A security researcher discovered three serious flaws in the firmware of wireless routers made by the company Ruckus and disclosed information about those flaws at a security conference in Germany three days ago. The researcher previously disclosed the vulnerabilities to the manufacturer so that a security patch could be developed. The vulnerabilities allow a remote attacker to completely take over affected routers and operate using the “root” account, which provides the attacker with unlimited access to spy on unencrypted network traffic, redirect internal requests to malicious sites, or inject malicious content in responses from any unencrypted website. A security update for affected Ruckus routers is available from the manufacturer, but customers must proactively download and apply the patch themselves – the routers are not automatically updated.
With all the news around COVID-19/Coronavirus, the average person is turning to the internet for