Linksys asks users to reset passwords after hackers hijacked home routers last month – ZDNet
Linksys asks users to reset passwords after hackers hijacked home routers last month ZDNet
“HTTPS hijacking” – read more
Tag Archive for: Linksys
>20,000 Linksys routers leak historic record of every device ever connected
(credit: US Navy)
This post has been updated to add comments Linksys made online, which says company researchers couldn’t reproduce the information disclosure exploit on routers that installed a patch released in 2014. Representatives of Belkin, the company that acquired Linksys in 2013, didn’t respond to the request for comment that Ars sent on Monday. Ars saw the statement only after this article went live.
More than 20,000 Linksys wireless routers are regularly leaking full historic records of every device that has ever connected to them, including devices’ unique identifiers, names, and the operating systems they use. The data can be used by snoops or hackers in either targeted or opportunistic attacks.
(credit: Troy Mursch)
Independent researcher Troy Mursch said the leak is the result of a flaw in almost three dozen models of Linksys routers. It took about 25 minutes for the Binary Edge search engine of Internet-connected devices to find 21,401 vulnerable devices on Friday. A scan earlier in the week found 25,617. They were leaking a total of 756,565 unique MAC addresses. Exploiting the flaw requires only a few lines of code that harvest every MAC address, device name, and operating system that has ever connected to each of them.
Read 9 remaining paragraphs | Comments
Got one of these 20+ Linksys Smart Wi-Fi routers? Bad news. 10 security vulnerabilities discovered
Linksys is working on a firmware update for 10 security vulnerabilities affecting its “Smart” Wi-Fi series of routers.
David Bisson reports.
Flaws let attackers hijack multiple Linksys router models
Two dozen Linksys router models are vulnerable to attacks that could extract sensitive information from their configurations, cause them to become unresponsive and even completely take them over.
The vulnerabilities were discovered by senior security consultant Tao Sauvage from IOActive and independent security researcher Antide Petit while working together to analyze the Linksys EA3500 Smart Wi-Fi wireless router.
The two researchers found a total of 10 vulnerabilities that affect not only the EA3500, but two dozen different router models from Linksys’ Smart Wi-Fi, WRT and Wireless-AC series. Even though these devices are marketed as consumer products, it’s not unusual to find them running in small business and home office environments.
To read this article in full or to leave a comment, please click here