Happy New Year from Falcon Computer Consulting LLC!


Our friends at Ars Technica report that a vulnerability has existed since 2002 in millions of residential and commercial routers that could allow attackers to take control of them and even use them as a gateway into other devices on the network.  There haven't been any specific reports of this vulnerability being exploited, although now that it is published it's increasingly likely this will be a vector targeted by hackers and other malicious parties.  The best way to ensure this vulnerability is patched is to upgrade your router to the latest firmware (or use an alternate firmware on your router), but there is currently no easy way to check to see if the bug has been patched on particular units or not.  


Further, Falcon Computer Consulting LLC always recommends that you ensure all your systems (desktops/laptops, servers, mobile devices, and any other network or critical devices) and online services/sites be kept up-to-date with patches and security fixes.  Our firm can provide assistance with upgrading your router firmware (or deploying alternate firmware) as well as general security-related updates and protection for all your systems and critical infrastructure.  Feel free to contact us for additional information and support.



12 million home and business routers vulnerable to critical hijacking hack

   courtesy of Ars Technica


Bug exposes user data, as well as computers, Web cams, and other connected devices.


More than 12 million routers in homes and small offices are vulnerable to attacks that allow hackers anywhere in the world to monitor user traffic and take administrative control over the devices, researchers said.


The vulnerability resides in "RomPager" software, embedded into the residential gateway devices, made by a company known as AllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug that allows attackers to send simple HTTP cookie files that corrupt device memory and hand over administrative control. Attackers can use that control to read plaintext traffic traveling over the device and possibly take other actions, including changing sensitive DNS settings and monitoring or controling Web cams, computers, or other connected devices. Researchers from Check Point's malware and vulnerability group have dubbed the bug Misfortune Cookie, because it allows hackers to determine the "fortune" of an HTTP request by manipulating cookies. They wrote: