Cisco Systems has patched high-impact vulnerabilities in several of its cable modem and residential gateway devices that are distributed by some ISPs to their customers.
A team of security researchers found serious vulnerabilities in over a dozen wireless routers and access points from Netgear and D-Link with the help of an open-source framework that can be used to perform dynamic security analysis on embedded firmware.
Attackers can easily disable SimpliSafe home security systems from up to 30 meters away by using a device that costs around $250 to create, researchers from security firm IOActive found.
Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH host keys or HTTPS server certificates.
An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them.
Several DSL routers from different manufacturers contain a guessable hard-coded password that allows accessing the devices with a hidden administrator account.
Some of the vulnerabilities could allow attackers to take over the affected devices.
Tens of routers and other embedded devices from various manufacturers likely have the flaw, security researchers said.
The devices have serious flaws that enable unauthorized remote access and DNS hijacking, a researcher found
The vulnerability allows attackers to extract admin passwords and wireless network keys
In the wake of revelations about eavesdropping Samsung and LG smart TVs, don't forget the wide world of HTPC options available.
Researchers will compete to exploit previously unknown vulnerabilities in popular home routers.
Attacks are likely to continue and manufacturers are largely unprepared to respond, security researchers say
The latest firmware for some Philips smart TVs opens an insecure Miracast wireless network by default, security researchers from ReVuln said.
Although cyberattacks caused just 6 percent of significant outages of public electronic communications networks and services in the E.U. last year, they affected more people than hardware failure, a much more common factor in service disruptions, according to a report from the European Union Agency for Network and Information Security (ENISA).
Articles by Lucian ConstantinNext Page