Latest news with #U.S.CybersecurityandInfrastructureSecurityAgency
Tom's Guide
4 days ago
- Tom's Guide
These three TP-Link routers are being targeted by hackers – here's what to know
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about several popular TP-Link router models that have once again been exploited by hackers. Three TP-Link router models have been attacked with a command injection vulnerability with a severity score of 8.8; the flaw is considered highly severe and was actually discovered a few years ago but was recently updated by CISA on the Known Exploited Vulnerabilities Catalog. According to Cybernews, this may indicate that attackers have begun to exploit the vulnerability again. The flaw allows hackers to execute commands on vulnerable TP-Link routers without proper authorization. The bug itself appears in the web management interface of the router where a specific parameter is processed in a GET request. Basically, it fails to become properly validated with user input and this is what allows a threat actor to inject malicious commands into the router's firmware. Even more dangerous on publicly exposed routers with remote access features enabled, threat actors can also successfully exploit the flaw from within the same network. CISA warns users that these vulnerabilities and others of the same type are 'frequent attack vectors for malicious cyber actors and pose a significant risk to the federal enterprise.' Federal agencies must remove the affected routers from their networks by July 7th, 2025 with CISA urging other organizations to also remove these models: A very popular model in the consumer market, the TP-Link TL-WR940N Mbps router (V2/V4) was last updated with new firmware back in 2016. Another affected model is the TP-Link TL-WR841N (V8/V10) which last received a firmware update back in 2015. Lastly, the TP-Link TL-WR740N (V1/V2) hasn't been updated for fifteen years. All three of these models are all at end-of-life and won't receive any further security updates. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. If you own one of the affected router models, the recommendation is to replace it right away with one of the best Wi-Fi routers instead as they will receive frequent software updates and patches from their manufacturer. It's also a good idea to make sure that you're using one of the best antivirus software programs – many of these will offer additional security features such as a VPN that can help protect you when you're online. Likewise, many router makers (including TP-Link and Netgear) offer security packages for their devices that can protect your entire home network. Security aside, you're getting a significantly worse online experience when using an outdated router. From slow internet speeds to difficulties handling the increased number of connected devices in your home, you owe it to yourself and to your devices to use a faster, newer router instead. If you want the latest and greatest Wi-Fi and have the budget for it, one of the best Wi-Fi 7 routers will provide you with the best experience possible. However, if you don't mind not having access to the faster 6GHz band, one of the best Wi-Fi 6 routers will still be a major upgrade. By using a new router with frequent security updates and by making sure to install them when they become available, you're essentially adding an extra layer of protection for all of the devices on your home network. Just like with outdated software, an old router could also be putting you at serious risk online which is why you should take CISA's recommendations here seriously.
Forbes
5 days ago
- Forbes
New Warning issued To All iPhone users—You Have 20 Days To Update
The U.S. government has issued a new warning to update your iPhone by July 7. A new iOS 18 update warning has been issued by the U.S. government after an iPhone vulnerability was found to have been used in real-life attacks. Tracked as CVE-2025-43200, the flaw was fixed in iOS 18.3.1 back in Feb. alongside another already-exploited issue. At the time, this flaw was not listed on Apple's support page, which only included one known fix. A closer inspection shows that Apple added the second vulnerability on June 11. The newly-revealed iPhone vulnerability is deemed so serious that the U.S. Cybersecurity and Infrastructure Security Agency has issued a warning, giving government agencies until July 7 to apply the iOS 18.3.1 update. CISA has also added the flaw to its known exploited vulnerabilities catalog. The CISA warning came as security researchers at Citizen Lab revealed Paragon spyware was targeting iPhone users including journalists. The attacks mentioned in their alert took advantage of the same vulnerability to plant spyware on targets' devices. The issue was patched in iOS 18.3.1, as well as watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1 and macOS Sonoma 14.7.4. 'A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link,' Apple said on its support page. 'Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.' The flaw fixed in iOS 18.3.1 is certainly serious, so much so that Apple didn't even mention it in Feb. when it first released the iPhone update. It's therefore important that all iPhone users apply it now. The CISA warning requires Federal Civilian Executive Branch agencies to remediate identified vulnerabilities by the due date to protect networks against active threats. Although BOD 22-01 only applies to FCEB agencies, CISA 'strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice.' The current iPhone update iOS 18.5 will cover this vulnerability and others that have been discovered in the time after it. But at the very least, you should update to iOS 18.3.1 to keep your iPhone safe from this attack using spyware. Spyware is very targeted, typically affecting some business users, political figures, dissidents and journalists. It's particularly dangerous because once it's on your device, attackers can potentially see and hear everything you do, including reading encrypted messages on Signal and WhatsApp. You can use apps such as iVerify to spot spyware — and look out for signs such as your iPhone running slowly or getting very hot. If you do suspect you've been affected by spyware, turning it on and off again can temporarily disrupt it. With spyware increasingly being used in attacks, it's a good idea to heed CISA's warning. Update your iPhone to iOS 18.3.1 or the latest version as soon as possible and certainly before July 7. Go to Settings > General > Software Update and upgrade to the latest version of iOS now.
