Tag Archive for: router

Best Mesh Wi-Fi Router Systems of April 2024

/in



Lena is a freelance contributor to Newsweek’s small business team. A business owner herself, today she advises on business owners of all kinds on proper management, software, and tools to …

Source…

That home router botnet the Feds took down? Moscow’s probably going to try again • The Register

/in


Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that Russia may try again, so owners of the devices should take precautions.

Revealed in February, the takedown was led by US authorities and at the time was said to have “disabled” a campaign staged by Russia’s GRU military intelligence unit. The crew cracked the SOHO routers and infected them with malware named Moobot – a variant of the infamous Mirai malware.

Moobot allowed GRU and its minions to install and run scripts to build a 1,000-strong botnet, which it used for power phishing, spying, credential harvesting, and data theft.

Given the triumphant tone of the takedown announcement, Ubiquiti users may have felt they were no longer at risk.

But on Tuesday the FBI issued a joint advisory [PDF] on behalf of the US, Belgium, Brazil, France, Germany, Latvia, Lithuania, Norway, Poland, South Korea, and the United Kingdom. The document urges Ubiquiti owners to get patching.

“Owners of relevant devices should take the remedial actions described below to ensure the long-term success of the disruption effort and to identify and remediate any similar compromises,” the document cautions.

Those actions are:

  • Perform a hardware factory reset;
  • Upgrade to the latest firmware version;
  • Change any default usernames and passwords;
  • Implement strategic firewall rules on WAN-side interfaces.

The advisory also offers more detail on how GRU – specifically 85th Main Special Service Center (GTsSS), also known as APT28, Fancy Bear, and Forest Blizzard (Strontium) – went about its dirty deeds.

At the time of the takedown, US authorities remarked that this botnet differed from past GRU efforts in that it used off-the-shelf malware. The advisory reveals that APT28 also wrote its own package for this heist.

Called MASEPIE, the malware was directed by the Ubiquiti-based botnet and is described as “a small Python backdoor capable of executing arbitrary commands on victim machines.”

“Data sent to and from the EdgeRouters was encrypted using a randomly generated 16-character AES key,” the advisory…

Source…

TP-Link Deco X55 router dives to just $69.99 in best deal yet

/in


TP Link Deco X55 Wi Fi 6 Mesh System Promo Image

We use our routers every day and grumble if we get sub-optimal speeds or poor signal, so why not do something about it? TP-Link is among the top brands in the connectivity space, and the TP-Link Deco X55 Wi-Fi 6 Mesh Router has never been cheaper than it is today. If you catch the deal in time, you can upgrade for just $69.99.

TP-Link Deco X55 Wi-Fi 6 Mesh Router for $69.99 ($40 off)

This is the best price we’ve tracked on the home W-Fi device since it was launched around 18 months ago, and there are similar savings to be had on the bundle options. A two-pack of the routers is currently available for $138.99 (down from $200), while the three-pack is on offer for $169.99 (down from $280). Again, these are record-low prices in each case.

TP-Link Deco X55 Wi-Fi 6 Mesh SystemTP-Link Deco X55 Wi-Fi 6 Mesh System

TP-Link Deco X55 Wi-Fi 6 Mesh System

TP-Link once again manages to offer good mesh Wi-Fi at a great price.

This single Deco X55 covers up to 2,500 square feet, but you can expand coverage substantially by adding others. Each one offers three gigabit Ethernet ports, which can optionally be used to create a wired mesh backhaul.

The TP-Link Deco X55 is a good way to bring Wi-Fi 6 technology and eliminate weak signals across up to 2,500 square feet — or 6,500 square feet with three units. This system, consisting of three units, is designed to support a multitude of up to 150 devices simultaneously, ensuring a robust and reliable Wi-Fi connection throughout your space.

Each Deco X55 is equipped with three Gigabit Ethernet ports for connectivity variety, and the system’s AI-driven mesh technology smartly adapts to your home’s unique networking needs, optimizing Wi-Fi distribution based on environmental factors and usage patterns. Setup and ongoing management are simplified through the intuitive Deco app, making network administration straightforward and user-friendly.

Ready to upgrade? Follow the widget above to find the deal.

Source…

Fancy Bear sniffs out Ubiquiti router users

/in


The American authorities have warned users of Ubiquiti’s EdgeRouter products that they may be at risk of being targeted by the Russian state threat actor Fancy Bear, also known as APT28 and Forest Blizzard/Strontium.

In a coordinated advisory, to which partner agencies including the UK’s National Cyber Security Centre (NCSC) and counterparts in Belgium, Brazil, France, Germany, Latvia, Lithuania, Norway, Poland and South Korea also put their signatures, the FBI, National Security Agency (NSA) and US Cyber Command urged users of the affected products to be on their guard.

Fancy Bear, and Forest Blizzard (Strontium), have used compromised EdgeRouters globally to harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear phishing landing pages and custom tools,” read the advisory.

Users of EdgeRouters have been told to perform a factory reset, upgrade to the latest firmware version, change default usernames and credentials, and implement strategic firewall rules on WAN-side interfaces.

Ubiquiti EdgeRouters have become popular among users and threat actors alike thanks to a user-friendly, Linux-based operating system. Unfortunately, they also contain two highly dangerous flaws – the devices often ship with default credentials and have limited firewall protections, and they do not automatically update their firmware unless the user has configured them to do so.

Fancy Bear is using compromised routers to harvest victim credentials, collect digests, proxy network traffic and host spear phishing landing pages and other custom tools. Targets of the operation include academic and research institutions, embassies, defence contractors and political parties, located in multiple countries of interest to Russian intelligence, including Ukraine.

“No part of a system is immune to threats,” said NSA cyber security director Rob Joyce. “As we have seen, adversaries have exploited vulnerabilities in servers, in software, in devices that connect to systems, in user credentials, in any number of ways. Now, we see Russian state-sponsored cyber actors abusing compromised routers and we are joining this CSA to provide mitigation recommendations.”

Dan Black,…

Source…