TechCrunch reported that the Chinese company TP-Link had not addressed a vulnerability in its routers first discovered in 2017.
This week TechCrunch reported that the Chinese company TP-Link had not addressed a vulnerability in its routers first discovered in 2017. The issue allows hackers to remotely take control of the routers by guessing weak default passwords that come with the devices. TechCrunch said the company falsely claimed to have patched the issue, but only included it in its list of system updates after the news site reached out.
Router vulnerabilities can allow access to entire networks, as happened in the massive Mirai botnet attacks of 2016. New research from Avast reveals that some 30% of TP-Link routers exhibit weak HTTP credentials. Nearly all use admin/admin to log in. Interestingly, the number of TP-Link routers with guessable passwords varies greatly across regions. For example, only 6% of TP-Link routers in North America have weak passwords while around 45% do in South and Central Asia, and East and South Europe. We will report more on the Avast IoT research soon.
This week's stats
Online scammers generated a list of 50,000 top executives to target in email fraud schemes, ZDNet reported. With losses of over $1.2 billion, email compromise is the most costly form of cybercrime, the FBI told the Avast blog.
Baltimore’s slow ransomware recovery
The city of Baltimore is gradually getting municipal services back up and running after a ransomware attack paralyzed operations earlier this month. On May 7, city officials found their servers had been hit with Ro ..