Cyber security news for all

More

    Manipulated configuration of various Netgear routers are unsafe

    The firmware updater of some Netgear routers are apparently unsafe. Whether and how the manufacturer reacts to the problem is completely unclear. The manufacturer has been silent for weeks.

    Netgear Routers Retrieve SSL Encrypted Firmware Updates

    The devices should not check the server certificate used, specifically the download tool with the parameter. No check certificate should be used behind the scenes. An attacker could therefore deliver manipulated firmware updates and ultimately take over the routers. For this to work, the attacker has to redirect the router’s data traffic.

    Meanwhile, the researchers recommend switching off the automatic update function and not performing any firmware downloads with the router’s web interface. Instead, owners of the affected router models should download the update files from the service area of the manufacturer’s website and import them manually with the web interface.

    Criminals Could Mimic A Bank’s Home Page

    If an attacker succeeds in connecting to this chain using a manipulated address book, he can cheer the router with other IP addresses and thus guide the user to fake websites. For example, criminals could mimic a bank’s home page to tap the login information that is typed in on the fake page.

    The target of the attack is the administration interface of the router. Even if it is decoupled from remote maintenance and is actually only available in the local network, it can be attacked, since routers are often not protected against attacks. With this attack, the cybercriminals primarily take advantage of the convenience of the user.Many users configure a router only once, after which they no longer worry about it. Regular firmware updates are very important for this interface.

    The worst of the flaws lets hackers remotely install malware on the Nighthawk X4S gaming router, model R7800. That could lead to the entire Wi-Fi network and all web traffic that runs through it being compromised. Netgear gives that vulnerability a severity score of 9.4/10, which qualifies as “critical.”

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox