Tag Archives: Netgear

Security Never Sleeps- ElasticSearch Malware, Quantum Communications

ElasticSearch Servers Found Hosting PoS Malware Files

“Over 4,000 servers affected”

Kromtech Security Center has found that over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of Point of Sale malwares, AlinaPOS and JackPOS. The researchers discovered these exposed ElasticSearch servers last week during routine scans. Intrigued by their initial discovery, the Kromtech team used Shodan to identify more than 15,000 ElasticSearch instances that were left exposed online without any form of authentification.

Bashware hacking technique puts 400 million Windows 10 PCs at risk

“Vulnerable to new technique”

Somewhere in the range of 400 million PC users running Windows 10 around the world may now be susceptible to a fresh cyber attack approach referred to as Bashware. Cyber security firm Check Point discovered and named the new malware, and explain that Bashware exploits the built-in Linux shell in Windows to allow malware to bypass common antivirus and other security software.

RouteX Malware Uses Netgear Routers for Credential Stuffing Attacks

“Netgear routers infected likely by Russian hacker”

A Russian-speaking hacker has been infecting Netgear routers over the past several months with yet another new strain of malware named RouteX. This is used to turn infected devices into what are called called SOCKS proxies, which carry out credential stuffing attacks. This is all according to US cyber-security firm Forkbombus Labs, firm that uncovered this new threat. The hacker allegedly is exploiting CVE-2016-10176, a vulnerability disclosed last December to take over Netgear WNR2000 routers.

U.S. Energy Department Invests $20 Million in Cybersecurity

“Department announced intentions to invest up to $50 million”

The United States Department of Energy announced on Tuesday its investments in the research and development of tools and technologies that would make the country’s energy infrastructure more resilient and secure. Over $20 million of that amount has been allocated to projects focusing on cyber security. The funding, awarded to various national laboratories, will be used to support early-stage research and development of next-generation tools and technologies that improve the resilience and security of critical energy infrastructure, including the power grid, and oil and natural gas infrastructure.

China sets up first ‘commercial’ quantum network for secure communications

“Latest step in developing hackproof communications”

China has set up its first “commercial” quantum network in its northern province of Shandong, Chinese state media has reported. This is the country’s latest step in advancing a technology expected to enable the highest security communications. China touts that it is at the forefront of developing quantum technology. In August it said it sent its first “unbreakable” quantum code from an experimental satellite to the Earth. The Pentagon has called the launch of that satellite a year earlier a “notable advance”.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 126

‘Expect lots of data dump’ in coming days warns Twitter hacker group Legion

“Hacks affecting senior members of Indian government and political party accounts”

Rahul Gandhi, leader of the Indian Congress Party, was the victim of a Twitter hack in late November, with the hijacker posting obscene and offensive images and phrases on his account. The official congress Party account, @IncIndia, was also affected in the same way. The cyber criminals responsible expressed an agenda of further attacks in the future.

An unpatched vulnerability exposes Netgear routers to hacking

“Various models affected by problematic vulnerabilities”

Netgear has publicly disclosed a vulnerability that is exploitable by hackers, leaving them open to commandeering and remote commands. A researcher using the username of ‘Acew0rm reported the flaw to Netgear in August, but reportedly never received a reply to his claim. The problem comes from malfunctions with the management interface that is intended to block and allow for remote commands.

Edit: Beta firmware to fix security issue 582384 related to the router issues has been released. More information is available at 

Obama Orders Inquiry Into Cyberattacks On Democratic Party Websites

“Several intelligence agencies involved”

A full-scale review of the hacking security incidents related to the Democratic Party during the 2016 presidential elections has been initiated by President Obama, events many believe were undertaken by the Russian government to influence the results of the race. A full report, done with cooperation from several agencies, is expected to be filed and reviewed by the president before the end of his term.

Enjoy your read? Check out our other content here.