Category Archives: Network security

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek.According to the report, at least two separate groups of hackers exploited two critical remote command injection vulnerabilities (CVE-2020-8515) affecting DrayTek Vigor

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic.Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.Dubbed 'Kr00k' and tracked as CVE-2019-15126, the flaw could let nearby remote attackers intercept and decrypt some

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf.The impersonation attack — named "IMPersonation Attacks in 4G NeTworks" (or IMP4GT) — exploits the mutual authentication

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

Several Cisco-manufactured network equipments have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power.Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a

How Organizations Can Defend Against Advanced Persistent Threats

Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time.They typically perform complex hacks that allow them to steal or destroy data and resources.According to Accenture, APTs have been organizing themselves into groups that

14 Ways to Evade Botnet Malware Attacks On Your Computers

Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score.Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity.Solutions span a broad

Gartner Says the Future of Network Security Lies with SASE

Cloud services and networking are driving the concept of digital businesses, yet traditional networking and cybersecurity architectures are far from meeting the demands of the digital business.Gartner's "The Future of Network Security Is in the Cloud" report spells out the potential for the transformation of networking and security in the cloud, built upon a new networking and security model

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you.A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow