Tietoturvauutiset ja blogipostaukset

[Alensia]

New TP-Link zero-day surfaces as CISA warns other flaws are exploited

TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks.

www.bleepingcomputer.com

The researcher confirmed through testing that TP-Link Archer AX10 and Archer AX1500 use vulnerable CWMP binaries.
Mehrun also noted that EX141, Archer VR400, TD-W9970, and possibly several other router models from TP-Link are potentially affected.

Until TP-Link determines which devices are vulnerable and releases fixes for them, users should change default admin passwords, disable CWMP if not needed, and apply the latest firmware update for their device. If possible, segment the router from critical networks.

Yksi syy lisää olla käyttämättä TP-Linkin rojuja missään, suurin syy toki suora linkki Kiinan kommunistiseen puolueeseen. Monikohan vanhempi, edelleen käytössä oleva laite jää patchia vaille..

 

[Mocca]

Yle Areenasta löytyy mielenkiintoinen dokkarisarjat Vakoojat. Erityisesti tämä jakso- moderni vakoilu, kannattaa kuunnella, paljon asiaa esim Pegasus yms vakoiluohjelmista

Moderni vakoilu – Avoin data ja tietovuodot

 

[Ravishing_Grimness]

New TP-Link zero-day surfaces as CISA warns other flaws are exploited

TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks.

www.bleepingcomputer.com

The researcher confirmed through testing that TP-Link Archer AX10 and Archer AX1500 use vulnerable CWMP binaries.
Mehrun also noted that EX141, Archer VR400, TD-W9970, and possibly several other router models from TP-Link are potentially affected.

Until TP-Link determines which devices are vulnerable and releases fixes for them, users should change default admin passwords, disable CWMP if not needed, and apply the latest firmware update for their device. If possible, segment the router from critical networks.

Koskeekohan tätä tuotetta?

 

[Hyrava]

Koskeekohan tätä tuotetta?

Ei pitäisi koskea, tuossa artikkelissa mainittiin reitittimissä olevasta haavoittuvuudesta ja tuohan on Wifi/BT -kortti. Tosin, TP-Linkillähän on kyllä viime aikoina ollut muitakin haavoittuvuuksia, niistä en sitten tiedä osuuko joku tuohonkin laitteeseen.