Tag: Routers

News

Investigadores descubren una vulnerabilidad de seguridad en los chips MediaTek que podría afectar a routers y smartphones

[ad_1]

MediaTek Los informes indican que los chips presentan una grave vulnerabilidad de seguridad que podría facilitar que los piratas informáticos aprovechen los ataques de ejecución remota de código (RCE). Según una empresa de ciberseguridad, algunos chips electrónicos presentan esta vulnerabilidad, que afecta en gran medida a dispositivos como routers y smartphones. En particular, la vulnerabilidad se informó en marzo; sin embargo, recientemente se publicó una prueba de concepto en GitHub que destaca la posibilidad de explotarla. La empresa la ha clasificado como vulnerabilidad crítica con una puntuación CVSS 3.0 de 9,8.

en BlogEl equipo de investigación de amenazas de SonicWall Capture Labs ha detallado la nueva vulnerabilidad. La vulnerabilidad ha sido clasificada como CVE-2024-20017 y descrita como una vulnerabilidad crítica sin clic. En pocas palabras, este tipo de vulnerabilidad permite a los atacantes explotar el sistema de forma remota, sin requerir ninguna acción o interacción por parte de la víctima. Esto significa que el usuario no necesita seguir ninguna plantilla utilizada en un ataque de phishing tradicional.

Los investigadores dieron a la vulnerabilidad una puntuación de 9,8, destacando su naturaleza crítica. El problema se observó específicamente en dos conjuntos de chips MediaTek Wi-Fi, el MT7622 y el MT7915, así como en los paquetes de controladores SoftAP de la serie RTxxxx. Estos kits suelen ser utilizados por fabricantes como Xiaomi, Ubiquiti y Netgear para teléfonos inteligentes y enrutadores. Según la firma de ciberseguridad, la vulnerabilidad afecta a las versiones 7.4.0.1 y anteriores de MediaTek SDK y a las versiones 19.07 y 21.02 de OpenWrt.

En cuanto a la explotación, esta vulnerabilidad abre el camino a la ejecución remota de código. Según los investigadores, los atacantes pueden utilizar una “técnica de sobrescritura de tablas a través de una cadena de programación orientada al retorno (ROP)” para recopilar información confidencial del dispositivo sin que el usuario tenga que hacer nada.

Una de las razones por las que la vulnerabilidad se destaca ahora y no en marzo cuando se descubrió por primera vez es porque una publicación en GitHub mostró una prueba de concepto de la vulnerabilidad, mostrando que era posible llevar a cabo un ataque usando CVE-2024-20017. .

Vale la pena señalar que los investigadores se pusieron en contacto con MediaTek, que emitió parches para solucionar la vulnerabilidad de seguridad. También se ha pedido a los usuarios que actualicen el firmware lo antes posible.

[ad_2]

Source Article Link

Tags afectar, chips, descubren, Investigadores, Los, MediaTek, podría, Routers, seguridad, smartphones, una, vulnerabilidad

Featured

Hackers of all kinds are attacking routers across the world

Post author By lisa nichols
Post date May 2, 2024
No Comments on Hackers of all kinds are attacking routers across the world

[ad_1]

When hackers find a vulnerable router, they compromise it by installing malware that grants persistence, the ability to run distributed denial of service (DDoS) attacks, hide malicious traffic, and more. But what happens when the hackers find a router that was already compromised by a rival gang?

Cybersecurity researchers from Trend Micro published a report that found that one of two things happen: either one group allows the other one to use the compromised infrastructure for a fee, or they each find a different way to break into the device and they use them simultaneously.

Trend Micro’s researchers made an example out of Ubiquity’s EdgeRouters, internet routers that were abused by a handful of hacking groups at the same time, some being state-sponsored, and others being financially-driven.

Shared co-working spaces

“Cybercriminals and Advanced Persistent Threat (APT) actors share a common interest in proxy anonymization layers and Virtual Private Network (VPN) nodes to hide traces of their presence and make detection of malicious activities more difficult,” the researchers explained. “This shared interest results in malicious internet traffic blending financial and espionage motives.”

When it comes to Ubiquity, Trend Micro researchers said they observed the endpoints being used by the APT28 threat actor for “persistent espionage campaigns.” APT28 is a Russian state-sponsored group, also known as Fancy Bear, or Pawn Storm. At the same time, they also saw a financially motivated group called the Canadian Pharmacy gang, using the same infrastructure to mount pharma-related phishing campaigns. Finally, they observed the Ngioweb malware being loaded directly into the memory of these devices – malware that was attributed to the Ramnit group.

EdgeRouters were a popular target mostly because the victims kept them either poorly defended, or entirely undefended. However, they don’t stand out much from other routers, which are all an equally popular asset for hackers. This is because generally they have reduced security monitoring, less stringent password policies, are rarely updated, and run on powerful operating systems that can be used for a wide number of things, Trend Micro concluded.

TP-Link routers are still being bombarded with botnet and malware threats

Post author By lisa nichols
Post date April 19, 2024
No Comments on TP-Link routers are still being bombarded with botnet and malware threats

[ad_1]

More than a year after a patch was released, hackers are still competing to compromise vulnerable TP-Link Wi-Fi routers.

