SpiderLabs, a group of ethical hackers, forensic investigators and security researchers from Trustwave -- a Top 100 MSSP in 2017 -- has released technical details about security vulnerabilities discovered in routers from global computer networking company Netgear.
The security flaws were discovered last year in various Netgear routers, and all of the vulnerabilities have been patched, SpiderLabs said in a prepared statement.
A Closer Look at the Netgear Router Security Flaws
The Netgear router security flaws identified by SpiderLabs included:
- Authentication bypass issues.
- Command injection chained attacks.
- Password recovery and file access issues.
- Post-authentication command injections.
Netgear is aware of the security vulnerabilities that affected some of its routers, the company said. It has released a list of affected routers and recommends end users who may be impacted by the security vulnerabilities download the company's latest firmware updates.
SpiderLabs employs more than 150 security experts, according to Trustwave. It has researched 9 million web application attacks to date and performs more than 2,500 penetration tests each year.
Meanwhile, Netgear provides Ethernet, powerline, wireless and other networking products. Netgear products are sold in approximately 30,000 retail locations via 25,000 value-added resellers (VARs) and cable, mobile and wireline service providers.
Trustwave Eyes Global Expansion
Trustwave is a Top 100 MSSP that provides compliance, threat and vulnerability management services. The MSSP helps organizations combat cybercrime, protect data and reduce security risk and continues to explore ways to expand its global reach.
Trustwave last week announced the addition of Canadian voice, data and media services company Uniserve Communications to its global channel partner program. Now, Uniserve provides Trustwave's managed security services to its customers across Canada.
Furthermore, Trustwave in December launched services designed to help businesses comply with the EU General Data Protection Regulation (GDPR). These services included:
- Data Protection Impact Assessment: Helps companies evaluate ongoing GDPR compliance.
- GDPR Privacy and Information Security Risk Assessment: Enables a business to assess how well it is addressing GDPR in terms of personal data and sensitive personal data paths and how data is collected, processed, protected and housed internally and externally.
- GDPR Workshop: Provides insights into the scope of GDPR and its requirements.
Trustwave today has customers in 96 countries. The MSSP also offers cloud and managed security services that protect more than 3 million businesses and help companies manage their information security and compliance programs.