Forbes
20-05-2025
- Forbes
Google Chrome — Relaunch Your Browser Now To Stop Hacks
Relaunch your Google Chrome browser now. Update, May 20, 2025: This story, originally published May 19, has been updated with further advice regarding Chrome browser security updates from Google, as well as what you can do if your Chrome update fails. Do you use the Google Chrome browser? Silly question, really, considering it's the world's most popular browsing platform with more than three billion users. Here's another question, then: when was the last time you relaunched Chrome? If the answer is I don't know, then you could be leaving yourself, your system and your data open to attack. Not only do you need to act now, but you should act regularly if you want to be protected against the ongoing Chrome hacker threat. Here's what you need to know. I hope you are sitting down as I'm about to take you on a whistle-stop recent news headlines tour to explain precisely why you need to take the Chrome browser attack threat seriously. Let's start on March 4, when Google confirmed no less than nine newly discovered browser security vulnerabilities, followed by another five just six days later. Fast forward to March 20, and a new critical Chrome vulnerability dropped, with more on April 16, April 22, April 29 and May 6. It was on May 14, however, that Google confirmed the most critical in this long list of Chrome security vulnerabilities, CVE-2025-4664. Why so critical? Because, according to the U.S. Cybersecurity and Infrastructure Security Agency, it was already being exploited by attackers in the wild. All security vulnerabilities are serious, but some are to be taken more seriously than others. If a Chrome zero-day emerges, where attackers are already out there exploiting that vulnerability, then action needs to be taken fast, as the hackers won't be wasting time waiting. With Chrome attackers looking to bypass 2FA protections, and compromise passwords, proactive defensive measures are a must. Which is where relaunching the Chrome browser comes into play. The one commonality between the aforementioned Chrome security vulnerabilities is that they were all disclosed by Google, along with the confirmation that an update to patch them was also being rolled out to users. While the security updating process is automatic for the Chrome browser, that doesn't mean you are protected as soon as the Google announcement drops. Indeed, those announcements themselves all state that patches will 'roll out over the coming days and weeks.' Which is nice, but less than comforting, especially in those cases where you know attackers already have the exploit code and attacks are underway. Relaunch your Google Chrome Browser to activate update protections. Luckily, you don't actually have to wait for the security update to find you, you can go and find it. Or, more accurately, you can kickstart the process and let your Chrome browser go get it for you. This is as simple as choosing the About Google Chrome option from the Chrome Help menu. Doing that will automatically start the process, check for any outstanding updates, download them and install them. What it won't do, however, is activate the security patch unless you relaunch your browser. Don't worry, this shouldn't impact all those open tabs you have, as Chrome saves these and reopens them upon restarting. Google itself has pointed out that while relaunching your browser happens in most cases, as a typical user will close and open the app regularly, 'if you haven't closed your browser in a while, you might see a pending update.' If there's no relaunch option to be found, Google said, 'you're on the latest version.' It should be noted, however, that during the relaunch process following a successful security update, while Chrome will save and reload the tabs you have opened, this isn't the case if you are browsing in Incognito mode. The reasons for this are pretty self-explanatory, given the privacy-focused nature of this mode. 'Your Incognito windows won't reopen when Chrome restarts,' Google said, so it advised users in this situation who don't want to lose those tabs to select the 'not now' option and let the update activate the next time that Chrome is restarted instead. But what if your Chrome browser security update fails to install? Google has some advice for users in this unlikely scenario as well. Trying to download the update again is the primary option, followed by uninstalling and reinstalling Chrome. Checking that antivirus or parental control applications aren't blocking the update from downloading is also recommended, as is the old IT Crowd chestnut of have you tried turning it off and on again. If it helps, here are the common update errors that people might see and what they mean: If you genuinely care about your Chrome security, and the sheer number of newly discovered vulnerabilities and ongoing attacks against the most popular web browsing platform suggest you must, then regularly checking for security updates and relaunching your browser is essential. You know what to do: make that check and relaunch your Google Chrome browser now.
