broadband router

Trustwave said that a serious and easy to abuse flaw affects more than 30 models of Netgear routers totaling hundreds of thousands of devices, globally.

NetGore: Simple Flaw Affects Hundreds of Thousands of Netgear Devices

In-brief: Weeks after the Federal Trade Commission sued the firm D-Link for weak security in its broadband routers, dozens of routers made by the firm NetGear are reported to also be vulnerable to trivial hacking attacks. Small businesses including restaurants and cafés are heavy users of the devices and may be particularly vulnerable, according to experts at the firm Trustwave.

NETGEAR has patched vulnerable software for its R7000 broadband routers (pictured) but 10 other models are vulnerable, most without official patches. (Photo courtesy of NETGEAR.)

Netgear: 11 Home Router Models affected by Flaw, 3 patched

In-brief: A week after security experts at Carnegie Mellon’s CERT advised consumers about a serious security hole in home routers from the networking equipment maker NETGEAR, that firm has expanded the list of affected router models to 11, while offering official software patches for three of those models. Thousands of affected devices can be found online.

Proofpoint said a new version of the DNSChanger malware is targeting home routers.

Home Routers Under Attack via Malvertising | Proofpoint

The security firm Proofpoint is writing about a new and “improved” version of DNSChanger, an exploit kit that attacks home routers in order to serve malicious advertisements to anyone connecting through the Internet using that router. From the Proofpoint analysis: Since the end of October, we have seen an improved version of the “DNSChanger EK” [1] used in ongoing malvertising campaigns. DNSChanger attacks internet routers via potential victims’ web browsers; the EK does not rely on browser or device vulnerabilities but rather vulnerabilities in the victims’ home or small office (SOHO) routers. Most often, DNSChanger works through the Chrome browser on Windows desktops and Android devices. However, once routers are compromised, all users connecting to the router, regardless of their operating system or browser, are vulnerable to attack and further malvertising.The router attacks appear to happen in waves that are likely associated with ongoing malvertising campaigns lasting several days. Attack […]