Articles about routers

The big two-oh-oh: Cisco gobbles comms biz Broadsoft for $1.9bn

Cisco has snapped up its two-hundredth acquisition in the form of unified comms biz Broadsoft for $1.9bn (£1.4bn) – its latest attempt to move away from its lacklustre legacy business of switches and routers. The Maryland-based outfit sells software and services that enable mobile, fixed-line and cable service providers to …
Kat Hall, 23 Oct 2017
Semaphore hello

Boffins get routers spilling secrets through their LEDs

Back in February, it was hard drive lights that leaked data. Now, the side-channel experts at Israel's Ben-Gurion University have applied a similar principle to routers. The attraction of signalling from a router is clear: is you can get the router to leak admin credentials, you don't just p0wn one machine, but probably the …

Home-pwners: Cisco's Prime Home lets hackers hijack people's routers, no questions asked

Cisco is advising ISPs and other service providers using its Prime Home system to install a security update immediately – to squash a serious remote execution bug. Switchzilla says the flaw, which was given a 10.0 CVSS score, could allow an attacker to log into the software as an administrator and remotely take control of …
Shaun Nichols, 1 Feb 2017
Netgear R8000 router

WTF is your problem, Netgear? Another hijack hole found in its routers

Researchers are warning of a serious security hole that can be exploited to hijack potentially hundreds of thousands of Netgear routers. The programming blunder allows an attacker with access to the router to harvest the administrator access password. A victim could visit a malicious webpage that uses JavaScript to exploit the …
Shaun Nichols, 31 Jan 2017
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Mirai variant turns TalkTalk routers into zombie botnet agents

Hundreds of Mirai-infected home routers across the UK are currently acting as DDoS bots. The vast majority (99 per cent) of these 2,398 Mirai-infected devices are TalkTalk routers, according to security researchers at DDoS mitigation firm Imperva Incapsula. “The botnet devices’ geolocation is very uncommon for DDoS botnets …
John Leyden, 8 Dec 2016
Confused/annoyed looking man looks irritated during outage. Photo via Shutterstock

Google's Chromecast Audio busted BT home routers – now it has a fix

Google has kicked out a workaround of sorts for Chromecast Audio devices that have been causing BT routers to constantly reset themselves. The Mountain View ads giant is advising BT subscribers to, if possible, find another router they can use to connect their Chromecast Audio unit to in order to get the latest version of the …
Shaun Nichols, 29 Nov 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Fun fact of the day: Network routers are illegal in Japan

There's no doubt that the internet has caused massive shakeups in laws across the globe, but in Japan the law has an unusual kink: internet routers are technically illegal. Except they're not. Because under a very Japanese rule, the ability of electronic equipment to read a packet header both violates the law and "seems not …
Profits down, image via Shutterstock

Cisco drags down the Ethernet switch market, routers grow a little

The Ethernet market remains limp, with IDC's first-quarter data showing a mere 1.4 per cent increase compared with the first quarter of 2015. By contrast, the number-cruncher reckons the router market expanded by a still-disappointing 3.3 per cent. The only Ethernet geography to show double-digit growth was the Asia Pacific, …

Pair publishes python framework for rapid router wrecking

Polish hacker Marcin Bury and developer Mariusz Kupidura have published a capable Python-based router exploitation framework to help hackers better own bit-moving boxen. Bury says the "RouterSploit" tool is similar to the popular Metasploit framework, and sports exploit modules to help hackers own certain routers. The hacker …
Darren Pauli, 26 Apr 2016

Popular cable modem vulnerable to remote reboot/reset flaw

Updated Security defence man David Longenecker says millions of users could have their internet connections severed thanks to a flaw in Surfboard SB6141 modems. The soon-to-be-patched cross-site request forgery flaw allows attackers to cut off users from the internet until their modem renegotiates with the ISP and reconfigures itself …
Darren Pauli, 11 Apr 2016

Optus cable routers let anyone change passwords, says tech

University of Sydney tech Paul Szabo says Netgear routers provided by Australian telco Optus contain a vulnerability that allows attackers to change admin passwords without knowing the existing credentials. The bug in the CG3000v2 cable modem means attackers could enter anything into the current password field to change the …
Darren Pauli, 17 Mar 2016

Building automation systems are so bad IBM hacked one for free

An IBM-led penetration testing team has thoroughly owned an enterprise building management network in a free assessment designed to publicise the horrid state of embedded device security. The IBM X-Force team of Paul Ionescu, Jonathan Fitz-Gerald, John Zuccato, and Warren Moynihan, along with Akamai engineer Brennan Brazeau, …
Darren Pauli, 11 Feb 2016
Belkin N150 router

Belkin's N150 router is perfect for learning hacking skills – wait, what, it's in production?

Belkin's home routers can be commandeered by hackers, thanks to a Telnet backdoor, a cross-site request forgery (CSRF) vulnerability and other bugs, we're told. Security researcher Rahul Pratap Singh warns that the Belkin N150's builtin web server, provided so users can configure their kit, doesn't perform enough checks on …
Shaun Nichols, 1 Dec 2015

600,000 cable modems have an easy to pop backdoor in a backdoor

Security bod Bernardo Rodrigues has found a backdoor-within-a-backdoor affecting some 600,000 Arris cable modems. The broadband kit company said, in a statement to El Reg, that it is working "around the clock" to fix the problems. Rodrigues (@bernardomr), a vulnerability tester with Brazil's Globo television network, reported …
Darren Pauli, 20 Nov 2015

German Govt mulls security standards for SOHOpeless routers

The German Government is mulling an assessment of the security chops of consumer routers in a bid to lift current abysmal standards and help inform buyers. Berlin's Ministry of the Interior IT security office says it wants to test routers for support of security features like WPS, encryption, and brute force protection of …
Darren Pauli, 21 Oct 2015

Boffin's easy remote hijack hack pops scores of router locks

Thousands of routers mandated for use by a major Singaporean telco and operated by 'top enterprises" around the world are open to a remote zero day exploit that allows routers to be completely hijacked and is indefensible by most users. Vantage Point Security senior security consultant Lyon Yang does not wish to disclose the …
Darren Pauli, 11 Oct 2015

Vigilante VXer FIXES SOHOpeless routers

Threat boffin Mario Ballano says VXers have broken into a host of routers creating a botnet dedicated solely to securing and hardening the devices. The Symantec security man says the botnet first detected in November last year has not launched a single denial of service attack or undergone any form of black hat activity in the …
Darren Pauli, 2 Oct 2015

SOHOpeless: Belkin router redirection zero-day

Security bod Joel Land has reported zero-day holes in a popular model of Belkin router allowing attackers to yank cleartext credentials, spoof DNS responses, and pop admin interfaces. The Belkin N600 DB Wireless Dual Band N+ box released in 2012 and selling for around AUD$150 contains five vulnerabilities from slack randomness …
Darren Pauli, 2 Sep 2015

Create a news alert about routers, or find more stories about routers.

Biting the hand that feeds IT © 1998–2017