All articles tagged with #routers
The FCC revised its guidance to push the deadline for firmware updates on foreign-made drones and routers from 2027 to January 1, 2029, citing espionage and data-exfiltration risks (including the Volt Typhoon threat). The extension, influenced by consumer groups, buys time for updates while signaling potential supply-chain shifts as manufacturers localize.
Netgear becomes the first major consumer-router maker to win a conditional exemption from the FCC's foreign-made router ban, covering its Nighthawk and Orbi devices (and cable gateways) through Oct. 1, 2027; Adtran also receives a similar waiver. The FCC did not disclose Netgear's justification or its plan to onshore manufacturing, and the approval process remains opaque. Most new routers will require exemptions, a framework critics say could slow approvals, reduce competition, and delay next-gen Wi‑Fi as supply chains adapt.
The FCC issued conditional approval allowing Netgear to sell and service new consumer routers in the US, effectively creating a temporary de facto monopoly for its Nighthawk and Orbi routers until October 1, 2027, contingent on a plan to bring manufacturing to the US and other conditions as the agency expands its foreign-made router ban.
The FCC has barred the sale of new foreign-made routers in the US, effectively freezing most of the market and risking that devices won’t receive security updates after March 1, 2027. Experts advise delaying new router purchases until the scope of exemptions is clarified; for immediate needs, consider an older budget model and prioritize securing current devices while updates remain possible.
The FCC announced a rule prohibiting new consumer Wi‑Fi routers made outside the US, while existing models may continue to be used or sold and will receive software updates under a waiver; it offers a Conditional Approval exemption process for manufacturers to show how they will shift production to the US, including disclosures about foreign ownership and timelines. The move aims to strengthen cybersecurity and trusted supply chains and could affect vendors like TP-Link, Netgear, and Asus, though exemptions may limit immediate impact.
The Trump administration announced a ban on importing newly manufactured routers from foreign companies, citing national security risks tied to supply-chain vulnerabilities and potential threats from foreign-made equipment.
The FCC announced a rule banning approval of new consumer-grade routers manufactured outside the United States, effectively blocking imports of foreign-made models unless they obtain Conditional Approval that often requires commitments to establish or expand U.S. manufacturing. Existing foreign routers can still be used and sold, but future options could be limited as major brands may shift production domestically. The move, framed as national security-oriented, is expected to face legal challenges and its practical security benefits are debated.
The FCC designated consumer routers manufactured outside the US as a security risk, placing all new foreign-made router models on a Covered List. Existing US-based brands with overseas manufacturing are affected, but already-sold routers can still be used and updated through at least March 1, 2027. Conditional approvals may be granted if companies commit to moving some manufacturing to the US. Legal challenges are likely, and shoppers shouldn’t expect new router models on shelves until the policy is clarified.
The FCC updated its equipment-authorization rules to prohibit the sale of any new consumer Wi‑Fi routers manufactured outside the United States, citing national-security concerns and supply-chain vulnerabilities; existing routers remain usable, and vendors can seek exemptions from DHS or the Pentagon with a plan to move manufacturing to the U.S.
Security researchers uncovered KadNap, a new malware targeting Asus routers and other edge devices that forms a decentralized, Kademlia DHT–based proxy botnet with over 14,000 infected hosts (majority in the U.S.). It uses a shell script downloaded from a C2 at 212.104.141.140 to install persistence, fetch a kad ELF, and join a peer-to-peer network that hides C2 traffic and feeds a Doppelgänger proxy service; the operators tier targets, close SSH (port 22), and collect host time and uptime to build peer hashes for network coordination. The same report also details ClipXDaemon, a memory-only Linux clipboard hijacker that replaces copied cryptocurrency wallet addresses in real time for multiple coins, with no C2 or beaconing and designed to avoid Wayland sessions.
Researchers call AirSnitch a cross‑layer Wi‑Fi attack that undermines client isolation at Layers 1–2, enabling bidirectional man‑in‑the‑middle traffic across guest networks, home, and enterprise setups. The technique can intercept and alter traffic, steal cookies and credentials, and DNS data, potentially even when HTTPS is used. It affects a wide range of devices from major vendors and may require hardware changes; some updates exist, but the recommended defenses include VPNs and moving toward zero‑trust networking. In practice, users should be cautious on unknown public APs and consider tethering via mobile data or trusted VPNs until fixes are widely deployed.
The FBI cautions that end-of-life home routers from the late 2000s to early 2010s—especially certain Linksys models—are vulnerable to malware and can be hijacked to form botnets because they no longer receive security updates. Attacks exploit exposed remote management features, and because the malware runs in the router’s operating system rather than on a PC, detections are difficult; if your router is no longer updated, replace it with a newer model to reduce risk.
The FBI has issued a warning against 13 specific older router models, mainly from Linksys/Cisco, that are vulnerable to malware called TheMoon, which can be exploited to control devices and hide malicious activity. Users with these models should consider replacing them, especially if they haven't received updates, to avoid security risks.
A cyberattack last year disabled over 600,000 internet routers across several Midwest states, with new research identifying the malware as "Chalubo." The attack targeted ActionTec routers, and the affected ISP is believed to be Windstream. The incident was not disclosed at the time, and the exact method of the attack remains unclear. Black Lotus Labs recommends securing management devices and avoiding basic security weaknesses.
Wi-Fi 7 is the latest wireless standard offering incredibly fast connections, currently available in the US, UK, Australia, Japan, and Mexico, with a projected 2.1 billion devices by 2028. The new technology introduces 320MHz channels, Multi-Link Operation, deterministic latency, and 4K QAM, but requires a compatible router, with prices ranging from $300 to over $1,000. While offering impressive performance, the cost of entry and limited availability in some countries are factors to consider.