Microsoft Unveils Vulnerabilities in Netgear Routers

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

 

Increasing safety measures led attackers to explore different ways to breach systems. The increasing number of firewall and ransomware attacks employing VPN devices and other websites are instances of attacks initiated externally and underneath the operating system layer. As these sorts of attacks are becoming more widespread, consumers must also aim to maintain single-use software, running their hardware, such as routers. 
In Netgear routers, Microsoft has revealed several vulnerabilities that might lead to data disclosure and complete system compromise. Whereas on June 30, 2021, Jonathan Bar Or, a member of Microsoft’s 365 Defender Research Team revealed, that the vulnerabilities that have been patched before public release. 
“We discovered the vulnerabilities while researching device fingerprinting in the new device discovery capabilities in Microsoft Defender for Endpoint. We noticed a very odd behavior: a device owned by non-IT personnel was trying to access a NETGEAR DGN-2200v1 router’s management port. The communication was flagged as anomalous by machine learning models, but the communication itself was TLS-encrypted and private to protect customer privacy, so we decided to focus on the router and investigate whether it exhibited security weaknesses that can be exploited in a possible attack scenario,” told Microsoft. 
After observing odd behavior on the router management port, the Microsoft Security team uncovered vulnerabilities. While TLS encryption protects the communication, machine learning models are still identified as anomalous. 
Three HTTPd authen

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: Microsoft Unveils Vulnerabilities in Netgear Routers