0

Computerworld is reporting the possibility of a worm or bot in the wild that is specifically targeting D-Link branded routers. It refers to a three year old vulnerability which Symantec security researchers believe is being exploited by a new exploit. Apparently, the Symantec security response team has seen an increase in attack activity as it relates to D-Link devices.

Oliver Friedrichs, director of the Symantec security response team, is quoted as saying that it looks like hackers are "exploiting the SNMP vulnerability to reset and reconfigure the administrative password on the routers" after scanning TCP port 23 for an active SNMP service.

The report goes on to suggest that router vulnerabilities are up, and unsurprisingly so are attacks against routers as a result. Unfortunately, there is no comment from D-Link itself with regard to whether it had investigated if this vulnerability was being exploited, nor indeed if it had ever been patched.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

1
Contributor
0
Replies
2
Views
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.