Researchers also found vulnerabilities (CVE-2018-10822, CVE-2018-10824, CVE-201810823) in eight D-Link models that could give an attacker full control over the devices. The vulnerabilities consist of a path traversal security gap that allows an attacker to read arbitrary files, passwords stored in plain text, and a shell command injection that enables an authenticated attacker to execute arbitrary code. Six of the eight models have reached end-of-life status.
Hackers are constantly hunting for routers with outdated firmware and weak passwords. They then compromise vulnerable routers and use them to carry out cyberattacks. To avoid having their routers compromised by hackers, we advise users to regularly update the firmware of their routers to the latest versions released by manufacturers. We also encourage users to adopt strong and unpredictable passwords that consist of a mix of upper- and lower-case letters, numbers, and symbols.
 Some Linksys wireless routers found to contain vulnerabilities, warns SingCERT
 Bug Trio Affecting Eight D-Link Models Leads to Full Compromise
More Weekly Cyber Newsanalysis and insights
Health Promotion Board’s HealthHub Portal Hacked, US Centers For Medicare & Medicaid Services Suffers Breach
Durham University’s Employee Data Compromised In Portal Hack, Louisiana State University Suffers Phishing Attack
Operation Oceansalt Targets Koreans Using New Recon Implant, Italy Navy Targeted By Phishing Attacks That Deliver QuasarRAT
Hackers Deface Website For Saudi Investment Conference, Apple Apologises For Hacked Accounts in China
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services