Signatures and mitigation steps...
Coverage of this thing is generally horrible.
How can you actually detect if your device has been compromised?
How do you mitigate the attack?
What are the specific attack vectors?
Three pieces of information that would be good to have in an article of this nature.
MY router isn't on the vulnerable list...but so what? A lot of routers that weren't on the first list now are listed as vulnerabe. There is no reason to trust that new list is comprehensive.
For my fellow commentards - patting yourself on the back because you adopted some other router brand/platform/homefgrown kludge isn't at all helpful if there is no information given on how to detect a compromised device.
Logged into my (ASUS, but not the listed as vulnerable model) router , found the router telling me "the fiirmware update failed"...and I hadn't triggered an update. Additionally, Username and password have both been changed from the defaults per every best practice ever. So, Whiskey Tango Foxtrot??
Biting the hand that feeds IT
