Articles about d-link

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Security researchers have warned that someone's obtained copies of code-signing certificates from two Taiwanese companies – and is using them to sign malware. Abusing code-signing certificates in this way is an attempt to present software nasties as the legitimate product of the vendor whose key signed it. Security vendor …

Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more

Roundup While this week was dominated by news of a new Spectre variant, the VPNFilter botnet, and TalkTalk's badbad routersrouters, plenty of other stories popped up. Here are a handful of security happenings that you may have missed. Wireless Z-Wave smart-locks, home IoT devices menaced Wireless gadgets, such as home smart locks, …
Shaun Nichols, 26 May 2018
Putin

Advanced VPNFilter malware menacing routers worldwide

A newly-disclosed malware infection has compromised more than 500,000 home and small office routers and NAS boxes. Researchers with Cisco Talos say the malware, dubbed VPNFilter, has been spreading around the globe, but appears to primarily be largely targeting machines in the Ukraine. wifi Wish you could log into someone's …
Shaun Nichols, 23 May 2018

D-Link router riddled with 0-day flaws

Updated A security researcher has shamed D‑Link by publicly disclosing 10 serious, as-yet unpatched vulnerabilities in a line of consumer-grade routers without notifying the vendor first. Security researcher Pierre Kim went public on a series of flaws in D‑Link DIR 850L wireless AC1200 dual-band gigabit cloud routers without …
John Leyden, 12 Sep 2017
White box

D-Link in Pluribus-powered white box play to target enterprise sales

D-Link has decided that white-box open networking might just be its ticket out of the consumer and small business ghettos, and into the rich enterprise market. To that effect, the outfit has linked up with Pluribus, meaning its newly-launched DXS-5000 switch is certified to run Pluribus' Netvisor network operating system. The …
Switch

D-Link resolves enterprise switch hacker risk

D-Link has resolved an authentication bypass flaw in one of its enterprise switches. Flaws in the vendor's DGS-1510 enterprise switch kit, discovered by security researchers Varang Amin and Aditya Sood, were resolved with a firmware update (pdf advisory here). Left unresolved, the security bug can create an unauthenticated …
John Leyden, 27 Feb 2017

D-Link sucks so much at Internet of Suckage security – US watchdog

America's trade watchdog is suing D-Link, alleging the router and security camera vendor failed to implement basic security protections in its gear. The FTC said that its complaint was based on D-Link's failure to take "reasonable steps" to secure its products, putting the privacy of citizens everywhere at risk as a result. " …
Shaun Nichols, 6 Jan 2017
television Test pattern

D-Link joins hands with Microsoft to give 'Super Wi-Fi' a push

D-Link and Redmond have put the paddles on 802.11af, charged the machine, and hit the button. The 2013 amendment to Wi-Fi is an air interface for “white space” frequencies (from 54 MHz to 698 MHz in the USA; Europe and the UK use a more realistic 490 to 790 MHz), with a maximum per-channel 35.6 Mbps (16 channels can be bonded …

Turn off remote admin, SOHOpeless D-Link owners

It's 2016, and D-Link still can't get its Home Network Automation Protocol (HNAP) implementation right. In a terse advisory, the Carnegie-Mellon CERT says the HNAP service in D-Link's "DIR" range of routers has a stack-based buffer overflow. “Processing malformed SOAP messages when performing the HNAP Login action causes a …
swiss_cheese_648

D-Link DWR-932 B owner? Trash it, says security bug-hunter

If you've got a D-Link DWR-932 B LTE router, you might want to fire it into the sun – or hope that a firmware upgrade lands soon. Following the consumer broadband industry's consistently lackadaisical attitude to security, the device suffers from everything from backdoor accounts to default credentials, leaky credentials, …

414,949 D-Link cameras, IoT devices can be hijacked over the net

Shodan has turned up half a million D-Link devices exposed to the internet, and subject to easy hijacking using zero-day vulnerabilities. The stack overflow vulnerabilities affect more than 120 D-Link products, from Wi-Fi cameras to routers and modems, and allow remote attackers to completely hijack the administer account of …
Darren Pauli, 8 Jul 2016
virus_1_648

D-Link spilled its private key onto the web – letting malware dress up as Windows apps

Updated Taiwanese networking kit maker D-Link leaked a private code-signing key onto the internet for anyone to download. This is rather embarrassing because this key can be used to trick Windows computers into trusting and running malware. An eagle-eyed netizen told tweakers.net on Thursday that the code-signing key appeared in a …
Chris Williams, 18 Sep 2015
Qnap TS-231+ dual bay NAS box

It's enough to get your back up: Eight dual-bay SOHO NAS boxes

Product Round-Up For a great many people, there is only one place to look when talking about storing data somewhere other than their local storage in their PC, notebook or tablet – and that’s to the cloud. Seagate STCT200 dual bay NAS box Best of both worlds: a dual-bay NAS can either double up on capacity or be configured to mirror data …
Simon Crisp, 2 Aug 2015
Skull image

Hungarian lab adds storage to D-Link SOHOpeless list

D-Link users are on the patch-your-stuff-now list again, this time for vulnerabilities in storage devices. Tests at the Hungarian Search-Lab on DNS-320, DNS-320L, DNS-327L and DNR-326 units using 30-07-2014-dated firmware yielded more than 50 vulnerabilities, including authentication bypasses and something the lab says looks …
Facepalm by Ron Mander

D-Link: sorry we're SOHOpeless

D-Link's SOHOpeless HNAP vulnerability hasn't been fixed, but readers will be pleased to know that the company is very, very, very sorry that it exists. The company issued a patch on April 10 for its design-over-substance AC3200 series routers, but that "fix" blew a hole in the device's authentication routines. Tactical …

D-Link router patch creates NEW SOHOpeless vuln

Hacker Craig Heffner says D-Link has not only failed in its bid to patch its DIR-890L router but has managed to introduce a new vulnerability instead. The Tactical Network Solutions router wrecker says D-Link's quadcopter-esque AC3200, reviewed elsewhere as " the most insane router in the history of mankind", is open to …
Darren Pauli, 16 Apr 2015
Zombie cloud

D-Link patches yet more vulns

D-Link is moving to patch a bunch of vulnerabilities in consumer products, which almost certainly means that most users either won't know the patch is happening or won't run the update. The first CERT advisory, here, covers DCS-93 series network cameras (models 930L, 931L, 932L and 933L using version 1.04 2014-04-21 of the …

D-Link removes fingers from ears, preps mass router patch

Domestic router Daddy D-Link is patching dangerous remote access flaws in several models of its networking gear. The patches follow a round of zero-day disclosures by Canadian researcher Peter Adkins early this week, after D-Link allegedly cut communication while he quietly disclosed the flaws. The most severe flaw allowed …
Darren Pauli, 4 Mar 2015

Create a news alert about d-link, or find more stories about d-link.

Biting the hand that feeds IT © 1998–2018