top of page

Cyber Bites

Hacking Show and Tell?

During the Pwn2Own Toronto hacking competition in December, several competitors were able to exploit the TP-Link Archer A21 (AX1800) WiFi router. These exploits netted the white hat teams a cool $25k for their efforts.

But it wasn’t only the judges watching the goings on at the competition. Starting last week, the Zero Day Initiative threat-hunting team observed new exploit attempts from the Mirai botnet looking to take advantage of the weaknesses found during the competition.

TP-Link released patches for the vulnerability, CVE-2023-1389 last month and the criminals want to take advantage of those that are slow to patch.

Takeaways:

  1. Prompt patching is a critical part of keeping your organization safe.

  2. We are battling bad actors, not dumb ones. They are more than happy to be fast followers.

  3. If you have a TP-Link Archer A21 (AX1800) WiFi router, be sure its firmware has been updated.

Sources: Zero Day Initiative, Bleeping Computer, Security Affairs

Definitions

Pwn - A term used in the hacking community to indicate someone has gained control over a computer system, website, or network.

White hat hacker - A computer security specialist who uses their skills for ethical purposes, such as identifying vulnerabilities in computer systems and networks to improve their security.

Black hat hacker - A computer hacker who violates computer security for personal gain or malicious purposes. They often engage in illegal activities, such as stealing sensitive information, disrupting systems, or spreading malware.

Botnet - A network of internet-connected devices that have been infected with malware and can be controlled remotely by a cybercriminal. These devices, which can include computers, smartphones, and IoT devices, are used to carry out various malicious activities, such as DDoS attacks, spam campaigns, and data theft.


Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.

Comentarios


bottom of page