Tag Archives: ISPs

US Congress sends a (no) privacy note to the entire connected world

US Congress sends a (no) privacy note to the entire connected world

US consumers are set to lose control over their online privacy as a consequence of the US Congress throwing out incoming rules for Internet Service Providers that would have given consumers a direct say in how ISPs can use their private data. The overturned rules – passed last October but not yet implemented – would […]

The post US Congress sends a (no) privacy note to the entire connected world appeared first on Avira Blog.

Sixty serious security flaws found in home routers

Scan your router with Avast's Home Network Security scanner.

Scan your router with Avast’s Home Network Security scanner.

Your router is one of the weakest links in your security, and researchers have proven once more that your home router puts you at risk.

Sixty security flaws have been identified in 22 router models that are distributed around the world, mostly by ISPs to their customers. These flaws could allow hackers to break into the device, change the password, and install and execute malicious scripts that change DNS servers to those the attacker wants. They do this so they can send your traffic through servers they control and direct you unwittingly to malicious sites or load malicious code on your machine when you visit a legitimate site.

Other flaws include allowing the hackers to read and write information on USB storage devices attached to the affected routers and reboot the devices.

The research report describes how the attackers can get in – through a backdoor with a universal password that is used by the ISP’s technical support staff to help troubleshoot for their customers over the phone. This second default administrator access is hidden from the router owner.

Which routers did the researchers test?

The researchers tested the following models: Amper Xavi 7968, 7968+ and ASL-26555; Astoria ARV7510; Belkin F5D7632-4; cLinksys WRT54GL; Comtrend WAP-5813n, CT-5365, AR-5387un and 536+; D-Link DSL-2750B and DIR-600; Huawei HG553 and HG556a; ; Netgear CG3100D; Observa Telecom AW4062, RTA01N, Home Station BHS-RTA and VH4032N; Sagem LiveBox Pro 2 SP and Fast 1201 and Zyxel P 660HW-B1A.

Since the researchers are based in Madrid, their interest was mainly in Spanish ISPs and the routers they distribute, but routers like Linksys, D-Link and Belkin are distributed in the U.S. and other countries.

What can you do to protect yourself?

Avast has a feature built into our antivirus products called Home Network Security (HNS), which scans for misconfigured Wi-Fi networks, exposes weak or default Wi-Fi passwords, vulnerable routers, compromised Internet connections, and enabled, but not protected, IPv6. It also lists all devices on the network so you can make sure only your known devices are connected. Avast is the only security company to offer a tool to help you secure this neglected area.

How to scan your home router with Home Network Security scanner

Open the Avast user interface, click Scan from the menu on the left, then choose Scan for network threats. Avast will take a look at your router and report back any issues. In most cases, if there is an issue to be addressed, then it will direct you to your router manufacturer’s website.

EFF Calls Out ISPs Modifying STARTTLS Encryption Commands

The Electronic Frontier Foundation has backed VPN provider Golden Frog’s FCC filing that accuses ISPs of stripping out STARTTLS instructions from email messages.