Browsing tag
Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in an advisory, said […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. It was fixed in version 2.1. Details […]
Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is “low-sensitivity and semi-public information.” “The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015,” the company said. “The […]
D-Link has refused to patch a serious security flaw that has affected the four models of its home routers. The vulnerability tagged as CVE-2019-16920 allows anyone to remotely execute code and gain access to the router. It has affected the following D-Link router models: D-Link DIR-655 D-Link DIR-866L D-Link DIR-652 D-Link DHP-1565 The flaw was […]
Web application security specialists have discovered a set of vulnerabilities in D-Link and Comba WiFi routers that, if exploited, could leak the passwords of the owners. The researchers, from security firm Trustwave, discovered these five flaws, which could be considered critical. Experts discovered two flaws in the firmware of D-Link DSL-2875AL and DSL-2877AL wireless routers. […]
D-Link has agreed to make some security enhancements that have reorganized the company’s security platform to resolve disputes from the Federal Trade Commission (FTC) because it has misinterpreted the security of its product. The case stems from complaints from corporate routers and IoT cameras against D-Link in 2017 that disclosed confidential consumer information to third […]
Researchers discovered a new wave of Mirai Variant that used 13 different exploits to attack various router models and other network devices. These exploits are associated with this new Mirai variant capable of launching backdoor and distributed denial-of-service (DDoS) attacks. Mirai malware has strong records of infecting poorly managing IoT devices and performing DDOS attacks […]
Cloud cameras (AKA IP Cameras) provide convenient and easy to use visual monitoring device for offices, houses, and shops of all sizes. It is slowly but surely replacing the bulky and complicated CCTV (closed-circuit television) systems, and for the right reason, primarily due to its easy expandability. However, since this kind of system is always […]
A WiFi camera (model DCS-2123L) designed by the manufacturer D-Link contains critical vulnerabilities that would allow a hacker to intercept and visualize the recordings stored on the device, in addition to altering the firmware, as mentioned by cyber forensics course specialists. The company has not completely corrected the flaws in this camera, which is one […]
Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take control over some models of D-Link routers A group of digital forensics investigators from the Silesian University of Technology in Poland reported the founding of three vulnerabilities in some D-Link router models that could be chained to take full control over […]
Five out of six brand routers such as Linksys, NETGEAR, and D-Link, contain known open-source vulnerabilities Experts in digital forensics report an exorbitant figure regarding to the use of domestic and organizational tasks routers, since 83% of these devices contain vulnerabilities that could be exploited to deploy numerous cyberattacks. Of vulnerable routers, more than a quarter contain critical and high-risk vulnerabilities, according to a report published this week […]
After an investigation, security professionals have found a backdoor account in the firmware of the D-Link DIR-620 routers; this allows malicious actors to take over any device accessible through the Internet. This backdoor, was found by Kaspersky Lab’s information security experts, the backdoor grants access to the device’s web panel, and there is no way that device […]
In yet another revelation of severe loopholes, a security researcher James Bercegay from Gulftech has discovered a backdoor in some models of the My Cloud NAS (Network-attached storage) drive family, manufactured by Western Digital. According to the blog post, the vulnerabilities, which include a hardcoded backdoor, can be used to access files even on a […]
Bitcoin mining websites became the new fashion of 2017 and there is no dust on that but when it comes to compromise websites to host such fashion it becomes a headache (well to the consumers at least). Have you heard about KRACK the WPA2 vulnerability? If you did you probably was searching for your device/router vendor’s patch, […]
Embedi, a hardware security firm, has published details about two vulnerabilities that have yet to be patched in the firmware of D-Link routers. This marks the second incident of this sort in the last five days. Last Friday, South Korean security researcher Pierre Kim also published public detailsabout ten unpatched vulnerabilities in D-Link routers. The researcher […]
Almost a year after the emergence of the Mirai botnet, smart devices are still facing a barrage of credential attacks, and a device left connected to the Internet with default credentials will be hijacked in about two minutes. This is the result of a recent experiment carried out by Johannes B. Ullrich, a member of the SANS […]
The FTC has filed a lawsuit against D-Link for failing to protect its customers against ‘well known and easily preventable software security flaws’ in its routers and IoT cameras. The United States Federal Trade Commission (FTC) has filed a lawsuit against D-Link, claiming the company put thousands of customers at risk of unauthorised access by […]
This is how a $30 D-Link webcam can be converted into a backdoor. Researchers at US security firm Vectra Networks have hacked a ‘tiny’ D-Link web camera and demonstrated how it can be abused by cybercriminals and turned into a medium to steal data or for sending additional commands. In other words, they have shown how the […]
Researchers have found that thousands of Internet gateways, routers, modems and other embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks that open the door to more extensive intrusions that jeopardize encrypted data. This type of certificate reuse and sharing of SSH keys is apparently all too common among connected […]
A simple mistake by networking gear manufacturer D-Link could have opened the door for costly damage. Private keys used to sign software published by D-Link were found in the company’s open source firmware packages. While it’s unknown whether the keys were used by malicious third parties, the possibility exists that they could have been used […]