A new worm that propagates itself from router to router has been discovered by Security researcher Johannes B. Ullrich of the SANS Technology Institute. This Linksys worm was named “The Moon” because it includes some basic HTML pages with images based on the movie “The Moon”. The worm takes advantage of vulnerabilities in several Linksys products, including the models: […]
CERT Polska (the Polish Computer Emergency Response Team) has uncovered a Hack of Mass Destruction directed against the Polish Banking sector. This attack modified the DNS settings on victims routers, and then a simple man-in-the-middle attack was launched after the rogue DNS servers misdirected users to what they thought was their bank’s website. The attack […]
It sounds like a joke, but is your refrigerator sending SPAM? Unfortunately it’s no joke. It’s simply the obvious question to ask after reading the latest research from Proofpoint In this research, they analyzed how SPAM attacks were occurring, and found that 25% of the malicious emails did not come from “computers”, but rather from internet-connected […]
Scott Helme, a blogger from the UK has warned of multiple vulnerabilities with BrightBox, a router that’s standard equipment for subscribers to the UK’s EE telecom service. He found that the device leaked sensitive information such as WPA encryption keys, passwords and ISP user credentials. Hackers might also have the ability to change a router’s DNS […]
ABDELLI Nassereddine, an Algerian Computer Science Student has reported a highly critical unauthorized access and password disclosure vulnerability in the routers provided by Algerie Telecom. Algerie Telecom provides TP-LINK TD-W8951ND routers to most of their customers which contain this vulnerability. Nassereddine found that this router allows access to an administrator interface page without any authorization […]
A new worm has been found that attacks Internet of Things devices. The worm, Linux.Darlloz, exploits a PHP vulnerability to propagate itself in the wild. The worm utilizes the PHP ‘php-cgi’ Information Disclosure Vulnerability (CVE-2012-1823), which is an old vulnerability that was patched in May 2012. The attacker recently created the worm based on the […]
There’s a great analysis of a newly discovered CSRF vulnerability in certain models of TP-LINK routers. This analysis explains what the vulnerability is, what it could affect, how to detect it, and how it could be exploited. A CSRF attack is often used by hackers to attack routers passively without having to directly touch them. […]
Zachary Cutlip of Tactical Network Solutions presented some of his very interesting research at the security conference Black Hat USA 2012. His work centers on attacking Netgear routers that have built-in DLNA servers. DLNA is a network protocol that’s much like UPnP, and allows for things like servers to stream media to all of the […]
A new vulnerability called Joel’s Backdoor has been found in D-Link routers that allows unauthenticated users to gain access to administrator functions. A terrific write-up of the discovery of this vulnerability can be found here. The vulnerability appears to affect the following D-Link routers DIR-100 DIR-120 DI-624S DI-524UP DI-604S DI-604UP DI-604+ TM-G5240 Additionally, several Planex routers […]
Very interesting article about a guy who inherited a BSkyB router and what he learned by hacking into it.