The Ukrainian Secret Service (SBU) said today it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region.
Security researchers are continuing to see DDoS attacks that leverage the UPnP features of home routers to alter network packets and make DDoS attacks harder to detect and mitigate with classic solutions.
Hackers are exploiting a vulnerability in Cisco software to crash and/or retrieve information from affected devices. Cisco is aware of the issue and has warned customers last week, Friday, June 22.
The mystery of the recent surge in port 8000 scan activity has been solved today by security researches from Qihoo 360 Netlab, who tracked this week's mystery traffic to an old foe —the Satori IoT botnet.
The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought.
With the recent report about the VPNFilter router infection, the FBI has advised everyone to reboot their router. This article explains why this is not enough and that more steps are needed to fully remove the infection and protect your device.
Security researchers from Cisco said today that they've detected a giant botnet of hacked routers that appears to be preparing for a cyber-attack on Ukraine.
Attacks on Dasan GPON routers are continuing to happen using two vulnerabilities disclosed last month, but today, researchers from Qihoo 360 Netlab have revealed that one botnet operator appears to have deployed a new zero-day affecting the same router types.
DrayTek, a Taiwan-based manufacturer of broadband CPE (Customer Premises Equipment) such as routers, switches, firewalls, and VPN devices, announced today that hackers are exploiting a zero-day vulnerability to change DNS settings on some of its routers.
Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.
A Brazilian ISP appears to have deployed routers without a Telnet password for nearly 5,000 customers, leaving the devices wide open to abuse.
Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control.
MikroTik has released firmware patches for RouterOS, the operating system that ships with some of its routers. The patches fix a zero-day vulnerability exploited in the wild.
A recent survey of 2,205 regular users has proven once again that most people don't update router firmware, don't change default credentials, and don't generally know how to secure their devices.
A joint alert issued by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC) warns that Russian state-sponsored cyber actors are actively targeting home and enterprise routers.
Malware authors have hijacked DNS settings on vulnerable routers to redirect users to sites hosting Android malware.
Cyber-espionage groups —also referred to as advanced persistent threats (APTs)— are using hacked routers more and more during their attacks, according to researchers at Kaspersky Lab.
Botnet operators and cyber-espionage groups (APTs) are abusing the Universal Plug and Play (UPnP) protocol that comes with all modern routers to proxy bad traffic and hide their real location from investigators.