Security
Headlines
HeadlinesLatestCVEs

Tag

#asus

ZuoRAT is a sophisticated malware that mainly targets SOHO routers

Researchers have analyzed a long running campaign that compromises SOHO routers to further penetrate and eavesdrop on networks. The post ZuoRAT is a sophisticated malware that mainly targets SOHO routers appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#windows#cisco#git#botnet#asus#auth
A New, Remarkably Sophisticated Malware Is Attacking Routers

Researchers say the remote-access Trojan ZuoRAT is likely the work of a nation-state and has infected at least 80 different targets.

ZuoRAT Hijacks SOHO Routers From Cisco, Netgear

The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.

Hermit spyware is deployed with the help of a victim’s ISP

A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions. The post Hermit spyware is deployed with the help of a victim’s ISP appeared first on Malwarebytes Labs.

ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks

A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks. The malware "grants the actor the ability to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to maintain an undetected foothold,"

Google Warns Spyware Being Deployed Against Android, iOS Users

The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.

Google Warns of New Spyware Targeting iOS and Android Users

The spyware has been used to target people in Italy, Kazakhstan, and Syria, researchers at Google and Lookout have found.

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region. "We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.

CVE-2022-26668: ASUS Control Center - Broken Access Control

ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote attacker can call privileged API functions to perform partial system operations or cause partial disrupt of service.

CVE-2022-26669: ASUS Control Center - SQL Injection

ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data.