- VPNFilter’s Arsenal Expands With Newly Discovered Modules
September 26, 2018
Seven new modules discovered in VPNFilter further fill in the blanks about how the malware operates and reveals a wider breath of capabilities.
Researchers have discovered new modules in VPNFilter – the malware behind the widespread campaign in May that infected 75 router brands – revealing that its capabilities are much more widespread and sophisticated than previously thought.
- Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic
September 3, 2018
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks.
Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy maliciously, allowing attackers to ...
- Apple Forces Facebook VPN App Out of iOS Store for Stealing Users’ Data
August 23, 2018
Facebook yesterday removed its mobile VPN app called Onavo Protect from the iOS App Store after Apple declared the app violated the iPhone maker’s App Store guidelines on data collection.
For those who are unaware, Onavo Protect is a Facebook-owned Virtual Private Network (VPN) app that was primarily designed to help users keep tabs on their ...
- Postmortem of a Compromised MikroTik Router
August 14, 2018
Cryptocurrency coinminers are the new ransomware and malicious actors have already pounced on the opportunity to make their fortune. Symantec has been tracking a large-scale coin-mining campaign which, as per Shodan, has currently infected about 157,000 MikroTik routers.
Researchers discovered this coin-mining campaign in early August 2018. The campaign was initially concentrated in Brazil; however, it soon began ...
- Cybercrooks slurp nearly $1m from Russian bank after pwning router at regional branch
July 20, 2018
Hackers stole almost $1m from a Russian bank earlier this month after breaching its network via an outdated router.
PIR Bank was looted by the notorious MoneyTaker hacking group, according to Group-IB, the Moscow-based security firm called in by the bank to handle incident response.
Funds were stolen on 3 July through the Russian Central Bank’s Automated ...
- Researchers Uncover New Attacks Against LTE Network Protocol
June 29, 2018
If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely.
A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users’ cellular networks, modify the contents of their ...
- WPA3 Standard Officially Launches With New Wi-Fi Security Features
June 25, 2018
The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises to eliminate all the known security vulnerabilities and wireless attacks that are up today including the dangerous KRACK attacks.
WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is intended to prevent hackers ...
- VPNFilter Malware Infects 500k Routers Including Linksys, MikroTik, NETGEAR
May 23, 2018
Malware called VPNFilter has infected 500,000 router brands ranging from Linksys, MikroTik, NETGEAR and TP-Link that are mostly used in home offices. Researchers at Cisco Talos said they decided to warn the public of the threat despite the fact the infected devices and malware are still under investigation.
Researchers said their investigation into VPNFilter has been ...
- DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide
May 21, 2018
Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users.
Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication.
Source: The ...
- 5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws
May 10, 2018
Well, that did not take long.
Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices.
Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have spotted 5 botnet families, including Mettle, Muhstik, Mirai, Hajime, and Satori, ...
- Sierra Wireless Patches Critical Vulns in Range of Wireless Routers
May 8, 2018
Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet.
The more critical of the two (with a 9.4 CVSSv3 Temp Score) is a privilege-escalation bug (CVE-2018-10251), which could allow a remote attacker ...
- Millions of Home Fiber Routers Vulnerable to Complete Takeover
May 1, 2018
Consumers lucky enough to have blazing-fast 1Gbps internet access in their homes are likely to use the internet more than lower-broadband households; however, millions of them are at risk for hackers to gain wide-ranging access to their internet activities (including being able to view full browsing histories).
A comprehensive assessment of various GPON home routers by vpnMentor has ...
- Warning – 3 Popular VPN Services Are Leaking Your IP Address
March 13, 2018
Researchers found critical vulnerabilities in three popular VPN services that could leak users’ real IP addresses and other sensitive data.
VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as useful to obscure your actual IP address.
While some choose VPN ...
- 23,000 HTTPS certs will be axed in next 24 hours after private keys leak
March 1, 2018
Customers of HTTPS certificate reseller Trustico are reeling after being told their website security certs – as many as 23,000 – will be rendered useless within the next 24 hours.
This is allegedly due to a security blunder in which the private keys for said certificates ended up in an email sent by Trustico. Those keys ...
- Cisco Patches Critical VPN Vulnerability
January 30, 2018
Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on affected devices.
The vulnerability impacts nearly a dozen Cisco products ranging from 3000 Series ...
- 19-Year-Old TLS Vulnerability Weakens Modern Website Crypto
December 13, 2017
A vulnerability called ROBOT, first identified in 1998, has resurfaced. Impacted are leading websites ranging from Facebook to Paypal, which are vulnerable to attackers that could decrypt encrypted data and sign communications using the sites’ own private encryption key.
The vulnerability is found in the transport layer security protocol used for Web encryption. A successful attack could ...
- Banking Apps Found Vulnerable to MITM Attacks
December 7, 2017
Leading US and UK-based banks have patched a flaw found in their Android and iOS mobile apps that allowed adversaries to conduct man-in-the-middle attacks to steal customer credentials and view and manipulate network traffic.
According to researchers at the School of Computer Science at the University of Birmingham that found the flaw, the vulnerability impacted nine apps belonging ...
- DUHK Attack Exposes Gaps in FIPS Certification
October 24, 2017
Despite the obligatory logo and clever name, this week’s assault on crypto, the so-called DUHK attack (Don’t Use Hardcoded Keys), isn’t likely to be part of many threat models.
Though the attack can be used to passively decrypt VPN and encrypted browser traffic, it relies on a host of implementation errors in admittedly ancient security appliances to trigger ...
- Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software
October 2, 2017
Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it.
Dnsmasq is a widely used lightweight network application tool designed to provide DNS (Domain Name System) forwarder, ...
- Internet-wide security update put on hold over fears 60 million people would be kicked offline
September 28, 2017
A multi-year effort to update the internet’s overall security has been put on hold just days before it was due to be introduced, over fears that as many as 60 million people could be forced offline.
DNS overseer ICANN announced on Thursday it had postponed the rollout of a new root zone “key signing key” (KSK) used to secure the internet’s foundational ...