[HackerNews] Hackers Exploiting New Auth Bypass Bug Affecting Millions of Arcadyan Routers

Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure.
Tracked as CVE-2021-20090 (CVSS score: 9.9), the weakness concerns a path traversal vulnerability in the web interfaces of routers

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Google Intros SLSA Framework to Enforce Supply Chain Integrity

All posts, Security Week

Google wants to bring “salsa” to drive enforcement at the software supply chain security party. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] Live Cybersecurity Webinar — Deconstructing Cobalt Strike

All posts, HackerNews

Organizations’ cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization’s environment and […]

Read More

Daily NCSC-FI news followup 2021-10-22

Ransomware: Looking for weaknesses in your own network is key to stopping attacks www.zdnet.com/article/ransomware-looking-for-weaknesses-in-your-own-network-is-key-to-stopping-attacks/ Ransomware is a major cybersecurity threat to organisations around the world, but it’s possible to reduce the impact of an attack if you have a thorough understanding of your own network and the correct protections are in place. While the best […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.