Change Your Linksys Smart Wi-Fi Password Now

Linksys Smart Wi-Fi customers are being asked to change their passwords after hackers hijacked some accounts and changed router settings to direct users to malware sites.

The company decided to lock accounts and prompt a password reset because it couldn’t detect which accounts were hacked and which were not, and decided to act on all.

“Linksys is doing everything we can to make it tougher for the bad guys. But there are no guarantees,” Linksys said.

Russia Implicated in BGP Hijacking Incident This Week

Russian telecom company Rostelecom is implicated in a BGP hijacking incident which rerouted network traffic from Akamai, Amazon, Facebook, Google, and others.

BGP stands for the Border Gateway Protocol and is the de-facto system used to route internet traffic between internet networks across the globe…

BGPMon founder Andree Toonk is giving the Russian telco the benefit of the doubt. On Twitter, Toont said he believes the “hijack” happened after an internal Rostelecom traffic shaping system might have accidentally exposed the incorrect BGP routes on the public internet, rather than Rostelecom’s internal network…

But, as many internet experts have also pointed out in the past, it is possible to make an intentional BGP hijack appear as an accident, and nobody could tell the difference.

WireGuard VPN Gets Added to the Next Linux Kernel

I briefly mentioned WireGuard when I wrote of Cloudflare’s WARP beta. I think it’s something to add to your technology watch lists. It’s just not any old VPN app, it’s a VPN protocol that could very well replace current protocols like IPsec and OpenVPN, or at least be offered as an alternative. You can read the technical whitepaper here [PDF], along with this write up from Ars Technica.

WireGuard will now operate as either a Loadable Kernel Module (LKM) or built statically into the kernel itself. But whether static or loadable, it will be “in-tree”—which means it’s provided ready to go with the vanilla kernel itself, with no need for repackaging by the various distros. This puts it on the same footing as other supported drivers.

New Zoom Bug Can Be Used to Steal Passwords, Access Your Webcam, Microphone

Security researcher Patrick Wardle disclosed two Zoom bugs today. They can be used to steal Windows passwords and access your webcam and microphone. They do however require physical access to the machine.

In this blog post, we’ll start by briefly looking at recent security and privacy flaws that affected Zoom. Following this, we’ll transition into discussing several new security issues that affect the latest version of Zoom’s macOS client.

At this point, Zoom should just rewrite its software completely.