37 matches found
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens...
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Russia-linked threat actor known as APT28 aka Forest Blizzard has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at...
CVE-2020-10364
The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management...
EUVD-2020-2819
Malware in sbrugna...
The vulnerability of the RouterOS operating system for MikroTik routers, related to insufficient validation of input data, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the RouterOS operating system for MikroTik routers is related to insufficient validation of input data when processing the dst parameter. Exploiting this vulnerability allows a malicious actor to perform domain-based scenario attacks remotely...
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...
The vulnerability of the Checkmk Exchange plugin for MikroTik routers allows a hacker to execute a spoofing attack.
The vulnerability of the Checkmk Exchange plugin for MikroTik routers is related to errors in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a spoofing attack remotely...
OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service DDoS attack in April 2024 that reached a packet rate of 840 million packets per second Mpps. This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large...
The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers allows a hacker to disclose protected information.
The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
MikroTik routers 资源管理错误漏洞
MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in MikroTik routers v6.46.3 and earlier versions that originates from a misconfiguration that allows an attacker to cause a denial of service via an SSH daemon...
The vulnerability of the RouterOS operating system in MikroTik routers stems from incorrect handling of the link pointer before accessing a file. This allows a hacker to install any arbitrary file anywhere on the host.
The vulnerability of the RouterOS operating system for MikroTik routers stems from an incorrect definition of the link before accessing a file. Exploiting this vulnerability allows a malicious actor to install any arbitrary file anywhere on the host...
The vulnerability of the SNMP (Simple Network Management Protocol) implementation in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.
The vulnerability in the implementation of the SNMP Simple Network Management Protocol protocol in the RouterOS operating system of MikroTik routers lies in the ability to read data beyond the buffer boundaries in memory during the processing of the u32id key. Exploiting this vulnerability allows...
TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control
Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things IoT devices as a go-between for establishing communications with the command-and-control C2 servers. "By using MikroTik routers as proxy server...
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent threats in recent years. The...
Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks
Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service DDoS attack targeting an unnamed website that peaked at 2.5 million requests per second RPS. "While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting...
The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.
The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted FTP request...
KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”
On Thursday evening, KrebsOnSecurity was the subject of a rather massive and mercifully brief distributed denial-of-service DDoS attack. The assault came from "Meris," the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure fi...
Denial of Service Vulnerability in MikroTik CHR Routers
Founded in 1995 and headquartered in Riga, Latvia, MikroTik is engaged in the development of routers and wireless ISP systems. A denial of service vulnerability exists in the MikroTik CHR router, which can be exploited by an attacker to cause the program to crash...
The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to compromise the integrity and accessibility of protected information.
The vulnerability of the RouterOS operating system for MikroTik routers lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...
The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik allows a hacker to cause a service failure.
The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik routers is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a malicious actor to cause service failures by using system calls like connect and write...