restart

Thousands of ASUS routers have been committed to an intrusion campaign: restart them does not eliminate the threat

by

A new intrusion campaign has put several models of ASUS routers. According to GraynoiseSpecialized in cybersecurity, at least three different devices would be exploited by an actor “highly trained and with sufficient resources.” Sophisticated threats are usually aimed at very specific objectives, but this campaign has a broader pattern. Researchers have already detected about 9,000 committed devices, and ensure that the number continues to increase. It is believed that the foundations could be laying for a future botnet, Key piece for DDOS attacks. Persistent access without malware The attackers get initial access through brute force techniques And the use of evasion strategies that still do not have an identifier Cve. In cybersecurity, a CVE (acronym for common vulnerabilities and exposures) is a standard reference that is used to catalog known vulnerabilities publicly. {“Videid”: “X801AZU”, “Autoplay”: False, “Title”: “How to protect your Android from viruses and malware: tricks and advice”, “tag”: “”, “duration”: “271”} After that first step, cybercriminals take advantage of a specific vulnerability already documented, identified as CVE-2023-39780to execute arbitrary commands and modify the router configuration from within. The objective is not to install a traditional spy virus or software, but something more subtle: open a remote rear door. To do this, they enable SSH access in a specific port (TCP/53282) and insert their own public key into the NVRAM memory, a type of internal storage that It is not erased by restarting the router nor when updating your firmware. In this way, the attacker’s access persists in time, without leaving obvious signs. The researchers have replicated the attack on several specific models, including the ASUS RT-AC3100, RT-AC3200 and RT-AX55. It is not an official list of committed devices, but a clue to which they could be in the spotlight. At the moment, it is not ruled out that there are other models also exposed. Greynoise has not officially attributed the campaign to any specific group. However, he points out that the techniques used (the use of legitimate functions of the system, the deactivation of the activity records and the absence of visible malware) are usual characteristics of Very elaborate attacks and long -term planned. These types of operations are usually linked to the calls APTacronym in English of Advanced Persistant Threat. These are cyber -cyber -acting groups that act with advanced technical means, great discretion and very defined objectives, often related to strategic or governmental interests. The finding occurred the past March 18thanks to SIFTan analysis tool developed by Greynoise. The publication of the details It was intentionally delayed to facilitate coordination with public agencies and companies in the sector before making it public. How to know if your router has been committed Asus has corrected vulnerability CVE-2023-39780 In a recent firmware update. However, if the device was compromised before applying that patch, remote access can remain active. Greynoise offers a series of steps that can help detect whether a router has been affected, although it is true that some of them They can be complex for those who are not familiar with technical concepts or do not handle with ease in the advanced device configuration. Even so, it is convenient to meet them: Access the configuration of your router and verify if the access by SSH is enabled in the TCP/53282 port. Check the file called Authorized_Keyssince it could contain an unauthorized public key. Block these IP addresses, associated with the campaign: 101.99.91.151, 101.99.94.173, 79.141.163.179 and 111.90.146.237. If you suspect that your device is affected, perform a complete factory restoration and configure it manually. In Xataka Openai has just demonstrated that the AI ​​no longer completely obeys: O3 sabote its own shutdown to continue working The scale of the attack and its ability to stay hidden reinforce a key lesson: the safety of domestic routers should not be taken for granted. Although in this case malware has not been installed, the attackers They have left an open door. We have contacted Asus to request comments on this campaign and know if they plan to offer new additional measures or recommendations. This article will be updated if we receive an official response for its part. Images | Freepik | Asus In Xataka | Alcasec is not any youth hacker: he set up a Spanish criminal infrastructure that even had customer service bot (Function () {Window._js_modules = Window._js_modules || {}; var headelement = document.getelegsbytagname (‘head’) (0); if (_js_modules.instagram) {var instagramscript = Document.Createlement (‘script’); }}) (); – The news Thousands of ASUS routers have been committed to an intrusion campaign: restart them does not eliminate the threat It was originally posted in Xataka by Javier Marquez .

Since the end of World War II there have only been two countries with nuclear weapons at war. They just restart it

