New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named 'ShadowV2' has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. [...]
Stay updated on D-Link's latest information security news, insights, and updates with in-depth analysis and expert opinions.
Search across headline titles and summaries.
Background for this topic.
D-Link makes networking and connected devices such as home and small-business routers, access points, switches, cameras, and network-attached storage. These products matter in information security because they sit at network boundaries or hold sensitive traffic, video, and files. Security advisories usually apply to a particular model, hardware revision, and firmware version—not to every D-Link device.
Commonly relevant weaknesses include flaws in web administration, authentication bypass, command injection, and exposed management services. An internet-facing or end-of-life device may remain exploitable when updates are unavailable or unapplied, while cameras and storage systems can expose private content if access controls fail. Defenders should inventory exact models and firmware, apply applicable updates, replace unsupported equipment, restrict administration to trusted networks, disable unnecessary remote management and UPnP, and change default credentials. Logs and network telemetry can help identify suspicious administration or unexpected outbound connections from affected devices.
A new Mirai-based botnet malware named 'ShadowV2' has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. [...]