large-scale DDoS attacks using a new botnet called Mēris peaked at almost 22 million requests per second. According to Qrator research, MikroTik’s network devices generated a fair share of the botnet’s traffic. Having analyzed the situation, MikroTik experts found no new vulnerabilities in the company’s routers; however, old ones may still pose a threat….

Network Security

Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020

Issued by: Security Week

Due to the COVID-19 pandemic, the competition has been turned into a virtual event and Pwn2Own Tokyo is actually coordinated by Trend Micro’s ZDI from Toronto, Canada, with participants demonstrating their exploits remotely. Organizers have offered significant prizes for exploits targeting a wide range of mobile and IoT devices, but participants have only focused on…