[AusNOG] FBI declaration of Russians hacking home and office routers
James Gray
james at gray.net.au
Sun May 27 17:06:58 EST 2018
On 26 May 2018, at 9:48 am, I <beatthebastards at inbox.com> wrote:
>
> >For those who came in late. Specifically mentions Linksys, MikroTik, Netgear Inc, TP-Link.
> >https://www.theguardian.com/technology/2018/may/25/router-hacking-russia-fbi
> >Paul Wilkins
>
> There's more here
> https://blog.talosintelligence.com/2018/05/VPNFilter.html
>
> Robert
TP-Link have made a statement and basically said their devices in support with latest firmware are not vulnerable. https://www.tp-link.com/au/faq-2213.html
Interestingly they make a special mention to disable the remote management feature unless it is absolutely necessary. I’m guessing this may have been one of the attack vectors used by VPNFilter to deliver the first stage payload. Like most things on your network, and especially your perimeter; if you don’t need it, turn it off!
Cheers,
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3860 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180527/29a06251/attachment.bin>
More information about the AusNOG
mailing list