Security Brief: Router Vulnerabilities, OpLastResort
The main events of the week between February 4 – February 10
The world of information security keeps getting more and more interesting by the minute. However, over the past week, there have been some events that stood out.First of all, we’ve heard a lot of things about vulnerabilities that affect routers. It all started in January when security firm DefenseCode identified a root access flaw in the Linksys WRT54GL router developed by Cisco.
Cisco admitted that the model was affected by the security hole, but they said other products were not susceptible to the attacks described by DefenseCode.
However, the security firm said other models might be affected. In addition, researchers have uncovered that several routers that use a certain UPnP Broadcom stack are impacted.
DefenseCode has published a partial list of the affected products.
In the meantime, security researcher Michael Messner has identified other vulnerabilities that affect D-Link, and Linksys routers.
Anonymous continues OpLastResort, the campaign initiated after the suicide of Reddit co-founder Aaron Swartz.
After hacking the US Sentencing Commission and various other government websites, the hacktivists leaked the details of over 4,000 bank executives, which they stole from the Emergency Communication System (ECS) website of the US Federal Reserve.
Representatives of the Fed admitted that their systems were hacked and called in the FBI to investigate. However, they tried to downplay the incident by saying that Anonymous’ claims were overstated and by arguing that no critical operations had been impacted.
In response, the hackers have published a 9 MB file which contains the names of thousands of files and folders from the servers of the Fed, which they claim to have “owned.”
Another interesting hack from this week is the one as a result of which the private photos and emails of several members of the Bush family have been exposed. Other noteworthy breaches are the ones that have affected Bit9 and online advertiser NetSeer.
Here are some other interesting stories from this week, in case you’ve missed them:
144 people, many of which celebrities, win damages in News of the World phone hacking case
11-year-old children are capable of writing malware
Twitter and Facebook accounts of Sky News Arabia hacked by the Syrian Electronic Army
EU publishes cybersecurity strategy and a directive on network and information security
WSJ owner Rupert Murdoch says Chines hackers are still attacking the newspaper
US Department of Energy hacked
Microsoft and Symantec take down Bamital botnet
Researchers present Lucky 13 attack against TLS and DTLS protocols. SSL has once again been cracked
A lot of router vulnerabilities identified in the last weeks
HOT RIGHT NOW