by

And suddenly, the Indian army has launched An aerial offensive as it is not remembered in a long time against several positions in Pakistan and in the Kashmir administered by Islamabad. As we will see below, the tense story between the two territories came long, but above any other interpretation at this time, there is something that completely changes the hostility between the two nations. He Theme “Nuclear”. Context of a history of distrust. The conflict between India and Pakistan for Cashmerea region of the Himalayas disputed from the partition of India in 1947, has been a Constant source of tensionswars and insurgency between two nations that today have nuclear weapons. Its origin dates back to the decision of Maharajá Hindu of join the territory to India After an incursion of Pakistani militias, which unleashed the first war between the two countries. Since then, military clashes have occurred (1947, 1965, 1971 and 1999), provisional agreements such as the high fire of 1949 and the creation of the “Control line” in 1972as well as repeated reconciliation attempts that have failed, as happened after The Peace Summit of 1999, which was followed months later by a new armed conflict. More deaths. The situation is worsened in 1987 With the emergence of a separatist insurgency in the Indian part of Kashmir, fueled by the political discomfort and support of Pakistan, which led to a decade of intense violence. To get an idea, throughout the years 2000 and 2010, Kashmir more militarized on the planetwith regular bursts of violence. In 2019, after an attack that He killed 40 Indian soldiersIndia responded with Air attacks In Pakistan and, subsequently, the Narendra Modi government suppressed autonomy Constitutional of Kashmira, imposed a communications blackout and arrested thousands of local leaders, causing international criticism, although with the argument of restoring order and reducing terrorism. In April 2025, a brutal attack in which 26 civilians diedmostly Hindu tourists, turned on the polvorín again. India accused terrorists based on Pakistan, although he denied all involvement. A symbolic retaliation. The attack of a few hours ago, An aerial offensive against nine goals in Pakistan And in the Pakistani part of Kashmira, it is a retaliation for the terrorist attack of April 22. The military operation, Baptized Sindor (In reference to the red dust that symbolizes marriage in the Hindu tradition), it was presented by New Delhi as “measure, responsible and non-escalative”, directed exclusively against terrorist groups camps linked to Lashkar-E-Taiba and Jaish-E-Mohammad, both based on Pakistan. However, the scope of the attacks (which for the first time have hit areas outside the disputed region, within the heart of the Punyab Pakistani) represents a dangerous climb that leaves us on a new stage. Pakistan denounced the action as a “flagrant war act” and promised to respond with a “measure but forceful” retaliation at the time and place of his choice. The immediate tension has been aggravated with reports of fallen aircraft (at least two in Indian territory) and civil victims by fire of Pakistani artillery On the border. Map of states with nuclear weapons in the world The nuclear threat. We already said it at the beginning. This last round of clashes between two nations is not “one more” for one reason: its Nuclear weapons They revive ancient fears. They both possess Developed nuclear arsenals After atomic essays in 1998 that formalized their status as states with this type of weapons. According to Stockholm International Peace Research Institute estimates (SIPRI), India has around 172 nuclear eyelaces, while Pakistan has approximately 170, which makes them two of the nine countries with a nuclear weapons in the world. Different doctrines. The difference is that both maintain different doctrines. India holds one policy of “not first use”although its doctrine allows massive reprisals to a nuclear attack, while Pakistan has not adopted A formal posture of not first use and maintains a “plausible” deterrence strategy, supported by tactical nuclear weapons to counteract Indian conventional superiority. Although neither nations has deployed missiles with eyelets Permanently, both have land, aerial and, in the case of India, maritime launching systems, which constitutes a capacity of second developing attack. Persistent rivalry, border scarves and the current risk of rapid climbing make the situation a new focus of concern on global nuclear safety. Unprecedented from 2gm. The truth is that, if we stick to the definition of war, from World War II There has been no such worrying confrontation Between two nations. The “nuclear” theme changes everything. The closest thing to the current dispute between India and Pakistan and that “as nuclear” was halfway, in the Korea Warwhen direct clashes occurred Between US and Soviet fightersalthough Moscow never officially recognized them at that time. These fights occurred mainly in the called “Callejón de los Mig”near the Yalu River, on the border between North Korea and China. So, Soviet pilots, with MIG-15 aircraft and using North Korean or Chinese badges, they met American fighters, especially F-86 Sabre. Although it remained a secret to avoid open confrontation between both superpowers, subsequent records confirmed that hundreds of Soviet pilots They participated directly In the Air War. That said, it was not technically a war between the two nations, at least not in the terms of the current conflict. A fragile balance. In short, events after The air attack of India mark a very serious intensification of the conflict, with unpredictable consequences If a rapid offalized is not achieved. The activation of air defenses in India, the closure of civil airports in sensitive areas and the reports of victims by cross -border fire indicate that the region is in A critical moment. While India affirms that her operation was precise and surgical, limited to terrorist camps, the fact of bombing areas outside of Kashmir has redraws the limits of the conflict. In the absence of a bilateral mechanism of effective containment and with the international community limited to rhetorical exhortations, the risk of an uncontrolled escalation between two nuclear powers remains very present. Cashmere, … Read more

Your Android mobile will begin to restart only every three days if a condition is met. It’s excellent news

by

Google is deploying a new security function inherited from iOS. The source code I made believe that this characteristic would be exclusive to Android 16but now we know it will be universal. Your Android mobile will restart every three days, automatically, if it remains inactive during that period. A function that a priori may seem lower, but whose impact is much higher than it might seem. What will happen. The new notes of Google system versionrelated to the updates of Google Play services, refer to a new exclusive function for mobile phones. “(Telephone) With this function, your device will restart automatically if it remains blocked for 3 consecutive days.” The explanation cannot be easier: if you do not use your phone for 72h, that will restart automatically. It is something that It has been happening in iOS from version 18and that addresses a main reason. Why will it happen. That your Android will restart every three days if you do not use it is not a whim, it is a security measure. A newly restarted phone is a safer phone. ROMs as Grapheneos They restart the phone every 18h (even if we are using it), and is one of the most recommended practices to protect the mobile. The importance of restarting. Security reports point out that We should never have the mobile on 24/7. Restart the phone eliminates certain processes and data stored in memory. Some of these temporary data are precisely those used by attackers to exploit system vulnerabilities. Restarting the phone is not a magical solution, but one of the best ways to keep the mobile somewhat more protected. In addition, in the case of Android, it is something that can help your useful life. During the week we accumulate apps processes and processes that do not close, and restarting the phone everything returns to its initial state. The face b. It is more than likely to have a secondary mobile. A mobile of work, one that you use as GPS, or any telephone oriented to specific functions. Many of these phones are almost always lit and we may have not restarted months. If this is the case, make sure you know the unlock code and the PIN code of the SIM card, since in each restart you will be required. And if you forget the pinyou just have to use the Puk or contact your operator. If you forget the mobile unlock codeyou are in trouble. Image | Xataka In Xataka | Restart the mobile: how necessary or recommended it is to do it

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.