You spend time securing your workplace networks and keeping devices patched, but does the same thing happen for everyone who works from home? Reports of a new range of vulnerabilities in popular routers is a reminder that maintaining security in a flexible workplace can be difficult.
Router picture from Shutterstock
Paul Ducklin at Naked Security notes that a new vulnerability in Sercomm firmware makes it possible to gain administrator-level access to those devices, even if you don't know the password. Sercomm manufactures routers for a variety of big-name brands, including Belkin, Linksys and Netgear. There's a list of affected devices assembled by Eloi Vanderbeken, who discovered the bug.
The issue can be avoided by using an alternative firmware such as DD-WRT. Realistically, though, many home users aren't going to do that. From an IT management perspective, the lesson is to ensure that appropriate levels of security are used when workers access resources from home, including VPNs and decent password management strategies.