Thousands of DrayTek Routers at Risk From 14 Vulnerabilities

October 3, 2024 at 06:02PM Thousands of DrayTek routers are at risk due to 14 newly discovered firmware vulnerabilities, enabling remote code execution, denial-of-service attacks, and injection of malicious code. Forescout’s Vedere Labs found over 704,000 exposed routers, urging proactive security measures in addition to patching. Threat actors, including nation-state actors, are actively targeting vulnerable … Read more

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers

May 31, 2024 at 07:36AM Over 600,000 small office/home office (SOHO) routers of a single ISP were disabled by the Chalubo remote access trojan (RAT) in a deliberate event, impacting model from ActionTec and Sagemcom. The incident occurred over 72 hours in late October 2023. Lumen Technologies reported 49% of the impacted routers were offline … Read more

Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto

October 25, 2023 at 06:50PM Security researchers successfully hacked the Samsung Galaxy S23 smartphone multiple times during the Pwn2Own 2023 hacking competition in Canada. They also discovered vulnerabilities in other devices such as printers, routers, smart speakers, surveillance systems, and NAS devices. The competition offers significant cash prizes, totaling over $1 million, for finding zero-day … Read more

Cisco warns of new IOS XE zero-day actively exploited in attacks

October 16, 2023 at 11:52AM Cisco has warned administrators about a severe zero-day vulnerability in its IOS XE Software that allows attackers to gain full control of affected routers. The vulnerability, identified as CVE-2023-20198, only affects devices with the Web User Interface feature enabled and the HTTP or HTTPS Server feature toggled on. Cisco advises … Read more