Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
New Attack on Home Routers
August 10, 2021
We live in strange times. Cyber attacks occur on a daily basis and addressing them should now be part of any technology implementation. That even includes IoT devices such as your video doorbell or smart (are they really smart?) lightbulbs. Malwarebytes has a post warning that home routers are now being attacked just days after the announcement of a recent vulnerability. The tactic of the cyber criminal is to attack any vulnerability very quickly after being announced. The goal is to compromise a device before the end-user applies the patch. Just two days after Tenable announced the firmware vulnerability, Juniper Threat Labs started seeing attacks. Yet again, another reason to apply any updates as soon as they are available.
The vulnerable router firmware is found in products made by SonicWall, D-Link, Netgear, Cisco, Tenda, MicroFocus, and Netis. Tenable published a list of approximately 36 impacted devices along with the vulnerable firmware version. Contact the manufacturer of your device for any updated firmware that may be available. Tenable published the technical “propeller head” details if you are interested in how the authentication bypass works.
Notice: We will be transferring our blogs to a new platform shortly which will be hosted on our website. The new URL for accessing the blog will be https://senseient.com/your-it-consultant/. Users currently subscribed via email delivery or RSS should not be impacted.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology