Popular routers found vulnerable to hacker attacks

Millions of Brits could be at risk of cyberattacks due to poor default passwords and a lack of firmware updates

 Amer Owaida

Millions of Brits use Wi-Fi routers that contain various security flaws and may put them at risk of cyberattacks, an investigation by British consumer watchdog Which? has found.

Together with Red Maple Technologies, Which? looked at 13 commonly used older router models offered by various British internet service providers (ISPs) and found that over half of them didn’t meet the security standards of today. The main issues affecting routers suplied by ISPs such as Virgin, EE, Sky, TalkTalk, and Vodafone were weak default passwords, local network vulnerabilities, and the lack of firmware updates to patch security loopholes.

“Some of these models haven’t seen an update since 2018 at the latest, and some haven’t been updated since as far back as 2016, which could affect 6 million of these users. Without firmware and security updates, there’s no guarantee that security issues will be fixed,” wrote Hollie Hennessy, Senior Researcher at Which?. Weak default passwords and a lack of firmware updates affected seven devices in total, while local network vulnerabilities were found to affect just one.

A router that has an easy-to-guess and/or default password could grant malicious actors a way into your home network and the devices connected to it. You should always replace your router’s default username and password with a strong and unique password or passphrase.

Meanwhile, routers that have out-of-date firmware oten contain easily exploitable vulnerabilities. If your router doesn’t receive firmware updates to plug such security flaws, you are best off arranging an upgrade of your device with your ISP or buy an aftermarket device.

When it comes to exploiting local network vulnerabilities, a hacker would have to be in close vicinity to exploit a device; however, if successful, they could completely take over the device, observe your browsing habits or even direct you to compromised websites.

On the bright side, some routers, namely some offered by BT and Plusnet, didn’t suffer from any of the aforementioned lapses in security. The full list of the routers tested is available on the website of the consumer wachtdog.

Which? contacted the ISPs with the findings of their investigation. While BT Group said that its older routers would receive updates if they were found to be affected by security issues, its EE Brightbox router has a vulnerability that remains unfixed. Meanwhile Virgin Media, “did not recognize or accept” the consumer watchdog’s findings, saying that nine in ten of its customers were using its latest routers.

Same old story

Overall, the study’s results bring echoes of some other studies, including the Home Router Security Report 2020 by Germany’s Fraunhofer Institute last year, a test by Independent Security Evaluators in 2019, and a review by the American Consumer Institute in 2018.

Router security has been a perennial problem, and it has become an especially important consideration since the COVID-19 pandemic forced most professionals to work from outside the generally much safer confines of the office. To mitigate the chances of your router and connected devices getting compromised by cybercriminals, you can refer to our article focusing on tips for boosting your router security. While you’re at it you might want to go over our recommendations for reviewing your router’s configuration settings.

ESET wint AAA-prijs in SE Labs Enterprise Endpoint Protection-test

 

6 mei  2021 — ESET, een wereldleider in cyberbeveiliging, behaalde, in het eerste kwartaal van 2021 met zijn Endpoint Security-oplossing, de AAA-onderscheiding - de belangrijkste, in de SE Labs’ Q1 2021 Enterprise Endpoint Protection. Het is de derde keer dat ESET de SE Labs AAA-prijs won. De ontwikkelaar won die prijs ook in het eerste en derde kwartaal van 2020.

SE Labs, een toonaangevend onafhankelijk testbedrijf, heeft tot doel de beveiliging van informatietechnologie te verbeteren door het evalueren van producten en diensten ontworpen om aanvallen te detecteren en tegen inbraken te beschermen. Tussen januari en maart 2021 werden 9 endpoint beveiligingsoplossingen getest om hun efficiëntie te beoordelen bij realtime detectie en bescherming tegen bedreigingen. Voor zijn precisie behaalde ESET Endpoint Security een score van 1116, de tweede beste (99%) van de geteste oplossingen.

ESET Endpoint Security werd ontwikkeld om bedrijven te beschermen met een combinatie van robuuste antivirus- en netwerkbeveiligingssoftware. Bij het testen werd de oplossing blootgesteld aan een mix van gerichte aanvallen en reële bedreigingen op openbare Websites. De resultaten hebben aangetoond dat ESET Endpoint Security buitengewoon efficiënt is in het blokkeren van kwaadaardige URL's, het omgaan met exploits en het correct klasseren van legitieme apps en websites.

Jiri Kropáč, hoofd van Threat Detection Labs, zei: “Bij ESET verheugt het ons om voor de derde keer door SE Labs beloond te worden met een AAA-onderscheiding. Deze weerspiegelt onze toewijding om de beste antivirus- en cyberbeveiligingsoplossingen aan te bieden en onderstreept onze voortdurende inspanningen om robuuste en betrouwbare producten te leveren terwijl het dreigingslandschap steeds complexer wordt. Het testen van onze oplossingen in reële omgevingen is cruciaal om gebruikers te bewijzen dat hun bedrijf, gegevens en werknemers in de beste handen zijn als het op kwaadwillende actoren en cyberaanvallen aankomt. Voor bedrijven over de hele wereld heeft cyberveiligheid de hoogste prioriteit. ESET is trots dat het geavanceerde technologie van de hoogste kwaliteit kan leveren. "

U komt er meer over te weten op ESET Endpoint Security

 Over ESET

Al meer dan 30 jaar ontwikkelt ESET® geavanceerde IT-beveiligingssoftware en -diensten om bedrijven, kritieke infrastructuur en consumenten wereldwijd te beschermen tegen steeds meer gesofisticeerde digitale dreigingen. Van eindpoint- en mobiele beveiliging tot detectie en respons van eindpoints, versleuteling en multi-factor authenticatie, beschermen en bewaken ESET's krachtige, gebruiksvriendelijke oplossingen discreet 24/7. Ze updaten in realtime de verdediging om ononderbroken gebruikers en ondernemingen te beveiligingen.

Ousaban: Private photo collection hidden in a CABinet

Another in our occasional series demystifying Latin Amercian banking trojans

 

Ousaban is a Latin American banking trojan active exclusively in Brazil. ESET has been tracking this malware family since 2018. In common with most other LATAM banking trojans, Ousaban uses overlay windows to steal credentials and more from financial institutions. However, unlike most other LATAM banking trojans, Ousaban’s developers have extended the use of overlay windows to steal credentials from popular regional email services. In this installment of our series, we examine its main features and many connections to other Latin American banking trojan families.

Characteristics

Ousaban is written in Delphi, as are the vast majority of the other Latin American banking trojans ESET is tracking. And, as do many of them, Ousaban shows signs of active and continuous development.

The name ESET assigned to this family is a portmanteau of two words – “ousadia”, which means “boldness” in Portuguese, and “banking trojan”. The reason for such a name is that for a very long time, Ousaban was distributed alongside the images (some of them obscene) shown in Figure 1. In the most recent campaigns distributing Ousaban, this is no longer the case.

Complete article on:

 https://www.welivesecurity.com/2021/05/05/ousaban-private-photo-collection-hidden-cabinet/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29