[AusNOG] FBI declaration of Russians hacking home and office routers

James Gray james at gray.net.au
Sun May 27 17:06:58 EST 2018


On 26 May 2018, at 9:48 am, I <beatthebastards at inbox.com> wrote:
> 
> >For those who came in late. Specifically mentions Linksys, MikroTik, Netgear Inc, TP-Link.
> >https://www.theguardian.com/technology/2018/may/25/router-hacking-russia-fbi
> >Paul Wilkins
> 
> There's more here
> https://blog.talosintelligence.com/2018/05/VPNFilter.html
> 
> Robert

TP-Link have made a statement and basically said their devices in support with latest firmware are not vulnerable. https://www.tp-link.com/au/faq-2213.html

Interestingly they make a special mention to disable the remote management feature unless it is absolutely necessary. I’m guessing this may have been one of the attack vectors used by VPNFilter to deliver the first stage payload. Like most things on your network, and especially your perimeter; if you don’t need it, turn it off!

Cheers,

James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3860 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180527/29a06251/attachment.bin>


More information about the AusNOG mailing list