D-Link’s popular DSL2740R wireless router is vulnerable to domain
name system (DNS) hijacking exploits that requiring no authentication to
access its administrative interface.
According to Todor Donev of the Belgian security firm Ethical Hacker,
a number of other D-Link routers are affected by this bug as well,
particularly the DLS-320B. PCWorld is reporting
that the vulnerability exists in a widely deployed piece of router
firmware called ZynOS, which is developed by ZuXEL Communications
Corporation.
The troubling part of this issue is that it appears as though this and a few other bugs are allowing law enforcement to monitor the activities of individuals utilizing this hardware. We previously reported on similar vulnerabilities with Linksys hardware that allows similar interception without the end user being aware and allows Cisco to monitor customer usage of devices. For this reason we do not allow Cisco or Linksys hardware in our secured networking environment.
The purpose of this page is to provide awareness to individuals and organizations that are leaking information and the information of their customers. The entities listed on this site are verified to be leaking personal information sometimes without the company even being aware. SLC Security is now owned and operated by Jigsaw Security Enterprise. We are currently in process and as such this blog will eventually be taken offline and merged with Jigsaw Security resources.
No comments:
Post a Comment