Categories
News

Investigadores descubren una vulnerabilidad de seguridad en los chips MediaTek que podría afectar a routers y smartphones

[ad_1]

MediaTek Los informes indican que los chips presentan una grave vulnerabilidad de seguridad que podría facilitar que los piratas informáticos aprovechen los ataques de ejecución remota de código (RCE). Según una empresa de ciberseguridad, algunos chips electrónicos presentan esta vulnerabilidad, que afecta en gran medida a dispositivos como routers y smartphones. En particular, la vulnerabilidad se informó en marzo; sin embargo, recientemente se publicó una prueba de concepto en GitHub que destaca la posibilidad de explotarla. La empresa la ha clasificado como vulnerabilidad crítica con una puntuación CVSS 3.0 de 9,8.

en BlogEl equipo de investigación de amenazas de SonicWall Capture Labs ha detallado la nueva vulnerabilidad. La vulnerabilidad ha sido clasificada como CVE-2024-20017 y descrita como una vulnerabilidad crítica sin clic. En pocas palabras, este tipo de vulnerabilidad permite a los atacantes explotar el sistema de forma remota, sin requerir ninguna acción o interacción por parte de la víctima. Esto significa que el usuario no necesita seguir ninguna plantilla utilizada en un ataque de phishing tradicional.

Los investigadores dieron a la vulnerabilidad una puntuación de 9,8, destacando su naturaleza crítica. El problema se observó específicamente en dos conjuntos de chips MediaTek Wi-Fi, el MT7622 y el MT7915, así como en los paquetes de controladores SoftAP de la serie RTxxxx. Estos kits suelen ser utilizados por fabricantes como Xiaomi, Ubiquiti y Netgear para teléfonos inteligentes y enrutadores. Según la firma de ciberseguridad, la vulnerabilidad afecta a las versiones 7.4.0.1 y anteriores de MediaTek SDK y a las versiones 19.07 y 21.02 de OpenWrt.

En cuanto a la explotación, esta vulnerabilidad abre el camino a la ejecución remota de código. Según los investigadores, los atacantes pueden utilizar una “técnica de sobrescritura de tablas a través de una cadena de programación orientada al retorno (ROP)” para recopilar información confidencial del dispositivo sin que el usuario tenga que hacer nada.

Una de las razones por las que la vulnerabilidad se destaca ahora y no en marzo cuando se descubrió por primera vez es porque una publicación en GitHub mostró una prueba de concepto de la vulnerabilidad, mostrando que era posible llevar a cabo un ataque usando CVE-2024-20017. .

Vale la pena señalar que los investigadores se pusieron en contacto con MediaTek, que emitió parches para solucionar la vulnerabilidad de seguridad. También se ha pedido a los usuarios que actualicen el firmware lo antes posible.

[ad_2]

Source Article Link

Categories
Featured

Hackers of all kinds are attacking routers across the world

[ad_1]

When hackers find a vulnerable router, they compromise it by installing malware that grants persistence, the ability to run distributed denial of service (DDoS) attacks, hide malicious traffic, and more. But what happens when the hackers find a router that was already compromised by a rival gang?

Cybersecurity researchers from Trend Micro published a report that found that one of two things happen: either one group allows the other one to use the compromised infrastructure for a fee, or they each find a different way to break into the device and they use them simultaneously.

[ad_2]

Source Article Link

Categories
Featured

TP-Link routers are still being bombarded with botnet and malware threats

[ad_1]

More than a year after a patch was released, hackers are still competing to compromise vulnerable TP-Link Wi-Fi routers.

A report from Fortinet claims half a dozen botnet operators are scanning for vulnerable TP-Link Archer AX21 (AX1800) routers after cybersecurity researchers discovered a high-severity unauthenticated command injection flaw in the endpoints early last year.

[ad_2]

Source Article Link

Categories
News

WiFi 7 Mesh Routers unveiled at CES 2024 by ASUS

ASUS ZenWiFi BQ16 and BQ16 Pro WiFi 7 Mesh Routers

ASUS has recently launched a new series of mesh routers, the ZenWiFi BQ16 and BQ16 Pro, which are equipped with the latest WiFi 7 technology. These routers are designed to deliver ultra-fast internet speeds of up to 30 Gbps, making them perfect for large homes that require extensive coverage of up to 8,000 square feet. The performance of these routers has been recognized with the PC Magazine 2023 Readers’ Choice Award, highlighting their exceptional capabilities. This month new updates of also been made to the Wi-Fi 7 CERTIFIED standard.

  • Each router offers WiFi 7 speeds of up to 30 Gbps, up to 8,000 square feet of range, and dual 10 Gbps Ethernet ports for the future-ready smart home
  • Quad-band ASUS AiMesh networking technology enables high-speed backhaul, advanced dead zone reduction and a rich feature set
  • ASUS also announces availability of ROG Rapture GT-BE98 and GT-BE98 Pro WiFi 7 gaming routers

One of the key features that set the ZenWiFi BQ16 series apart from other routers on the market is the inclusion of dual 10 Gbps Ethernet ports. This feature ensures that users can enjoy high-speed wired connections that are on par with the wireless speeds offered by the routers. This is particularly beneficial for bandwidth-intensive activities such as streaming 4K videos or engaging in online gaming.

The WiFi 7 mesh routers make use of quad-band AiMesh technology, which is designed to enhance the WiFi experience by providing efficient backhaul and minimizing dead zones. This technology ensures that users receive consistent and reliable WiFi coverage throughout their homes, from the attic to the basement, without any interruptions.

WiFi 7 Mesh router for gaming

ASUS has also introduced routers specifically tailored for gamers, the ROG Rapture GT-BE98 and GT-BE98 Pro. These routers are built with twelve internal antennas and sixteen high-power modules to provide a seamless and lag-free gaming experience. They are designed to meet the demands of serious gamers who require uninterrupted connectivity.

ASUS ZenWiFi BQ WiFi 7 Mesh Router connections

Security is a major concern for many users, and ASUS has addressed this by including AiProtection Pro in the ZenWiFi series. This advanced security feature offers network protection without the need for additional subscription fees. It helps to keep personal data safe from external threats, giving users peace of mind.

The Smart Home Master feature is another highlight of these routers. It allows users to create dedicated subnetworks for various purposes, such as IoT devices, VPN usage, and parental controls. This feature not only improves network organization and security but also ensures that smart home devices are compatible and protected.

For families, ASUS has provided the Kid’s Network, which creates a safe online environment for children. It includes dedicated SSIDs and tools to help parents regulate screen time. Additionally, the VPN Network feature simplifies secure remote access by offering a dedicated subnetwork for VPN services.

Overall, the ASUS ZenWiFi BQ16 and BQ16 Pro WiFi 7 Mesh router systems are designed to do more than just provide internet connectivity. They offer an enhanced internet experience with advanced WiFi 7 technology, comprehensive coverage, and a suite of features that cater to security and convenience. These routers are poised to become an essential component of any modern smart home.

Filed Under: Hardware, Top News





Latest timeswonderful Deals

Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, timeswonderful may earn an affiliate commission. Learn about our Disclosure Policy.