Articles about routers

Cisco logo on wall

Party like it's 1999: Packets of death, code exec menace Cisco gear

Cisco has advised net admins using switches that run its Fabric Services on FXOS, or NX-OS software, to update their boxes following the discovery of a critical security flaw. Switchzilla said CVE-2018-0304 can be exploited by an attacker to shut down the network boxes or remotely execute malicious code on them simply by …
Shaun Nichols, 12 Jul 2018
Putin

Advanced VPNFilter malware menacing routers worldwide

A newly-disclosed malware infection has compromised more than 500,000 home and small office routers and NAS boxes. Researchers with Cisco Talos say the malware, dubbed VPNFilter, has been spreading around the globe, but appears to primarily be largely targeting machines in the Ukraine. wifi Wish you could log into someone's …
Shaun Nichols, 23 May 2018
Illustration of someone's privacy being invaded

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

Taiwanese network kit maker DrayTek has 'fessed up to a vulnerability in a large number of its routers which could allow miscreants to hijack internet traffic or steal personal data. The flaw means attackers could remotely alter DNS settings on 28 Vigor model routers. DrayTek has released a series of firmware updates …
Kat Hall, 21 May 2018
Spock

Congratulations, we all survived Star Wars day! Now for some security headaches

Roundup May is already upon us, and as usual it has been a busy week for security news. Here's a summary of what didn't make it into El Reg this week, well, until now. Son of a glitch! Brainiacs at Vrije Universiteit in Amsterdam have detailed an attack called GLitch. It exploits Adreno GPUs built into Qualcomm-powered system-on-chips …
Shaun Nichols, 5 May 2018

The big two-oh-oh: Cisco gobbles comms biz Broadsoft for $1.9bn

Cisco has snapped up its two-hundredth acquisition in the form of unified comms biz Broadsoft for $1.9bn (£1.4bn) – its latest attempt to move away from its lacklustre legacy business of switches and routers. The Maryland-based outfit sells software and services that enable mobile, fixed-line and cable service providers to …
Kat Hall, 23 Oct 2017
Semaphore hello

Boffins get routers spilling secrets through their LEDs

Back in February, it was hard drive lights that leaked data. Now, the side-channel experts at Israel's Ben-Gurion University have applied a similar principle to routers. The attraction of signalling from a router is clear: is you can get the router to leak admin credentials, you don't just p0wn one machine, but probably the …

Home-pwners: Cisco's Prime Home lets hackers hijack people's routers, no questions asked

Cisco is advising ISPs and other service providers using its Prime Home system to install a security update immediately – to squash a serious remote execution bug. Switchzilla says the flaw, which was given a 10.0 CVSS score, could allow an attacker to log into the software as an administrator and remotely take control of …
Shaun Nichols, 1 Feb 2017
Netgear R8000 router

WTF is your problem, Netgear? Another hijack hole found in its routers

Researchers are warning of a serious security hole that can be exploited to hijack potentially hundreds of thousands of Netgear routers. The programming blunder allows an attacker with access to the router to harvest the administrator access password. A victim could visit a malicious webpage that uses JavaScript to exploit the …
Shaun Nichols, 31 Jan 2017
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Mirai variant turns TalkTalk routers into zombie botnet agents

Hundreds of Mirai-infected home routers across the UK are currently acting as DDoS bots. The vast majority (99 per cent) of these 2,398 Mirai-infected devices are TalkTalk routers, according to security researchers at DDoS mitigation firm Imperva Incapsula. “The botnet devices’ geolocation is very uncommon for DDoS botnets …
John Leyden, 8 Dec 2016
Confused/annoyed looking man looks irritated during outage. Photo via Shutterstock

Google's Chromecast Audio busted BT home routers – now it has a fix

Google has kicked out a workaround of sorts for Chromecast Audio devices that have been causing BT routers to constantly reset themselves. The Mountain View ads giant is advising BT subscribers to, if possible, find another router they can use to connect their Chromecast Audio unit to in order to get the latest version of the …
Shaun Nichols, 29 Nov 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Fun fact of the day: Network routers are illegal in Japan

There's no doubt that the internet has caused massive shakeups in laws across the globe, but in Japan the law has an unusual kink: internet routers are technically illegal. Except they're not. Because under a very Japanese rule, the ability of electronic equipment to read a packet header both violates the law and "seems not …
Profits down, image via Shutterstock

Cisco drags down the Ethernet switch market, routers grow a little

The Ethernet market remains limp, with IDC's first-quarter data showing a mere 1.4 per cent increase compared with the first quarter of 2015. By contrast, the number-cruncher reckons the router market expanded by a still-disappointing 3.3 per cent. The only Ethernet geography to show double-digit growth was the Asia Pacific, …
Cartoon man with hat and tie. Facial features replaced by question mark.

Pair publishes python framework for rapid router wrecking

Polish hacker Marcin Bury and developer Mariusz Kupidura have published a capable Python-based router exploitation framework to help hackers better own bit-moving boxen. Bury says the "RouterSploit" tool is similar to the popular Metasploit framework, and sports exploit modules to help hackers own certain routers. The hacker …
Darren Pauli, 26 Apr 2016

Popular cable modem vulnerable to remote reboot/reset flaw

Updated Security defence man David Longenecker says millions of users could have their internet connections severed thanks to a flaw in Surfboard SB6141 modems. The soon-to-be-patched cross-site request forgery flaw allows attackers to cut off users from the internet until their modem renegotiates with the ISP and reconfigures itself …
Darren Pauli, 11 Apr 2016

Optus cable routers let anyone change passwords, says tech

University of Sydney tech Paul Szabo says Netgear routers provided by Australian telco Optus contain a vulnerability that allows attackers to change admin passwords without knowing the existing credentials. The bug in the CG3000v2 cable modem means attackers could enter anything into the current password field to change the …
Darren Pauli, 17 Mar 2016

Building automation systems are so bad IBM hacked one for free

An IBM-led penetration testing team has thoroughly owned an enterprise building management network in a free assessment designed to publicise the horrid state of embedded device security. The IBM X-Force team of Paul Ionescu, Jonathan Fitz-Gerald, John Zuccato, and Warren Moynihan, along with Akamai engineer Brennan Brazeau, …
Darren Pauli, 11 Feb 2016
Belkin N150 router

Belkin's N150 router is perfect for learning hacking skills – wait, what, it's in production?

Belkin's home routers can be commandeered by hackers, thanks to a Telnet backdoor, a cross-site request forgery (CSRF) vulnerability and other bugs, we're told. Security researcher Rahul Pratap Singh warns that the Belkin N150's builtin web server, provided so users can configure their kit, doesn't perform enough checks on …
Shaun Nichols, 1 Dec 2015

600,000 cable modems have an easy to pop backdoor in a backdoor

Security bod Bernardo Rodrigues has found a backdoor-within-a-backdoor affecting some 600,000 Arris cable modems. The broadband kit company said, in a statement to El Reg, that it is working "around the clock" to fix the problems. Rodrigues (@bernardomr), a vulnerability tester with Brazil's Globo television network, reported …
Darren Pauli, 20 Nov 2015

Create a news alert about routers, or find more stories about routers.

Biting the hand that feeds IT © 1998–2018