by Martin Quinn (Principal Consultant) 18 April 2013
Within security circles, vulnerabilities which are easily exploited or compromised are referred to as “low hanging fruit” and the easier the target to exploit or compromise the lower hanging the fruit.
One such “low hanging fruit” has been identified this week in at least thirteen (13) small office/home office (SOHO) off the shelf routers. These popular routers have been reported as having previously undisclosed vulnerabilities by Independent Security Evaluators (ISE), with critical security vulnerabilities.
The vulnerabilities either allow a remote attacker full control over the router or allows a local attacker to bypass the authentication mechanism, and in the majority of cases, both. You may think this trivial but many businesses utilise these off the shelf devices to augment their corporate network or these devices are used as the conduit for remote users to access corporate networks via VPN or other mechanism. Either way these devices are the chink in the armour which an attacker would focus on.
The full article can be found at: http://securityevaluators.com//content/case-studies/routers/soho_router_hacks.jsp
Which gives me a perfect segue into an article published recently about Intact Security appearing in The Australian (http://www.theaustralian.com.au/business/sme-business/for-a-start-think-hard-work/story-fnhnt95z-1226615184395). I was interviewed regarding small business start-up challenges. Happy reading!
If you believe you may have fell victim to an attack, Contact Intact Security for an obligation free chat on 02 9227 8201
Relax, your Security is Intact
Author: Intact Security