Source |
CSO |
Identifiant |
792574 |
Date de publication |
2018-09-04 08:04:00 (vue: 2018-09-04 23:03:20) |
Titre |
7,500 MikroTik routers compromised, traffic forwarded to attackers (Recyclage) |
Texte |
If you have a MikroTik router, make sure it is running the latest firmware, as security researchers discovered thousands of compromised MikroTik routers are sending traffic to nine attacker-controlled IPs.Via a honeypot since July, researchers from the China-based Netlab 360 noticed malware exploiting MikroTik routers. Attackers are exploiting the MikroTik CVE-2018-14847 flaw that was patched in April.The critical vulnerability, involving Winbox for MikroTik, “allows remote attackers to bypass authentication and read arbitrary files.” Proof-of-concept exploits have been around for several months. That same vulnerability, the researchers pointed out, was exploited by the CIA's hacking tool Chimay Red, according to WikiLeaks Vault7. |
Envoyé |
Oui |
Condensat |
14847 2018 360 500 according april arbitrary are around article attacker attackers authentication based been bypass chimay china cia click compromised concept controlled critical cve discovered exploited exploiting exploits files firmware flaw forwarded from full hacking have here honeypot involving ips july latest make malware mikrotik months netlab nine noticed out patched please pointed proof read red remote researchers router routers running same security sending several since sure thousands tool traffic vault7 vulnerability wikileaks winbox “allows |
Tags |
Malware
Tool
|
Stories |
|
Notes |
|
Move |
|
Source |
CSO |
Identifiant |
792163 |
Date de publication |
2018-09-04 08:04:00 (vue: 2018-09-04 18:01:38) |
Titre |
7,500 MikroTik routers being eavesdropped, traffic forwarded to attackers (Recyclage) |
Texte |
If you have a MikroTik router, then take the time to make sure it is running the latest firmware since security researchers discovered thousands of compromised MikroTik routers are sending traffic to nine attacker-controlled IPs.Via a honeypot since July, researchers from the China-based Netlab 360 noticed malware exploiting MikroTik routers. Attackers are exploiting the MikroTik CVE-2018-14847 flaw which was patched in April. |
Envoyé |
Oui |
Condensat |
14847 2018 360 500 april are article attacker attackers based being china click compromised controlled cve discovered eavesdropped exploiting firmware flaw forwarded from full have here honeypot ips july latest make malware mikrotik netlab nine noticed patched please read researchers router routers running security sending since sure take then thousands time traffic which |
Tags |
Malware
|
Stories |
|
Notes |
|
Move |
|
Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-09-04 08:04:00 |
(Déjà vu) 7,500 MikroTik routers being eavesdropped, traffic forwarded to attackers (lien direct) |
If you have a MikroTik router, then take the time to make sure it is running the latest firmware since security researchers discovered thousands of compromised MikroTik routers are sending traffic to nine attacker-controlled IPs.Via a honeypot since July, researchers from the China-based Netlab 360 noticed malware exploiting MikroTik routers. Attackers are exploiting the MikroTik CVE-2018-14847 flaw which was patched in April. |
Malware
|
|
|