Feds Confirm Remote Killing of Volt Typhoon's SOHO Botnet
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
Netgear makes networking devices whose firmware vulnerabilities and security advisories can affect the confidentiality and access of connected networks.
Search across headline titles and summaries.
Background for this topic.
Netgear is a manufacturer of networking equipment, including consumer and small-business routers, cable and DSL gateways, switches, wireless access points, and network-attached storage. In security reporting, the tag generally concerns vulnerabilities, firmware, configuration, and support status for these internet-connected devices and their management interfaces.
These products can expose administrative services to the internet or local networks, making flaws such as authentication bypass, command injection, or outdated components operationally significant when they affect a particular model and firmware version. Defenders should identify exact device models and versions, monitor Netgear advisories, apply firmware updates from trusted sources, disable unnecessary remote administration and UPnP, and replace devices that no longer receive fixes. Compromised routers or gateways may also provide attackers with network access or enable traffic redirection, so unusual configuration changes and unexpected outbound connections merit investigation.
Weekly headline count for the current query.
The China-backed APT was using the botnet, made up of mostly end-of-life, patchless routers from Cisco and Netgear, to set up shop inside US critical infrastructure.
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.