Pierluigi Paganini April 06, 2019
DoS flaw in several MikroTik Routers exploited in attacks

A vulnerability could be exploited by attackers to trigger a denial-of-service (DoS) condition on devices running RouterOS. MikroTik routers made the headlines again, the company disclosed this week technical details about a year-old vulnerability that exposes the device to remote attacks. Attackers could exploit the vulnerability to trigger a denial-of-service (DoS) condition on devices running […]

Pierluigi Paganini September 19, 2018
Evolution of threat landscape for IoT devices – H1 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved. The first data that emerged […]

Pierluigi Paganini September 11, 2018
Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment. Earlier August, experts uncovered a massive […]

Pierluigi Paganini September 04, 2018
Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

The security firm Qihoo 360 Netlab discovered more than 7,500 MikroTik routers that have been compromised to enable Socks4 proxy maliciously Earlier August, experts uncovered a massive crypto jacking campaign that was targeting  MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. The campaign started in Brazil, but it is rapidly expanded […]

Pierluigi Paganini March 19, 2018
Experts discovered remotely exploitable buffer overflow vulnerability in MikroTik RouterOS

Security experts at Core Security have disclosed the details of a buffer overflow vulnerability that affects MikroTik RouterOS in versions prior to the latest 6.41.3. MikroTik is a Latvian vendor that produce routers used by many telco companies worldwide that run RouterOS Linux-based operating system. The vulnerability, tracked as CVE-2018-7445, could be exploited by a remote attacker with […]