Forbes
10-04-2025
- Forbes
iOS 18.4.1—iPhone Bug Fixes And Security Updates About To Land
It isn't long since Apple issued iOS 18.4, but the iPhone maker is about to release iOS 18.4.1, ... More including bug fixes and security updates. It hasn't been long since Apple issued iOS 18.4, but the iPhone maker is about to release iOS 18.4.1, including bug fixes and security updates. That's according to a new report on Apple-focused website MacRumors, which cites its visitor logs — a reliable indicator of previous soon-to-arrive iOS updates. The iOS 18.4.1 update will be launched within a week or two, according to the site. Coming so soon after iOS 18.4, iOS 18.4.1 almost certainly contains security and bug fixes only ahead of the launch of iOS 18.5 in May. So what kind of fixes and security updates will arrive when Apple drops iOS 18.4.1 in the coming weeks? It's highly possible that iOS 18.4.1 will contain security updates. The last Apple update in between point upgrades, iOS 18.3.2, did exactly this, patching an urgent issue already being used in real life attacks on iPhones. The flaw in WebKit, which underpins Apple's Safari browser, was so serious that the U.S. Cybersecurity and Infrastructure Security Agency issued an alert warning high-risk users to update before its deadline. Apple's iOS 18.4 addressed a whopping 62 security flaws, so you'd think the iPhone maker had caught them all in time for its last update. However, iOS 18.4.2 could contain a single fix, if the flaw is being used in real life attacks and Apple sees the patch as an emergency. Not long after iOS 18.4 was released, users started complaining of a number of bugs on their iPhones. One of the most talked about is that the update is resulting in long-deleted apps reappearing on some users' iPhones. 'After upgrading to iOS 18.4, my iPhone randomly installed 'Last war survival',' one user wrote on an Apple discission thread. 'This app was previously installed on my iPhone a few months ago but uninstalled after a few hours. Now it appeared back on my Home Screen.' Given how widespread this issue seems to be, it's very likely Apple will fix it in iOS 18.4.1. Apple's iOS 18.4.1 is about to arrive, possibly by next week, containing important security updates and bug fixes. With this in mind, it's a good idea to keep checking for the update on your iPhone. Go to your Settings > General > Software Update to spot iOS 18.4.1, or keep checking my Forbes page for updates.
The Independent
15-03-2025
- The Independent
Cybersecurity officials warn against potentially costly Medusa ransomware attacks
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning against a dangerous ransomware scheme. In an advisory posted earlier this week, government officials warned that a ransomware-as-a-service software called Medusa, which has launched ransomware attacks since 2021, has recently affected hundreds of people. Medusa uses phishing campaigns as its main method for stealing victims' credentials, according to CISA. To protect against the ransomware, officials recommended patching operating systems, software and firmware, in addition to using multifactor authentication for all services such as email and VPNs. Experts also recommended using long passwords, and warned against frequently recurring password changes because they can weaken security. Medusa developers and affiliates — called 'Medusa actors' — use a double extortion model, where they 'encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,' the advisory said. Medusa operates a data-leak site that shows victims alongside countdowns to the release of information. 'Ransom demands are posted on the site, with direct hyperlinks to Medusa affiliated cryptocurrency wallets,' the advisory said. 'At this stage, Medusa concurrently advertises sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.' Since February, Medusa developers and affiliates have hit more than 300 victims across industries, including the medical, education, legal, insurance, technology and manufacturing sectors, CISA said.
