Attackers Exploit Zero-Day in End-of-Life D-Link Routers
Hackers are attacking a critical zero-day flaw in unsupported D-Link DSL routers to run arbitrary commands.
Routers are network gateways whose flaws, misconfigurations, or exposed interfaces can enable unauthorized access, interception, or service disruption.
Search across headline titles and summaries.
Background for this topic.
Routers are network devices that forward packets between separate networks, using destination addresses to choose a path. A home router usually connects a local network to the internet and may also provide wireless access, address assignment, network address translation, firewall rules, VPN termination, or DNS forwarding. Enterprise routers can connect internal segments, data centers, and remote sites.
In security, a router is both a traffic-control point and an attack surface. Vulnerable firmware, exposed administrative services, weak credentials, or unnecessary remote management can let an attacker alter routing, redirect traffic, or use the device to reach other systems; misconfigured rules can expose internal services. Reduce risk by keeping firmware supported and updated, restricting management to trusted networks, using strong unique authentication, disabling unneeded services, separating networks, and reviewing logs and configurations. During an incident, router configuration and routing or DNS changes can provide useful evidence, while tested backups help restore trusted connectivity.
Hackers are attacking a critical zero-day flaw in unsupported D-Link DSL routers to run arbitrary commands.
A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild
Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago. [...]
Also, Korean Air hacked, EmEditor installer hijacked, a perfect 10 router RCE vuln, and more infosec in brief The Trump administration has cleared a trio of individuals sanctioned by the Biden administration for involvement with the Intellexa spyware consortium behind the Predator surveillance tool, removing restrictions that had barred them from doing business with the US.…