

























The FBI and NSA jointly announced that Russia has been systematically compromising the security of home and small office routers since at least 2024.
They obtained a court order to allow them to remotely reset thousands of affected devices in the US, but if yours is one of them, it needs to be urgently replaced …
CNET reports.
Federal agencies, including the FBI and NSA, disclosed on April 7 that a unit of Russia’s military intelligence directorate, the GRU group known as APT28 or Fancy Bear, has been systematically compromising home and small office routers since at least 2024, using the access to intercept credentials, authentication tokens and sensitive communications. The agency took the unusual step of remotely resetting thousands of affected US devices under a court order, but officials are warning that without action from individual router owners, the problem is far from solved.
However, the agencies say that the affected routers are no longer receiving security updates and should be replaced.
The good news is that the average 9to5Mac reader is unlikely to be using one of the affected routers as they are so old. The specific model referenced by the FBI was originally launched in 2007, although the UK’s National Cyber Security Centre says that other TP-Link models were targeted. These include:
Since none of these models are still receiving firmware updates, they remain vulnerable to further attack and should be replaced.
It’s important with any router to ensure that you enable automatic firmware updates and that you change the default admin username and password. Unless you specifically need to remotely access your router, it’s also recommended to disable the remote management feature in the admin settings.
Finally, the FBI specifically recommends that remote workers use a VPN when accessing sensitive data.
Photo by Jackson Sophat on Unsplash
FTC: We use income earning auto affiliate links. More.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。