A report from Fortinet claims half a dozen botnet operators are scanning for vulnerable TP-Link Archer AX21 (AX1800) routers after cybersecurity researchers discovered a high-severity unauthenticated command injection flaw in the endpoints early last year.

The vulnerability, tracked as CVE-2023-1389, was patched a few months later, in March 2023.

Working in Russia’s interest

However, a year later, in March 2024, Fortinet discovered that attempts at leveraging this flaw rose beyond 40,000 and up to 50,000 a day. Apparently, multiple groups are doing it at the same time:

“Recently, we observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant”, Fortinet said in its report.

Different Mirai variants, and a botnet named “Condi” have been identified as going after TP-Link routers since the vulnerability was first disclosed.

Mirai is considered one of the largest and most disruptive botnets out there.

Hackers are always on the lookout for vulnerable, internet-connected endpoints, such as smart home devices, smart speakers, routers, computers, and similar. When they find such devices, they infect them with malware that gives them the ability to run certain commands. The most popular use case is Distributed Denial of Service (DDoS) attacks, in which the compromised machines are tasked with sending meaningless traffic towards a single entity.

Due to the sheer number of traffic requests, the entity is unable to process them all – including legitimate traffic – and crashes, hence the name – denial of service.

To make sure your endpoints are not assimilated into a malicious botnet and used in DDoS attacks, apply the latest patches and firmware updates to all internet-connected devices and make sure they’re protected with a strong password.

Via BleepingComputer

WiFi 7 Mesh Routers unveiled at CES 2024 by ASUS

Post author By miranda cosgrove
Post date January 12, 2024
No Comments on WiFi 7 Mesh Routers unveiled at CES 2024 by ASUS

ASUS ZenWiFi BQ16 and BQ16 Pro WiFi 7 Mesh Routers

ASUS has recently launched a new series of mesh routers, the ZenWiFi BQ16 and BQ16 Pro, which are equipped with the latest WiFi 7 technology. These routers are designed to deliver ultra-fast internet speeds of up to 30 Gbps, making them perfect for large homes that require extensive coverage of up to 8,000 square feet. The performance of these routers has been recognized with the PC Magazine 2023 Readers’ Choice Award, highlighting their exceptional capabilities. This month new updates of also been made to the Wi-Fi 7 CERTIFIED standard.

Each router offers WiFi 7 speeds of up to 30 Gbps, up to 8,000 square feet of range, and dual 10 Gbps Ethernet ports for the future-ready smart home
Quad-band ASUS AiMesh networking technology enables high-speed backhaul, advanced dead zone reduction and a rich feature set
ASUS also announces availability of ROG Rapture GT-BE98 and GT-BE98 Pro WiFi 7 gaming routers

One of the key features that set the ZenWiFi BQ16 series apart from other routers on the market is the inclusion of dual 10 Gbps Ethernet ports. This feature ensures that users can enjoy high-speed wired connections that are on par with the wireless speeds offered by the routers. This is particularly beneficial for bandwidth-intensive activities such as streaming 4K videos or engaging in online gaming.

The WiFi 7 mesh routers make use of quad-band AiMesh technology, which is designed to enhance the WiFi experience by providing efficient backhaul and minimizing dead zones. This technology ensures that users receive consistent and reliable WiFi coverage throughout their homes, from the attic to the basement, without any interruptions.

WiFi 7 Mesh router for gaming

ASUS has also introduced routers specifically tailored for gamers, the ROG Rapture GT-BE98 and GT-BE98 Pro. These routers are built with twelve internal antennas and sixteen high-power modules to provide a seamless and lag-free gaming experience. They are designed to meet the demands of serious gamers who require uninterrupted connectivity.

ASUS ZenWiFi BQ WiFi 7 Mesh Router connections

Security is a major concern for many users, and ASUS has addressed this by including AiProtection Pro in the ZenWiFi series. This advanced security feature offers network protection without the need for additional subscription fees. It helps to keep personal data safe from external threats, giving users peace of mind.

The Smart Home Master feature is another highlight of these routers. It allows users to create dedicated subnetworks for various purposes, such as IoT devices, VPN usage, and parental controls. This feature not only improves network organization and security but also ensures that smart home devices are compatible and protected.

For families, ASUS has provided the Kid’s Network, which creates a safe online environment for children. It includes dedicated SSIDs and tools to help parents regulate screen time. Additionally, the VPN Network feature simplifies secure remote access by offering a dedicated subnetwork for VPN services.

Overall, the ASUS ZenWiFi BQ16 and BQ16 Pro WiFi 7 Mesh router systems are designed to do more than just provide internet connectivity. They offer an enhanced internet experience with advanced WiFi 7 technology, comprehensive coverage, and a suite of features that cater to security and convenience. These routers are poised to become an essential component of any modern smart home.

Filed Under: Hardware, Top News

Latest timeswonderful Deals

Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, timeswonderful may earn an affiliate commission. Learn about our Disclosure Policy.

Tags ASUS, CES, Mesh, Routers, unveiled, WiFi